mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00

Files

T

Thomas Kosiewski 4dcf0c3e7e docs: add comprehensive development documentation (#18646 )

# Organize Development Documentation into Separate Files

This PR reorganizes the development documentation by splitting the monolithic CLAUDE.md file into multiple focused documents. The main file now provides a concise overview with essential commands and critical patterns, while importing detailed content from specialized guides.

Key improvements:
- Created separate documentation files for specific domains:
  - Database development patterns
  - OAuth2 implementation guidelines
  - Testing best practices
  - Troubleshooting common issues
  - Development workflows and guidelines
- Restructured the main CLAUDE.md to be more scannable with improved formatting
- Added quick-reference tables for common commands
- Maintained all existing content while making it more accessible
- Highlighted critical patterns that must be followed

This organization makes the documentation more maintainable and easier to navigate, allowing developers to quickly find relevant information for their specific tasks.

2025-07-03 18:51:23 +02:00

7.3 KiB

Raw Blame History

Troubleshooting Guide

Common Issues

Database Issues

"Audit table entry missing action"
- Solution: Update enterprise/audit/table.go
- Add each new field with appropriate action (ActionTrack, ActionIgnore, ActionSecret)
- Run make gen to verify no audit errors

SQL type errors

Solution: Use sql.Null* types for nullable fields
Set .Valid = true when providing values

Example:

CodeChallenge: sql.NullString{
    String: params.codeChallenge,
    Valid:  params.codeChallenge != "",
}

Tests passing locally but failing in CI
- Solution: Check if dbmem implementation needs updating
- Update coderd/database/dbmem/dbmem.go for Insert/Update methods
- Missing fields in dbmem can cause tests to fail even if main implementation is correct

Testing Issues

"package should be X_test"
- Solution: Use package_test naming for test files
- Example: identityprovider_test for black-box testing
Race conditions in tests
- Solution: Use unique identifiers instead of hardcoded names
- Example: fmt.Sprintf("test-client-%s-%d", t.Name(), time.Now().UnixNano())
- Never use hardcoded names in concurrent tests
Missing newlines
- Solution: Ensure files end with newline character
- Most editors can be configured to add this automatically

OAuth2 Issues

OAuth2 endpoints returning wrong error format
- Solution: Ensure OAuth2 endpoints return RFC 6749 compliant errors
- Use standard error codes: invalid_client, invalid_grant, invalid_request
- Format: {"error": "code", "error_description": "details"}
OAuth2 tests failing but scripts working
- Solution: Check in-memory database implementations in dbmem.go
- Ensure all OAuth2 fields are properly copied in Insert/Update methods
Resource indicator validation failing
- Solution: Ensure database stores and retrieves resource parameters correctly
- Check both authorization code storage and token exchange handling
PKCE tests failing
- Solution: Verify both authorization code storage and token exchange handle PKCE fields
- Check CodeChallenge and CodeChallengeMethod field handling

RFC Compliance Issues

RFC compliance failures
- Solution: Verify against actual RFC specifications, not assumptions
- Use WebFetch tool to get current RFC content for compliance verification
- Read the actual RFC specifications before implementation
Default value mismatches
- Solution: Ensure database migrations match application code defaults
- Example: RFC 7591 specifies client_secret_basic as default, not client_secret_post

Authorization Issues

Authorization context errors in public endpoints

Solution: Use dbauthz.AsSystemRestricted(ctx) pattern

Example:

// Public endpoints needing system access
app, err := api.Database.GetOAuth2ProviderAppByClientID(dbauthz.AsSystemRestricted(ctx), clientID)

Authentication Issues

Bearer token authentication issues
- Solution: Check token extraction precedence and format validation
- Ensure proper RFC 6750 Bearer Token Support implementation
URI validation failures
- Solution: Support both standard schemes and custom schemes per protocol requirements
- Native OAuth2 apps may use custom schemes

General Development Issues

Log message formatting errors
- Solution: Use lowercase, descriptive messages without special characters
- Follow Go logging conventions

Systematic Debugging Approach

Multi-Issue Problem Solving

When facing multiple failing tests or complex integration issues:

Identify Root Causes:
- Run failing tests individually to isolate issues
- Use LSP tools to trace through call chains
- Check both compilation and runtime errors
Fix in Logical Order:
- Address compilation issues first (imports, syntax)
- Fix authorization and RBAC issues next
- Resolve business logic and validation issues
- Handle edge cases and race conditions last
Verification Strategy:
- Test each fix individually before moving to next issue
- Use make lint and make gen after database changes
- Verify RFC compliance with actual specifications
- Run comprehensive test suites before considering complete

Debug Commands

Useful Debug Commands

Command	Purpose
`make lint`	Run all linters
`make gen`	Generate mocks, database queries
`go test -v ./path/to/package -run TestName`	Run specific test with verbose output
`go test -race ./...`	Run tests with race detector

LSP Debugging

Command	Purpose
`mcp__go-language-server__definition symbolName`	Find function definition
`mcp__go-language-server__references symbolName`	Find all references
`mcp__go-language-server__diagnostics filePath`	Check for compilation errors

Common Error Messages

Database Errors

Error: pq: relation "oauth2_provider_app_codes" does not exist

Cause: Missing database migration
Solution: Run database migrations, check migration files

Error: audit table entry missing action for field X

Cause: New field added without audit table update
Solution: Update enterprise/audit/table.go

Go Compilation Errors

Error: package should be identityprovider_test

Cause: Test package naming convention violation
Solution: Use package_test naming for black-box tests

Error: cannot use X (type Y) as type Z

Cause: Type mismatch, often with nullable fields
Solution: Use appropriate sql.Null* types

OAuth2 Errors

Error: invalid_client but client exists

Cause: Authorization context issue
Solution: Use dbauthz.AsSystemRestricted(ctx) for public endpoints

Error: PKCE validation failing

Cause: Missing PKCE fields in database operations
Solution: Ensure CodeChallenge and CodeChallengeMethod are handled

Prevention Strategies

Before Making Changes

Read the relevant documentation
Check if similar patterns exist in codebase
Understand the authorization context requirements
Plan database changes carefully

During Development

Run tests frequently: make test
Use LSP tools for navigation: Avoid manual searching
Follow RFC specifications precisely
Update audit tables when adding database fields

Before Committing

Run full test suite: make test
Check linting: make lint
Test with race detector: make test-race

Getting Help

Internal Resources

Check existing similar implementations in codebase
Use LSP tools to understand code relationships
Read related test files for expected behavior

External Resources

Official RFC specifications for protocol compliance
Go documentation for language features
PostgreSQL documentation for database issues

Debug Information Collection

When reporting issues, include:

Exact error message
Steps to reproduce
Relevant code snippets
Test output (if applicable)
Environment information (OS, Go version, etc.)

7.3 KiB Raw Blame History