shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
13,650 Commits 1,133 Branches 344 Tags
443bc1a33859bccebc9b8699428fb747b10ca4c7
Commit Graph

471 Commits

Author SHA1 Message Date
Seth Shelnutt 315e800cb2 fix: upgrade Go toolchain from 1.25.9 to 1.25.10 (#25228) 
Go 1.25.10 (released 2026-05-07) includes 11 security fixes for CVEs
affecting the go command, pack tool, html/template, net, net/http,
net/http/httputil, net/mail, and syscall packages.

Fixes IronBank v2.32.x Go stdlib CVE exposure by upgrading from Go
1.25.9 to 1.25.10.

Reference: https://groups.google.com/g/golang-dev/c/h6eZjndBMqQ

### Changed files
- `go.mod`: `go 1.25.9` to `go 1.25.10`
- `dogfood/coder/Dockerfile`: `GO_VERSION` and `GO_CHECKSUM`
- `.github/actions/setup-go/action.yaml`: default version

> Generated by Coder Agents
 2026-05-13 07:55:14 -04:00
Lukasz 2625056e71 fix: backport Go 1.25.9 and dependency fixes (#24330) 
## Summary
- backport `go-getter` 1.8.6 and its indirect dependency updates to
`release/2.32`
- backport the Go toolchain bump to 1.25.9
- include the latest local backport commits on
`sec/release-2.32-security`

## Testing
- not run
 2026-04-14 10:14:52 -04:00
dependabot[bot] 99da498679 chore: bump rust from 1d0000a to a08d20a in /dogfood/coder (#24083) 
Bumps rust from `1d0000a` to `a08d20a`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rust&package-manager=docker&previous-version=slim&new-version=slim)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-07 11:10:47 +00:00
dependabot[bot] a20b817c28 chore: bump ubuntu from 5e5b128 to eb29ed2 in /dogfood/coder (#24082) 
Bumps ubuntu from `5e5b128` to `eb29ed2`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ubuntu&package-manager=docker&previous-version=jammy&new-version=jammy)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-07 11:10:33 +00:00
dependabot[bot] 5000f15021 chore: bump the coder-modules group across 2 directories with 1 update (#24061) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-07 00:36:48 +00:00
dependabot[bot] 44be5a0d1e chore: update kreuzwerker/docker requirement from ~> 3.6 to ~> 4.0 in /dogfood/coder (#24062) 
Updates the requirements on
[kreuzwerker/docker](https://github.com/kreuzwerker/terraform-provider-docker)
to permit the latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/kreuzwerker/terraform-provider-docker/releases">kreuzwerker/docker's
releases</a>.</em></p>
<blockquote>
<h1>v4.0.0</h1>
<p><strong>Please read <a
href="https://github.com/kreuzwerker/terraform-provider-docker/blob/master/docs/v3_v4_migration.md">https://github.com/kreuzwerker/terraform-provider-docker/blob/master/docs/v3_v4_migration.md</a></strong></p>
<p>This is a major release with potential breaking changes. For most
users, however, no changes to terraform code are needed.</p>
<h2>What's Changed</h2>
<h3>New Features</h3>
<ul>
<li>feat: Add muxing to introduce new plugin framework by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/838">kreuzwerker/terraform-provider-docker#838</a></li>
<li>Feature: Multiple enhancements by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/854">kreuzwerker/terraform-provider-docker#854</a></li>
<li>Feat: Make buildx builder default by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/855">kreuzwerker/terraform-provider-docker#855</a></li>
<li>Feature: Add new docker container attributes by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/857">kreuzwerker/terraform-provider-docker#857</a></li>
<li>feat: add selinux_relabel attribute to docker_container volumes by
<a href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/883">kreuzwerker/terraform-provider-docker#883</a></li>
<li>feat: Add CDI device support by <a
href="https://github.com/jdon"><code>@​jdon</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/762">kreuzwerker/terraform-provider-docker#762</a></li>
<li>feat: Implement proper parsing of GPU device requests when using
gpus… by <a href="https://github.com/Junkern"><code>@​Junkern</code></a>
in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/881">kreuzwerker/terraform-provider-docker#881</a></li>
</ul>
<h3>Fixes</h3>
<ul>
<li>fix(deps): update module golang.org/x/sync to v0.19.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/828">kreuzwerker/terraform-provider-docker#828</a></li>
<li>fix(deps): update module github.com/hashicorp/terraform-plugin-log
to v0.10.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/823">kreuzwerker/terraform-provider-docker#823</a></li>
<li>fix(deps): update module github.com/morikuni/aec to v1.1.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/829">kreuzwerker/terraform-provider-docker#829</a></li>
<li>fix(deps): update module google.golang.org/protobuf to v1.36.11 by
<a href="https://github.com/renovate"><code>@​renovate</code></a>[bot]
in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/830">kreuzwerker/terraform-provider-docker#830</a></li>
<li>fix(deps): update module github.com/sirupsen/logrus to v1.9.4 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/836">kreuzwerker/terraform-provider-docker#836</a></li>
<li>chore: Add deprecation for docker_service.networks_advanced.name by
<a href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/837">kreuzwerker/terraform-provider-docker#837</a></li>
<li>fix: Refactor docker container state handling to properly restart
whe… by <a href="https://github.com/Junkern"><code>@​Junkern</code></a>
in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/841">kreuzwerker/terraform-provider-docker#841</a></li>
<li>fix: docker container stopped ports by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/842">kreuzwerker/terraform-provider-docker#842</a></li>
<li>fix: correctly set docker_container devices by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/843">kreuzwerker/terraform-provider-docker#843</a></li>
<li>fix(deps): update module github.com/katbyte/terrafmt to v0.5.6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/844">kreuzwerker/terraform-provider-docker#844</a></li>
<li>fix(deps): update module
github.com/hashicorp/terraform-plugin-sdk/v2 to v2.38.2 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/847">kreuzwerker/terraform-provider-docker#847</a></li>
<li>fix: Use DOCKER_CONFIG env same way as with docker cli by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/849">kreuzwerker/terraform-provider-docker#849</a></li>
<li>Fix: calculation of Dockerfile path in docker_image build by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/853">kreuzwerker/terraform-provider-docker#853</a></li>
<li>chore(deps): update actions/checkout action to v6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/825">kreuzwerker/terraform-provider-docker#825</a></li>
<li>chore(deps): update hashicorp/setup-terraform action to v4 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/860">kreuzwerker/terraform-provider-docker#860</a></li>
<li>fix(deps): update module github.com/hashicorp/terraform-plugin-go to
v0.30.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/861">kreuzwerker/terraform-provider-docker#861</a></li>
<li>fix(deps): update module
github.com/hashicorp/terraform-plugin-framework to v1.18.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/862">kreuzwerker/terraform-provider-docker#862</a></li>
<li>fix(deps): update module github.com/hashicorp/terraform-plugin-mux
to v0.22.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/863">kreuzwerker/terraform-provider-docker#863</a></li>
<li>fix(deps): update module
github.com/hashicorp/terraform-plugin-sdk/v2 to v2.39.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/864">kreuzwerker/terraform-provider-docker#864</a></li>
<li>chore(deps): update docker/setup-docker-action action to v5 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/866">kreuzwerker/terraform-provider-docker#866</a></li>
<li>chore(deps): update dependency golangci/golangci-lint to v2.10.1 by
<a href="https://github.com/renovate"><code>@​renovate</code></a>[bot]
in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/869">kreuzwerker/terraform-provider-docker#869</a></li>
<li>fix(deps): update module golang.org/x/sync to v0.20.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/872">kreuzwerker/terraform-provider-docker#872</a></li>
<li>Prevent <code>docker_registry_image</code> panic on registries
returning nil body without digest header by <a
href="https://github.com/Copilot"><code>@​Copilot</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/880">kreuzwerker/terraform-provider-docker#880</a></li>
<li>fix: Handle size_bytes in tmpfs_options in docker_service by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/882">kreuzwerker/terraform-provider-docker#882</a></li>
<li>chore(deps): update dependency golangci/golangci-lint to v2.11.4 by
<a href="https://github.com/renovate"><code>@​renovate</code></a>[bot]
in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/871">kreuzwerker/terraform-provider-docker#871</a></li>
<li>fix: tests for healthcheck is not required for docker container
resource by <a
href="https://github.com/vnghia"><code>@​vnghia</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/834">kreuzwerker/terraform-provider-docker#834</a></li>
<li>chore: Prepare 4.0.0 release by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/884">kreuzwerker/terraform-provider-docker#884</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/kreuzwerker/terraform-provider-docker/blob/master/CHANGELOG.md">kreuzwerker/docker's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/kreuzwerker/terraform-provider-docker/compare/v3.9.0...v4.0.0">v4.0.0</a>
(2026-04-03)</h2>
<h3>Chore</h3>
<ul>
<li>Add deprecation for docker_service.networks_advanced.name (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/837">#837</a>)</li>
</ul>
<h3>Feat</h3>
<ul>
<li>add selinux_relabel attribute to docker_container volumes (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/883">#883</a>)</li>
<li>Implement proper parsing of GPU device requests when using gpus… (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/881">#881</a>)</li>
<li>Add CDI device support (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/762">#762</a>)</li>
<li>Add muxing to introduce new plugin framework (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/838">#838</a>)</li>
</ul>
<h3>Feat</h3>
<ul>
<li>Make buildx builder default (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/855">#855</a>)</li>
</ul>
<h3>Feature</h3>
<ul>
<li>Add new docker container attributes (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/857">#857</a>)</li>
<li>Multiple enhancements (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/854">#854</a>)</li>
</ul>
<h3>Fix</h3>
<ul>
<li>tests for healthcheck is not required for docker container resource
(<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/834">#834</a>)</li>
<li>Handle size_bytes in tmpfs_options in docker_service (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/882">#882</a>)</li>
<li>Use DOCKER_CONFIG env same way as with docker cli (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/849">#849</a>)</li>
<li>correctly set docker_container devices (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/843">#843</a>)</li>
<li>docker container stopped ports (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/842">#842</a>)</li>
<li>Refactor docker container state handling to properly restart when
exited (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/841">#841</a>)</li>
</ul>
<h3>Fix</h3>
<ul>
<li>calculation of Dockerfile path in docker_image build (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/853">#853</a>)</li>
</ul>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --></p>
<h2><a
href="https://github.com/kreuzwerker/terraform-provider-docker/compare/v3.8.0...v3.9.0">v3.9.0</a>
(2025-11-09)</h2>
<h3>Chore</h3>
<ul>
<li>Prepare release v3.9.0 (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/821">#821</a>)</li>
<li>Add file requested by hashicorp (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/813">#813</a>)</li>
<li>Prepare release v3.8.0 (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/806">#806</a>)</li>
</ul>
<h3>Feat</h3>
<ul>
<li>Implement caching of docker provider (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/808">#808</a>)</li>
</ul>
<h3>Fix</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/b7296b7ec5af2f1c7516077d7056d563a1da774e"><code>b7296b7</code></a>
chore: Prepare 4.0.0 release (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/884">#884</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/b25e44ac7b3ede532d307fc6abe6daf39c7d6d56"><code>b25e44a</code></a>
feat: add selinux_relabel attribute to docker_container volumes (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/883">#883</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/83b9e13b64fb78923ef88a8baeeece4611f61930"><code>83b9e13</code></a>
fix: tests for healthcheck is not required for docker container resource
(<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/834">#834</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/5f4cbc5673699b01c31801ba6154e9f1243a6af0"><code>5f4cbc5</code></a>
chore(deps): update dependency golangci/golangci-lint to v2.11.4 (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/871">#871</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/83a89ad5a139bb9bffe11cef3b14b98f28109b36"><code>83a89ad</code></a>
fix: Handle size_bytes in tmpfs_options in docker_service (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/882">#882</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/57d8be485145db54678b2773d38f1dd7c9927cda"><code>57d8be4</code></a>
feat: Implement proper parsing of GPU device requests when using gpus…
(<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/881">#881</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/e63d18d450f11e3293fa14b52cb20ee3f11b2cba"><code>e63d18d</code></a>
Prevent <code>docker_registry_image</code> panic on registries returning
nil body withou...</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/8bac991400ae971425d61be5c6e442a1b3f8515c"><code>8bac991</code></a>
feat: Add CDI device support (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/762">#762</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/5c3c660fb54e52ccfd82b76ceb685bc82aed7885"><code>5c3c660</code></a>
fix(deps): update module golang.org/x/sync to v0.20.0 (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/872">#872</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/75cba1d6ef1b76777443035f0f96c19b5c974553"><code>75cba1d</code></a>
chore(deps): update dependency golangci/golangci-lint to v2.10.1 (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/869">#869</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/kreuzwerker/terraform-provider-docker/compare/v3.6.0...v4.0.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-07 00:29:03 +00:00
dependabot[bot] 3ca2aae9ca chore: update kreuzwerker/docker requirement from ~> 3.0 to ~> 4.0 in /dogfood/coder-envbuilder (#24063) 
Updates the requirements on
[kreuzwerker/docker](https://github.com/kreuzwerker/terraform-provider-docker)
to permit the latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/kreuzwerker/terraform-provider-docker/releases">kreuzwerker/docker's
releases</a>.</em></p>
<blockquote>
<h1>v4.0.0</h1>
<p><strong>Please read <a
href="https://github.com/kreuzwerker/terraform-provider-docker/blob/master/docs/v3_v4_migration.md">https://github.com/kreuzwerker/terraform-provider-docker/blob/master/docs/v3_v4_migration.md</a></strong></p>
<p>This is a major release with potential breaking changes. For most
users, however, no changes to terraform code are needed.</p>
<h2>What's Changed</h2>
<h3>New Features</h3>
<ul>
<li>feat: Add muxing to introduce new plugin framework by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/838">kreuzwerker/terraform-provider-docker#838</a></li>
<li>Feature: Multiple enhancements by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/854">kreuzwerker/terraform-provider-docker#854</a></li>
<li>Feat: Make buildx builder default by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/855">kreuzwerker/terraform-provider-docker#855</a></li>
<li>Feature: Add new docker container attributes by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/857">kreuzwerker/terraform-provider-docker#857</a></li>
<li>feat: add selinux_relabel attribute to docker_container volumes by
<a href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/883">kreuzwerker/terraform-provider-docker#883</a></li>
<li>feat: Add CDI device support by <a
href="https://github.com/jdon"><code>@​jdon</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/762">kreuzwerker/terraform-provider-docker#762</a></li>
<li>feat: Implement proper parsing of GPU device requests when using
gpus… by <a href="https://github.com/Junkern"><code>@​Junkern</code></a>
in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/881">kreuzwerker/terraform-provider-docker#881</a></li>
</ul>
<h3>Fixes</h3>
<ul>
<li>fix(deps): update module golang.org/x/sync to v0.19.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/828">kreuzwerker/terraform-provider-docker#828</a></li>
<li>fix(deps): update module github.com/hashicorp/terraform-plugin-log
to v0.10.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/823">kreuzwerker/terraform-provider-docker#823</a></li>
<li>fix(deps): update module github.com/morikuni/aec to v1.1.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/829">kreuzwerker/terraform-provider-docker#829</a></li>
<li>fix(deps): update module google.golang.org/protobuf to v1.36.11 by
<a href="https://github.com/renovate"><code>@​renovate</code></a>[bot]
in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/830">kreuzwerker/terraform-provider-docker#830</a></li>
<li>fix(deps): update module github.com/sirupsen/logrus to v1.9.4 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/836">kreuzwerker/terraform-provider-docker#836</a></li>
<li>chore: Add deprecation for docker_service.networks_advanced.name by
<a href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/837">kreuzwerker/terraform-provider-docker#837</a></li>
<li>fix: Refactor docker container state handling to properly restart
whe… by <a href="https://github.com/Junkern"><code>@​Junkern</code></a>
in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/841">kreuzwerker/terraform-provider-docker#841</a></li>
<li>fix: docker container stopped ports by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/842">kreuzwerker/terraform-provider-docker#842</a></li>
<li>fix: correctly set docker_container devices by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/843">kreuzwerker/terraform-provider-docker#843</a></li>
<li>fix(deps): update module github.com/katbyte/terrafmt to v0.5.6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/844">kreuzwerker/terraform-provider-docker#844</a></li>
<li>fix(deps): update module
github.com/hashicorp/terraform-plugin-sdk/v2 to v2.38.2 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/847">kreuzwerker/terraform-provider-docker#847</a></li>
<li>fix: Use DOCKER_CONFIG env same way as with docker cli by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/849">kreuzwerker/terraform-provider-docker#849</a></li>
<li>Fix: calculation of Dockerfile path in docker_image build by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/853">kreuzwerker/terraform-provider-docker#853</a></li>
<li>chore(deps): update actions/checkout action to v6 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/825">kreuzwerker/terraform-provider-docker#825</a></li>
<li>chore(deps): update hashicorp/setup-terraform action to v4 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/860">kreuzwerker/terraform-provider-docker#860</a></li>
<li>fix(deps): update module github.com/hashicorp/terraform-plugin-go to
v0.30.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/861">kreuzwerker/terraform-provider-docker#861</a></li>
<li>fix(deps): update module
github.com/hashicorp/terraform-plugin-framework to v1.18.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/862">kreuzwerker/terraform-provider-docker#862</a></li>
<li>fix(deps): update module github.com/hashicorp/terraform-plugin-mux
to v0.22.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/863">kreuzwerker/terraform-provider-docker#863</a></li>
<li>fix(deps): update module
github.com/hashicorp/terraform-plugin-sdk/v2 to v2.39.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/864">kreuzwerker/terraform-provider-docker#864</a></li>
<li>chore(deps): update docker/setup-docker-action action to v5 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/866">kreuzwerker/terraform-provider-docker#866</a></li>
<li>chore(deps): update dependency golangci/golangci-lint to v2.10.1 by
<a href="https://github.com/renovate"><code>@​renovate</code></a>[bot]
in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/869">kreuzwerker/terraform-provider-docker#869</a></li>
<li>fix(deps): update module golang.org/x/sync to v0.20.0 by <a
href="https://github.com/renovate"><code>@​renovate</code></a>[bot] in
<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/872">kreuzwerker/terraform-provider-docker#872</a></li>
<li>Prevent <code>docker_registry_image</code> panic on registries
returning nil body without digest header by <a
href="https://github.com/Copilot"><code>@​Copilot</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/880">kreuzwerker/terraform-provider-docker#880</a></li>
<li>fix: Handle size_bytes in tmpfs_options in docker_service by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/882">kreuzwerker/terraform-provider-docker#882</a></li>
<li>chore(deps): update dependency golangci/golangci-lint to v2.11.4 by
<a href="https://github.com/renovate"><code>@​renovate</code></a>[bot]
in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/871">kreuzwerker/terraform-provider-docker#871</a></li>
<li>fix: tests for healthcheck is not required for docker container
resource by <a
href="https://github.com/vnghia"><code>@​vnghia</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/834">kreuzwerker/terraform-provider-docker#834</a></li>
<li>chore: Prepare 4.0.0 release by <a
href="https://github.com/Junkern"><code>@​Junkern</code></a> in <a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/pull/884">kreuzwerker/terraform-provider-docker#884</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/kreuzwerker/terraform-provider-docker/blob/master/CHANGELOG.md">kreuzwerker/docker's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/kreuzwerker/terraform-provider-docker/compare/v3.9.0...v4.0.0">v4.0.0</a>
(2026-04-03)</h2>
<h3>Chore</h3>
<ul>
<li>Add deprecation for docker_service.networks_advanced.name (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/837">#837</a>)</li>
</ul>
<h3>Feat</h3>
<ul>
<li>add selinux_relabel attribute to docker_container volumes (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/883">#883</a>)</li>
<li>Implement proper parsing of GPU device requests when using gpus… (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/881">#881</a>)</li>
<li>Add CDI device support (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/762">#762</a>)</li>
<li>Add muxing to introduce new plugin framework (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/838">#838</a>)</li>
</ul>
<h3>Feat</h3>
<ul>
<li>Make buildx builder default (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/855">#855</a>)</li>
</ul>
<h3>Feature</h3>
<ul>
<li>Add new docker container attributes (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/857">#857</a>)</li>
<li>Multiple enhancements (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/854">#854</a>)</li>
</ul>
<h3>Fix</h3>
<ul>
<li>tests for healthcheck is not required for docker container resource
(<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/834">#834</a>)</li>
<li>Handle size_bytes in tmpfs_options in docker_service (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/882">#882</a>)</li>
<li>Use DOCKER_CONFIG env same way as with docker cli (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/849">#849</a>)</li>
<li>correctly set docker_container devices (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/843">#843</a>)</li>
<li>docker container stopped ports (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/842">#842</a>)</li>
<li>Refactor docker container state handling to properly restart when
exited (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/841">#841</a>)</li>
</ul>
<h3>Fix</h3>
<ul>
<li>calculation of Dockerfile path in docker_image build (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/853">#853</a>)</li>
</ul>
<p><!-- raw HTML omitted --><!-- raw HTML omitted --></p>
<h2><a
href="https://github.com/kreuzwerker/terraform-provider-docker/compare/v3.8.0...v3.9.0">v3.9.0</a>
(2025-11-09)</h2>
<h3>Chore</h3>
<ul>
<li>Prepare release v3.9.0 (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/821">#821</a>)</li>
<li>Add file requested by hashicorp (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/813">#813</a>)</li>
<li>Prepare release v3.8.0 (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/806">#806</a>)</li>
</ul>
<h3>Feat</h3>
<ul>
<li>Implement caching of docker provider (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/808">#808</a>)</li>
</ul>
<h3>Fix</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/b7296b7ec5af2f1c7516077d7056d563a1da774e"><code>b7296b7</code></a>
chore: Prepare 4.0.0 release (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/884">#884</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/b25e44ac7b3ede532d307fc6abe6daf39c7d6d56"><code>b25e44a</code></a>
feat: add selinux_relabel attribute to docker_container volumes (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/883">#883</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/83b9e13b64fb78923ef88a8baeeece4611f61930"><code>83b9e13</code></a>
fix: tests for healthcheck is not required for docker container resource
(<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/834">#834</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/5f4cbc5673699b01c31801ba6154e9f1243a6af0"><code>5f4cbc5</code></a>
chore(deps): update dependency golangci/golangci-lint to v2.11.4 (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/871">#871</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/83a89ad5a139bb9bffe11cef3b14b98f28109b36"><code>83a89ad</code></a>
fix: Handle size_bytes in tmpfs_options in docker_service (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/882">#882</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/57d8be485145db54678b2773d38f1dd7c9927cda"><code>57d8be4</code></a>
feat: Implement proper parsing of GPU device requests when using gpus…
(<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/881">#881</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/e63d18d450f11e3293fa14b52cb20ee3f11b2cba"><code>e63d18d</code></a>
Prevent <code>docker_registry_image</code> panic on registries returning
nil body withou...</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/8bac991400ae971425d61be5c6e442a1b3f8515c"><code>8bac991</code></a>
feat: Add CDI device support (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/762">#762</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/5c3c660fb54e52ccfd82b76ceb685bc82aed7885"><code>5c3c660</code></a>
fix(deps): update module golang.org/x/sync to v0.20.0 (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/872">#872</a>)</li>
<li><a
href="https://github.com/kreuzwerker/terraform-provider-docker/commit/75cba1d6ef1b76777443035f0f96c19b5c974553"><code>75cba1d</code></a>
chore(deps): update dependency golangci/golangci-lint to v2.10.1 (<a
href="https://redirect.github.com/kreuzwerker/terraform-provider-docker/issues/869">#869</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/kreuzwerker/terraform-provider-docker/compare/v3.0.0...v4.0.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-07 00:28:48 +00:00
dependabot[bot] eb4860aac3 chore: bump the coder-modules group across 2 directories with 2 updates (#23955) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-02 07:54:01 +00:00
dependabot[bot] 07fbe8ca7d chore: bump ubuntu from ce4a593 to 5e5b128 in /dogfood/coder (#23954) 
Bumps ubuntu from `ce4a593` to `5e5b128`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ubuntu&package-manager=docker&previous-version=jammy&new-version=jammy)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-02 07:53:42 +00:00
Lukasz acd2ff63a7 chore: bump Go toolchain to 1.25.8 (#23772) 
Bump the repository Go toolchain from 1.25.7 to 1.25.8.

Updates `go.mod`, the shared `setup-go` action default, and the dogfood
image checksum so local, CI, and dogfood builds stay aligned.
 2026-03-31 14:04:58 +02:00
dependabot[bot] 9f51c44772 chore: bump rust from f7bf1c2 to 1d0000a in /dogfood/coder (#23787) 
Bumps rust from `f7bf1c2` to `1d0000a`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rust&package-manager=docker&previous-version=slim&new-version=slim)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-30 11:47:12 +00:00
dependabot[bot] 4bf46c4435 chore: bump the coder-modules group across 2 directories with 1 update (#23757) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-30 00:37:51 +00:00
Ethan 411714cd73 fix(dogfood/coder): tolerate stale gh auth state (#23588) 
## Problem

The dogfood startup script uses `gh auth status` to decide whether to
re-authenticate the GitHub CLI. That command exits non-zero when **any**
stored credential is invalid—even if Coder external auth already injects
a working `GITHUB_TOKEN` into the environment and `gh` commands work
fine.

On workspaces with a persistent home volume, `~/.config/gh/hosts.yml`
retains OAuth tokens written by previous `gh auth login --with-token`
calls. These tokens are issued by Coder's external auth integration and
can be rotated or revoked between workspace starts, but the copy in
`hosts.yml` persists on the volume. When the stored token goes stale,
`gh auth status` reports two accounts:

```
✓ Logged in to github.com account user (GITHUB_TOKEN)           ← works fine
✗ Failed to log in to github.com account user (hosts.yml)       ← stale token
```

It exits 1 because of the stale entry, even though `gh` API calls
succeed via `GITHUB_TOKEN`. This makes the auth state **indeterminate**
from `gh auth status` alone—you can't tell whether `gh` actually works
or not.

When the script enters the login branch:

1. `gh auth login --with-token` **refuses** to accept piped input when
`GITHUB_TOKEN` is already set in the environment, and exits 1.
2. `set -e` kills the script before it reaches `sudo service docker
start`.

The result: Docker never starts, devcontainer health checks fail, and
the workspace reports a startup error—all because of a stale GitHub CLI
credential that has no bearing on workspace functionality.

## Fix

- Switch the auth guard from `gh auth status` to `gh api user --jq
.login`, which tests whether GitHub API access actually works regardless
of which credential provides it.
- Wrap the fallback `gh auth login` so a failure logs the indeterminate
state but does not abort the script.
 2026-03-26 17:25:42 +11:00
Cian Johnston 3b268c95d3 chore(dogfood): evict 22 freeloading tools from the Dockerfile (#23378) 
Removes unused tools from dogfood Dockerfile:
- Go tools `moq`, `go-swagger`, `goreleaser`, `goveralls`, `kind`,
`helm-docs`, `gcr-cleaner-cli`
- curl-installed `cloud_sql_proxy`, `dive`, `docker-credential-gcr`, `grype`,
`kube-linter`, `stripe` CLI, `terragrunt`, `yq` v3, GoLand 2021.2 , ANTLR v4 jar
- apt packages `cmake`, `google-cloud-sdk-datastore-emulator`, `graphviz`, `packer`

> 🤖 This PR was created with the help of Coder Agents, and was reviewed by my human. 🧑‍💻
 2026-03-23 18:25:58 +00:00
dependabot[bot] b73983e309 chore: bump ubuntu from 3ba65aa to ce4a593 in /dogfood/coder (#23434) 
Bumps ubuntu from `3ba65aa` to `ce4a593`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ubuntu&package-manager=docker&previous-version=jammy&new-version=jammy)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 11:23:30 +00:00
dependabot[bot] c11cc0ba30 chore: bump rust from 7d37016 to f7bf1c2 in /dogfood/coder (#23433) 
Bumps rust from `7d37016` to `f7bf1c2`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rust&package-manager=docker&previous-version=slim&new-version=slim)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 11:23:14 +00:00
dependabot[bot] 3729ff46fb chore: bump the coder-modules group across 2 directories with 1 update (#23413) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-23 00:28:19 +00:00
Cian Johnston 4c9041b270 chore: evict trivy from the dogfood Dockerfile (#23367) 
- Remove `TRIVY_VERSION` ARG and trivy CLI install block from
`dogfood/coder/Dockerfile`
- The `trivy` job in `.github/workflows/security.yaml` is kept — it uses
`aquasecurity/trivy-action` pinned to a known-good commit

> 🤖 This PR was created with the help of Coder Agents, and was reviewed
by my human. 🧑‍💻
 2026-03-20 14:52:11 +00:00
blinkagent[bot] f395e2e9c2 chore(dogfood): add gh CLI wrapper for automatic auth via coder external-auth (#23234) 
- Adds a wrapper script at `/usr/local/bin/gh` in the dogfood image that
ensures the GitHub CLI stays authenticated even when tokens expire
during long-running workspace sessions.

Requested by @johnstcn, based on suggestion from @kylecarbs.

Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
 2026-03-18 18:35:54 +00:00
Hugo Dutka 0d0c6c956d fix(dogfood): chrome desktop icons with compatibility flags (#23209) 
Our dogfood image already included chrome. Since we run dogfood
workspaces in Docker, chrome requires some compatibility flags to run
properly. If you launch chrome without them, some webpages crash and
fail to load.

The newest release of https://github.com/coder/portabledesktop added an
icon dock. This PR edits the chrome `.desktop` files so when you open
chrome from the dock it runs with the correct flags.


https://github.com/user-attachments/assets/7bf880e1-22a4-4faa-8f7f-394863c6b127
 2026-03-18 13:36:16 +01:00
Mathias Fredriksson 563c00fb2c fix(dogfood/coder): suppress du stderr in docker usage metadata (#23200) 
Transient 'No such file or directory' errors from disappearing
overlay2 layers during container operations pollute the displayed
metadata value. Redirect stderr to /dev/null.
 2026-03-18 10:54:13 +02:00
Hugo Dutka b7e0f42591 feat(dogfood): add the portabledesktop module (#23165) 2026-03-17 13:56:27 +00:00
dependabot[bot] 9a6356513b chore: bump rust from d6782f2 to 7d37016 in /dogfood/coder (#23103) 
Bumps rust from `d6782f2` to `7d37016`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rust&package-manager=docker&previous-version=slim&new-version=slim)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-16 11:27:33 +00:00
dependabot[bot] 9c2f217ca2 chore: bump the coder-modules group across 3 directories with 2 updates (#23091) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-16 00:37:06 +00:00
Michael Suchacz f6976fd6c1 chore(dogfood): bump mux to 1.4.3 (#23039) 
## Summary
- bump the dogfood Mux module to 1.4.3
- enable the new restart logic and allow up to 10 restart attempts

## Testing
- terraform fmt -check -diff dogfood/coder/main.tf
- git diff --check -- dogfood/coder/main.tf
- terraform -chdir=dogfood/coder validate
 2026-03-14 06:46:44 +01:00
Kyle Carberry b492c42624 chore(dogfood): add Google Chrome to dogfood image (#23063) 
Install Google Chrome stable directly from `dl.google.com`. Ubuntu 22.04
ships `chromium-browser` as a snap-only package, which does not work in
Docker containers.

```dockerfile
RUN wget -q https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb && \\
    apt-get install --yes ./google-chrome-stable_current_amd64.deb && \\
    rm google-chrome-stable_current_amd64.deb
```

Verified in a running dogfood workspace:
```
$ google-chrome --version
Google Chrome 146.0.7680.75
```
 2026-03-13 19:22:58 -04:00
Mathias Fredriksson 836a2112b6 feat(dogfood): clean up named Docker volumes and Go build cache cron (#23026) 
Docker keeps named volumes around, even if they're dangling. During
development users generate a lot of named coder- volumes and the like.
These are now cleaned on shutdown once they are 30 days old.

For long running workspaces, go build cache also accumulates, so now
we clean these up via cron as well. All cache older than 2 days is wiped
and the cron schedule is based on workspace ID to distribute the load.
 2026-03-13 15:02:01 +02:00
Ethan fd6346265c fix(dogfood): remove subdomain from coder_app with command (#22990) 
The `coder_app` resource no longer supports having both `command` and
`subdomain` set simultaneously. This removes `subdomain = true` from the
`develop_sh` app in dogfood, which uses `command`.

This was the only `coder_app` in the repo with both fields set.
 2026-03-12 13:15:01 +00:00
Michael Suchacz f5e5bd2d64 chore(dogfood): bump mux to 1.4.0 (#22899) 
## Summary
- bump the dogfood template Mux module from 1.3.1 to 1.4.0

## Validation
- terraform -chdir=dogfood/coder validate
- terraform fmt -check dogfood/coder/main.tf
 2026-03-10 15:54:58 +01:00
dependabot[bot] 02b1951aac chore: bump rust from c0a38f5 to d6782f2 in /dogfood/coder (#22832) 
Bumps rust from `c0a38f5` to `d6782f2`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rust&package-manager=docker&previous-version=slim&new-version=slim)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-09 11:44:16 +00:00
dependabot[bot] ca873060c6 chore: bump the coder-modules group across 2 directories with 2 updates (#22820) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-09 00:36:45 +00:00
blinkagent[bot] 24c7a09321 chore(dogfood): pin coderd provider to >= 0.0.13 (#22704) 
Pins the `coder/coderd` Terraform provider in `dogfood/main.tf` to `>=
0.0.13`.

Previously there was no version constraint at all. The latest release
[v0.0.13](https://github.com/coder/terraform-provider-coderd/releases/tag/v0.0.13)
includes:
- `workspace_sharing` attribute on `coderd_organization` resource
- `cors_behavior` support on template resource
- Dependency updates (coder/coder SDK bumped to v2.29.2, various
Terraform plugin framework updates)

---------

Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
 2026-03-06 14:49:31 +02:00
Danny Kopping ecf3dccbbc fix: upgrade docker provider to v3.6.2 (#22701) 
Context:
https://github.com/coder/internal/issues/1382#issuecomment-4010773056
Closes: https://github.com/coder/internal/issues/1382

The lock file already references v3.6.2 so it doesn't update when I run
`terraform init -upgrade`.

Signed-off-by: Danny Kopping <danny@coder.com>
 2026-03-06 10:25:58 +00:00
Spike Curtis 56eb57caf4 chore: enable agent socket by default (#22352) 
relates to #21335

Enables the agent socket by default and updates docs to strike references to having to enable it.

The PRs in this stack change the MCP server that Tasks use to update their status to rely on the agent socket, rather than directly dialing Coderd with the agent token.

Default disable was a reasonable default when it was only used for the experimental script ordering features, but now that we want to use it for Tasks, it should be default on.
 2026-03-03 21:23:59 +04:00
Michael Suchacz 2203b259e6 fix(dogfood): upgrade Rust from apt (1.75) to rustup stable (#22458) 
The Ubuntu Jammy `cargo` apt package provides Rust 1.75, which is too
old for transitive dependencies requiring edition 2024 (Rust 1.85+).

**Changes:**
- Replace apt `cargo` with a rustup-based install (stable channel,
minimal profile).
- Override `CARGO_HOME` to `/home/coder/.cargo` after `USER coder` so
cargo registry/cache writes go to the user's home (the rustup-installed
binaries remain on PATH via `/usr/local/cargo/bin`).
- Add `--fail` to all `curl` commands in the tool-download block so HTTP
errors fail fast with clear messages instead of silently piping error
pages into `tar`.
- Bump kube-linter 0.6.3 → 0.8.1 and trivy 0.41.0 → 0.69.2 (old releases
were removed from GitHub, causing persistent 404s).
 2026-03-03 12:11:04 +01:00
dependabot[bot] 80688ec221 chore: bump rust from 7e6fa79 to c0a38f5 in /dogfood/coder (#22484) 
Bumps rust from `7e6fa79` to `c0a38f5`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rust&package-manager=docker&previous-version=slim&new-version=slim)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-02 12:58:42 +00:00
blinkagent[bot] d033487fff fix(dogfood): rename mux module input add-project to add_project (#22459) 
The mux module's input variable was renamed from `add-project` to
`add_project`. This updates the dogfood template to use the new name.

Ref:
https://github.com/coder/registry/blob/main/registry/coder/modules/mux/main.tf
(variable `add_project`)

Co-authored-by: blink-so[bot] <211532188+blink-so[bot]@users.noreply.github.com>
 2026-03-02 00:53:51 +00:00
dependabot[bot] 300f15c98a chore: bump the coder-modules group across 3 directories with 5 updates (#22457) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-02 00:38:13 +00:00
Michael Suchacz 6248520130 chore(dogfood): update Rust from 1.86.0 to 1.93.1 (#22344) 
Update the Rust Docker image in the dogfood template from 1.86.0 to
1.93.1, including the pinned `rust:slim` digest.
 2026-02-27 18:02:40 +01:00
Atif Ali b9fd9bc0ca chore(dogfood): set OPENAI_BASE_URL and OPENAI_API_KEY if aibridge is enabled (#22364) 2026-02-27 16:00:16 +05:00
Michael Suchacz 5194cc8050 chore(dogfood): bump Mux to 1.3.0, use next channel and bun runner (#22357) 
Bump the Mux module in the dogfood template:

- Version: 1.1.0 → 1.3.0
- `install_version`: set to `"next"`
- `runner`: set to `"bun"`
 2026-02-27 10:41:02 +01:00
dependabot[bot] fa8fceaa8f chore: bump ubuntu from c7eb020 to 3ba65aa in /dogfood/coder (#22253) 
Bumps ubuntu from `c7eb020` to `3ba65aa`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ubuntu&package-manager=docker&previous-version=jammy&new-version=jammy)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-23 12:56:14 +00:00
Michael Suchacz a4fc6dcf90 fix(dogfood): auto-configure Mux GitHub owner login in startup script (#22239) 2026-02-22 14:31:11 +01:00
Lukasz 4c0c621f2a chore: bump bundled terraform to 1.14.5 (#22167) 
Description:
This PR updates the bundled Terraform binary and related version pins
from 1.14.1 to 1.14.5 (base image, installer fallback, and CI/test
fixtures). Terraform is statically built with an embedded Go runtime.
Moving to 1.14.5 updates the embedded toolchain and is intended to
address Go stdlib CVEs reported by security scanning.

Notes:
- Change is version-only; no functional Coder logic changes.
- Backport-friendly: intended to be cherry-picked to release branches
after merge.
 2026-02-18 12:18:38 +01:00
Jon Ayers e82edf1b6b chore: update Go from 1.25.6 to 1.25.7 (#22042) 2026-02-17 22:31:20 -06:00
dependabot[bot] 65fb0e22a8 chore: bump rust from 760ad1d to 9663b80 in /dogfood/coder (#22124) 
Bumps rust from `760ad1d` to `9663b80`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rust&package-manager=docker&previous-version=slim&new-version=slim)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-16 13:10:55 +00:00
dependabot[bot] 7224977fa6 chore: bump the coder-modules group across 2 directories with 2 updates (#22116) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-16 00:38:40 +00:00
dependabot[bot] f3cd74d9d8 chore: bump rust from df6ca8f to 760ad1d in /dogfood/coder (#22009) 
Bumps rust from `df6ca8f` to `760ad1d`.


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rust&package-manager=docker&previous-version=slim&new-version=slim)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-09 13:26:12 +00:00
dependabot[bot] 1800122cb4 chore: bump the coder-modules group across 2 directories with 2 updates (#21995) 
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-09 00:40:31 +00:00
Michael Suchacz f7f025343f chore(dogfood): add project to mux module (#21894) 
Adds `add-project` to the `mux` module in the dogfood Coder template so
Mux opens the cloned repo by default.

- Uses `local.repo_dir` (defaults to `/home/coder/coder`) so it stays
correct if the repo base dir parameter changes.

Testing:
- `terraform fmt -check dogfood/coder/main.tf`
 2026-02-03 16:46:06 +01:00