1de61246a3
feat: add experimental template autostop requirement template settings UI ( #9417 )
2023-08-30 20:41:27 +00:00
90acf998bf
fix: fix null pointer on external provisioner daemons with daily_cost ( #9401 )
...
* fix: fix null pointer on external provisioner daemons with daily_cost
Signed-off-by: Spike Curtis <spike@coder.com >
* Add logging for debounce and job acquire
Signed-off-by: Spike Curtis <spike@coder.com >
* Return error instead of panic
Signed-off-by: Spike Curtis <spike@coder.com >
* remove debounce on external provisioners to fix test flakes
Signed-off-by: Spike Curtis <spike@coder.com >
---------
Signed-off-by: Spike Curtis <spike@coder.com >
2023-08-30 10:48:35 +00:00
a572800d47
chore: rename template restart requirement to autostop requirement ( #9295 )
2023-08-29 18:35:05 +00:00
be47cc58ff
fix(enterprise/coderd): use websocketNetConn in workspaceProxyCoordinate to bind context ( #9395 )
2023-08-28 23:12:45 +03:00
d9d4d74f99
test: add full OIDC fake IDP ( #9317 )
...
* test: implement fake OIDC provider with full functionality
* Refactor existing tests
2023-08-25 14:34:07 -05:00
60d5002eb6
refactor: change template archive extraction to be on provisioner ( #9264 )
...
* refactor provisionersdk protocol
Signed-off-by: Spike Curtis <spike@coder.com >
* refactor provisioners to use new protocol
Signed-off-by: Spike Curtis <spike@coder.com >
* refactor provisionerd to use new protocol
Signed-off-by: Spike Curtis <spike@coder.com >
* refactor tests & proto renames
* Fixes from self-review
Signed-off-by: Spike Curtis <spike@coder.com >
* appease fmt & link
Signed-off-by: Spike Curtis <spike@coder.com >
* code review fixes & e2e fixes
Signed-off-by: Spike Curtis <spike@coder.com >
* More fmt
Signed-off-by: Spike Curtis <spike@coder.com >
* Code review fixes
Signed-off-by: Spike Curtis <spike@coder.com >
* new gen; use uuid for session workdir
Signed-off-by: Spike Curtis <spike@coder.com >
* Revert nix-based gen CI task until dogfood is on nix
Signed-off-by: Spike Curtis <spike@coder.com >
* revert deleting dogfood Docker stuff
Signed-off-by: Spike Curtis <spike@coder.com >
* Revert "revert deleting dogfood Docker stuff"
This reverts commit 9762158167spike@coder.com >
2023-08-25 06:10:15 +00:00
7f14b50dbe
chore: rename locked to dormant ( #9290 )
...
* chore: rename locked to dormant
- The following columns have been updated:
- workspace.locked_at -> dormant_at
- template.inactivity_ttl -> time_til_dormant
- template.locked_ttl -> time_til_dormant_autodelete
This change has also been reflected in the SDK.
A route has also been updated from /workspaces/<id>/lock to /workspaces/<id>/dormant
2023-08-24 13:25:54 -05:00
64df076328
feat: add server flag to force DERP to use always websockets ( #9238 )
2023-08-24 17:22:31 +00:00
f35423c041
fix: update conn derpmap every 5s in single tailnet ( #9176 )
2023-08-23 11:20:31 +00:00
6e41cd1eda
feat: add activity bumping to template scheduling ( #9040 )
2023-08-22 15:15:13 -05:00
697b0283c5
chore: fix low hanging lint issues ( #9253 )
2023-08-22 12:32:37 -06:00
262d7692b6
feat: add force refresh of license entitlements ( #9155 )
...
* feat: add force refresh of license entitlements
* send "going away" mesasge on licenses pubsub on close
* Add manual refresh to licenses page
2023-08-22 09:26:43 -05:00
545a256b57
fix: correctly reject quota-violating builds ( #9233 )
...
Due to a logical error in CommitQuota, all workspace Stop->Start operations
were being accepted, regardless of the Quota limit. This issue only
appeared after #9201 , so this was a minor regression in main for about
3 days. This PR adds a test to make sure this kind of bug doesn't recur.
To make the new test possible, we give the echo provisioner the ability
to simulate responses to specific transitions.
2023-08-22 02:55:39 +00:00
22e781eced
chore: add /v2 to import module path ( #9072 )
...
* chore: add /v2 to import module path
go mod requires semantic versioning with versions greater than 1.x
This was a mechanical update by running:
```
go install github.com/marwan-at-work/mod/cmd/mod@latest
mod upgrade
```
Migrate generated files to import /v2
* Fix gen
2023-08-18 18:55:43 +00:00
2f6687a475
feat: expose Everyone group through UI ( #9117 )
...
- Allows setting quota allowances on the 'Everyone' group.
2023-08-17 13:25:16 -05:00
8910f05172
fix: /workspaces should work even if missing template perms ( #9152 )
...
If a user is missing template perms to a workspace, just block reading
that workspace. This is to keep the api consistent, it is not a rbac
enforcement.
This should ublock users reporting this bug that /workspaces returns
nothing when 1 workspace cannot be fully read. We might want to be
able to return missing or unknown fields in our api to account
for this.
2023-08-17 13:22:03 -05:00
6fd9975aed
feat(coderd): add coder_app usage stats ( #9001 )
...
Updates #8658
2023-08-16 15:22:00 +03:00
e4c24e05f8
fix: rename group GET request ( #9097 )
...
* fix: group GET req naming
* make: gen
2023-08-15 14:47:08 -04:00
9d9b330b16
chore: add request body to patch groups openapi spec ( #9101 )
2023-08-15 15:29:15 +00:00
47b8bf6585
feat: update workspace deadline when template policy changes ( #8964 )
2023-08-14 21:16:47 +00:00
d2f22b063a
fix: move STUN servers into their own regions ( #9030 )
2023-08-11 05:04:17 +10:00
9941f49056
fix: remove stun nodes from workspace proxy regions ( #8990 )
2023-08-09 09:31:25 +00:00
f7a35e0559
chore: add workspace proxies to telemetry ( #8963 )
2023-08-08 18:29:35 +00:00
f4122fa9f5
feat: add auto group create from OIDC ( #8884 )
...
* add flag for auto create groups
* fixup! add flag for auto create groups
* sync missing groups
Also added a regex filter to filter out groups that are not
important
2023-08-08 11:37:49 -05:00
5339a31532
fix: remove refresh oauth logic on OIDC login ( #8950 )
...
* fix: do not do oauth refresh logic on oidc login
2023-08-08 10:05:12 -05:00
0c7ff4fb8a
fix(enterprise): ensure SCIM create user can unsuspend ( #8916 )
2023-08-04 22:03:21 +00:00
cb4989cd8d
feat: add PSK for external provisionerd auth ( #8877 )
...
Signed-off-by: Spike Curtis <spike@coder.com >
2023-08-04 12:32:28 +04:00
4c1e63aae8
feat: add display_name field to groups ( #8740 )
...
* feat: add display_name field to groups
This is a non-unique human friendly group name for display
purposes. This means a display name can be used instead of
using an environment var to remap groups with OIDC names to
Coder names. Now groups can retain the OIDC name for mapping,
and use a display name for display purposes.
2023-08-02 10:53:06 -05:00
cd1e088f7c
feat: add --derp-only flag to wsproxy ( #8850 )
2023-08-03 00:35:06 +10:00
d6e9870209
feat: add "dormant" user state ( #8644 )
2023-08-02 16:31:25 +02:00
6b69970d7c
fix: avoid infinite loop in agent derp-map ( #8848 )
2023-08-02 13:18:46 +10:00
c575292ba6
fix: fix tailnet netcheck issues ( #8802 )
2023-08-02 01:50:43 +10:00
ddabe9cc7f
feat: improve RBAC preconditions for Insights endpoint ( #8794 )
2023-07-31 13:44:32 +00:00
4cc270b12b
revert(enterprise): make pgcoord experimental again ( #8797 )
2023-07-28 18:38:32 -05:00
2811ab62d0
chore: fix workspace proxy flake ( #8755 )
2023-07-26 23:50:25 +00:00
9ffbdc6696
hotfix: fix failed 32-bit builds ( #8741 )
2023-07-26 17:30:47 +00:00
2f0a9996e7
chore: add derpserver to wsproxy, add proxies to derpmap ( #7311 )
2023-07-27 02:21:04 +10:00
2089006fbc
feat!: drop reading other 'user' permission ( #8650 )
...
* feat: drop reading other 'user' permission
Members of the platform can no longer read or list other users.
Resources that have "created_by" or "initiated_by" still retain
user context, but only include username and avatar url.
Attempting to read a user found via those means will result in
a 404.
* Hide /users page for regular users
* make groups a privledged endpoint
* Permissions page for template perms
* Admin for a given template enables an endpoint for listing users/groups.
2023-07-26 10:33:48 -04:00
f07d2ff68d
fix(enterprise): ensure creating a SCIM user is idempotent ( #8730 )
2023-07-25 17:49:52 -05:00
de1a7a9210
chore: join user information to workspace_build and template_version ( #8625 )
...
* include minimial user on template version and build
* Add unit test to ensure join is superset
2023-07-25 09:14:38 -04:00
ac559f101e
fix: handle omitted role sync claim ( #8697 )
...
* fix: handle omitted role sync claim
2023-07-24 15:50:23 -04:00
f827829afe
feat: synchronize oidc user roles ( #8595 )
...
* feat: oidc user role sync
User roles come from oidc claims. Prevent manual user role changes
if set.
* allow mapping 1:many
2023-07-24 08:34:24 -04:00
b47d076756
feat: add deleting_at column to workspaces ( #8333 )
2023-07-20 22:01:11 -05:00
dc8b73168e
feat: add user quiet hours schedule and restart requirement feature flag ( #8115 )
2023-07-20 23:35:41 +10:00
aceedefce3
chore: add template_with_user view to include user contextual data ( #8568 )
...
* chore: Refactor template sql queries to use new view
* TemplateWithUser -> Template
* Add unit test to enforce good view
2023-07-19 16:07:33 -04:00
517fb19474
feat: add single tailnet support to moons ( #8587 )
2023-07-19 11:11:11 -05:00
cc8d0af027
fix(enterprise): avoid initial license reconfig if feature isn't enabled ( #8586 )
2023-07-19 10:32:29 -05:00
c47b78c44b
chore: replace wsconncache with a single tailnet ( #8176 )
2023-07-12 17:37:31 -05:00
928091aa05
feat!: add table format to 'coder license ls', 'license_expires' --> 'license_expires_human' ( #8421 )
...
* feat: add table format to 'coder license ls'
* feat: license expires_at to table view
* change: `license_expires` to `license_expires_human` and `license_expires` is unix timestamp
2023-07-12 08:06:18 -04:00
b4057bd74a
feat: make pgCoordinator generally available ( #8419 )
...
* pgCoord to GA, fix tests
Signed-off-by: Spike Curtis <spike@coder.com >
* Fix generation and coordinator delete RBAC
Signed-off-by: Spike Curtis <spike@coder.com >
* Fix fakeQuerier -> FakeQuerier
Signed-off-by: Spike Curtis <spike@coder.com >
---------
Signed-off-by: Spike Curtis <spike@coder.com >
2023-07-12 13:35:29 +04:00
Dean Sheather