Pass git configuration variables via terraform (#3034)

dwahler · web-flow · commit f7ea016494c1 · 2022-07-19T13:24:06.000-05:00
* Pass workspace owner email address to provisioner * Remove owner_email and owner_username fields from agent metadata * Add Git environment variables to example templates * Remove "owner_name" field from provisioner metadata, use username instead * Remove Git configuration from most templates, add documentation * Proofreading/typo fixes from @mafredri * Update example templates to latest version of terraform-provider-coder
diff --git a/agent/agent.go b/agent/agent.go
@@ -56,8 +56,6 @@ type Options struct {
 
 type Metadata struct {
 	WireguardAddresses   []netaddr.IPPrefix `json:"addresses"`
-	OwnerEmail           string             `json:"owner_email"`
-	OwnerUsername        string             `json:"owner_username"`
 	EnvironmentVariables map[string]string  `json:"environment_variables"`
 	StartupScript        string             `json:"startup_script"`
 	Directory            string             `json:"directory"`
@@ -386,12 +384,6 @@ func (a *agent) createCommand(ctx context.Context, rawCommand string, env []stri
 	// If using backslashes, it's unable to find the executable.
 	unixExecutablePath := strings.ReplaceAll(executablePath, "\\", "/")
 	cmd.Env = append(cmd.Env, fmt.Sprintf(`GIT_SSH_COMMAND=%s gitssh --`, unixExecutablePath))
-	// These prevent the user from having to specify _anything_ to successfully commit.
-	// Both author and committer must be set!
-	cmd.Env = append(cmd.Env, fmt.Sprintf(`GIT_AUTHOR_EMAIL=%s`, metadata.OwnerEmail))
-	cmd.Env = append(cmd.Env, fmt.Sprintf(`GIT_COMMITTER_EMAIL=%s`, metadata.OwnerEmail))
-	cmd.Env = append(cmd.Env, fmt.Sprintf(`GIT_AUTHOR_NAME=%s`, metadata.OwnerUsername))
-	cmd.Env = append(cmd.Env, fmt.Sprintf(`GIT_COMMITTER_NAME=%s`, metadata.OwnerUsername))
 
 	// Load environment variables passed via the agent.
 	// These should override all variables we manually specify.
diff --git a/coderd/provisionerdaemons.go b/coderd/provisionerdaemons.go
@@ -256,6 +256,7 @@ func (server *provisionerdServer) AcquireJob(ctx context.Context, _ *proto.Empty
 					WorkspaceTransition: transition,
 					WorkspaceName:       workspace.Name,
 					WorkspaceOwner:      owner.Username,
+					WorkspaceOwnerEmail: owner.Email,
 					WorkspaceId:         workspace.ID.String(),
 					WorkspaceOwnerId:    owner.ID.String(),
 				},
diff --git a/coderd/workspaceagents.go b/coderd/workspaceagents.go
@@ -129,38 +129,6 @@ func (api *API) workspaceAgentMetadata(rw http.ResponseWriter, r *http.Request)
 		})
 		return
 	}
-	resource, err := api.Database.GetWorkspaceResourceByID(r.Context(), workspaceAgent.ResourceID)
-	if err != nil {
-		httpapi.Write(rw, http.StatusInternalServerError, codersdk.Response{
-			Message: "Internal error fetching workspace resources.",
-			Detail:  err.Error(),
-		})
-		return
-	}
-	build, err := api.Database.GetWorkspaceBuildByJobID(r.Context(), resource.JobID)
-	if err != nil {
-		httpapi.Write(rw, http.StatusInternalServerError, codersdk.Response{
-			Message: "Internal error fetching workspace build.",
-			Detail:  err.Error(),
-		})
-		return
-	}
-	workspace, err := api.Database.GetWorkspaceByID(r.Context(), build.WorkspaceID)
-	if err != nil {
-		httpapi.Write(rw, http.StatusInternalServerError, codersdk.Response{
-			Message: "Internal error fetching workspace.",
-			Detail:  err.Error(),
-		})
-		return
-	}
-	owner, err := api.Database.GetUserByID(r.Context(), workspace.OwnerID)
-	if err != nil {
-		httpapi.Write(rw, http.StatusInternalServerError, codersdk.Response{
-			Message: "Internal error fetching workspace owner.",
-			Detail:  err.Error(),
-		})
-		return
-	}
 
 	ipp, ok := netaddr.FromStdIPNet(&workspaceAgent.WireguardNodeIPv6.IPNet)
 	if !ok {
@@ -173,8 +141,6 @@ func (api *API) workspaceAgentMetadata(rw http.ResponseWriter, r *http.Request)
 
 	httpapi.Write(rw, http.StatusOK, agent.Metadata{
 		WireguardAddresses:   []netaddr.IPPrefix{ipp},
-		OwnerEmail:           owner.Email,
-		OwnerUsername:        owner.Username,
 		EnvironmentVariables: apiAgent.EnvironmentVariables,
 		StartupScript:        apiAgent.StartupScript,
 		Directory:            apiAgent.Directory,
diff --git a/docs/templates.md b/docs/templates.md
@@ -42,7 +42,7 @@ code once you run `coder templates init` (new) or `coder templates pull`
 ## Concepts in templates
 
 While templates are written with standard Terraform, the
-[Coder Terraform Provider](https://registry.terraform.io/providers/coder/coder/latest/docs) is 
+[Coder Terraform Provider](https://registry.terraform.io/providers/coder/coder/latest/docs) is
 used to define the workspace lifecycle and establish a connection from resources
 to Coder.
 
@@ -51,7 +51,7 @@ template options, reference [Coder Terraform provider docs](https://registry.ter
 
 ### Resource
 
-Resources in Coder are simply [Terraform resources](https://www.terraform.io/language/resources). 
+Resources in Coder are simply [Terraform resources](https://www.terraform.io/language/resources).
 If a Coder agent is attached to a resource, users can connect directly to the resource over
 SSH or web apps.
 
@@ -60,12 +60,12 @@ SSH or web apps.
 Once a Coder workspace is created, the Coder agent establishes a connection
 between a resource (docker_container) and Coder, so that a user can connect to
 their workspace from the web UI or CLI. A template can have multiple agents to
-allow users to connect to multiple resources in their workspace. 
+allow users to connect to multiple resources in their workspace.
 
 > Resources must download and start the Coder agent binary to connect to Coder.
 > This means the resource must be able to reach your Coder URL.
 
-Use the Coder agent's init script to 
+Use the Coder agent's init script to
 
 ```hcl
 data "coder_workspace" "me" {
@@ -90,6 +90,11 @@ resource "kubernetes_pod" "pod1" {
 }
 ```
 
+The `coder_agent` resource can be configured as described in the
+[documentation for the `coder` Terraform provider.](https://registry.terraform.io/providers/coder/coder/latest/docs/resources/agent)
+For example, you can use the `env` property to set environment variables that will be
+inherited by all child processes of the agent, including SSH sessions.
+
 ### Parameters
 
 Templates often contain _parameters_. These are defined by `variable` blocks in
@@ -202,6 +207,31 @@ By default, all templates allow developers to connect over SSH and a web
 terminal. See [Configuring Web IDEs](./ides/configuring-web-ides.md) to
 learn how to give users access to additional web applications.
 
+### Data source
+
+When a workspace is being started or stopped, the `coder_workspace` data source provides
+some useful parameters. See the [documentation for the `coder` Terraform provider](https://registry.terraform.io/providers/coder/coder/latest/docs/data-sources/workspace)
+for more information.
+
+For example, the [Docker quick-start template](https://github.com/coder/coder/tree/main/examples/templates/docker)
+sets a few environment variables based on the username and email address of the workspace's owner, so
+that you can make Git commits immediately without any manual configuration:
+
+```tf
+resource "coder_agent" "dev" {
+  # ...
+  env = {
+    GIT_AUTHOR_NAME = "${data.coder_workspace.me.owner}"
+    GIT_COMMITTER_NAME = "${data.coder_workspace.me.owner}"
+    GIT_AUTHOR_EMAIL = "${data.coder_workspace.me.owner_email}"
+    GIT_COMMITTER_EMAIL = "${data.coder_workspace.me.owner_email}"
+  }
+}
+```
+
+You can add these environment variable definitions to your own templates, or customize them however
+you like.
+
 ## Creating & troubleshooting templates
 
 You can use any Terraform resources or modules with Coder! When working on
diff --git a/examples/templates/aws-linux/main.tf b/examples/templates/aws-linux/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     coder = {
       source  = "coder/coder"
-      version = "0.3.4"
+      version = "0.4.3"
     }
   }
 }
diff --git a/examples/templates/aws-windows/main.tf b/examples/templates/aws-windows/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     coder = {
       source  = "coder/coder"
-      version = "0.3.4"
+      version = "0.4.3"
     }
   }
 }
diff --git a/examples/templates/do-linux/main.tf b/examples/templates/do-linux/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     coder = {
       source  = "coder/coder"
-      version = "0.4.2"
+      version = "0.4.3"
     }
     digitalocean = {
       source  = "digitalocean/digitalocean"
diff --git a/examples/templates/docker-code-server/main.tf b/examples/templates/docker-code-server/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     coder = {
       source  = "coder/coder"
-      version = "0.4.2"
+      version = "0.4.3"
     }
     docker = {
       source  = "kreuzwerker/docker"
@@ -39,6 +39,17 @@ resource "coder_agent" "dev" {
   arch           = var.docker_arch
   os             = "linux"
   startup_script = "code-server --auth none"
+
+  # These environment variables allow you to make Git commits right away after creating a
+  # workspace. Note that they take precedence over configuration defined in ~/.gitconfig!
+  # You can remove this block if you'd prefer to configure Git manually or using
+  # dotfiles. (see docs/dotfiles.md)
+  env = {
+    GIT_AUTHOR_NAME = "${data.coder_workspace.me.owner}"
+    GIT_COMMITTER_NAME = "${data.coder_workspace.me.owner}"
+    GIT_AUTHOR_EMAIL = "${data.coder_workspace.me.owner_email}"
+    GIT_COMMITTER_EMAIL = "${data.coder_workspace.me.owner_email}"
+  }
 }
 
 resource "coder_app" "code-server" {
diff --git a/examples/templates/docker-image-builds/main.tf b/examples/templates/docker-image-builds/main.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     coder = {
       source  = "coder/coder"
-      version = "0.4.2"
+      version = "0.4.3"
     }
     docker = {
       source  = "kreuzwerker/docker"
@@ -107,7 +107,7 @@ resource "docker_container" "workspace" {
   # Hostname makes the shell more user friendly: coder@my-workspace:~$
   hostname = lower(data.coder_workspace.me.name)
   dns      = ["1.1.1.1"]
-  # Use the docker gateway if the access URL is 127.0.0.1 
+  # Use the docker gateway if the access URL is 127.0.0.1
   command = ["sh", "-c", replace(coder_agent.dev.init_script, "127.0.0.1", "host.docker.internal")]
   env     = ["CODER_AGENT_TOKEN=${coder_agent.dev.token}"]
   host {
diff --git a/examples/templates/docker-with-dotfiles/main.tf b/examples/templates/docker-with-dotfiles/main.tf
@@ -9,7 +9,7 @@ terraform {
   required_providers {
     coder = {
       source  = "coder/coder"
-      version = "0.4.2"
+      version = "0.4.3"
     }
     docker = {
       source  = "kreuzwerker/docker"
diff --git a/examples/templates/docker/main.tf b/examples/templates/docker/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     coder = {
       source  = "coder/coder"
-      version = "0.4.2"
+      version = "0.4.3"
     }
     docker = {
       source  = "kreuzwerker/docker"
@@ -74,6 +74,17 @@ resource "coder_agent" "dev" {
     curl -fsSL https://code-server.dev/install.sh | sh
     code-server --auth none --port 13337
     EOF
+
+  # These environment variables allow you to make Git commits right away after creating a
+  # workspace. Note that they take precedence over configuration defined in ~/.gitconfig!
+  # You can remove this block if you'd prefer to configure Git manually or using
+  # dotfiles. (see docs/dotfiles.md)
+  env = {
+    GIT_AUTHOR_NAME = "${data.coder_workspace.me.owner}"
+    GIT_COMMITTER_NAME = "${data.coder_workspace.me.owner}"
+    GIT_AUTHOR_EMAIL = "${data.coder_workspace.me.owner_email}"
+    GIT_COMMITTER_EMAIL = "${data.coder_workspace.me.owner_email}"
+  }
 }
 
 resource "coder_app" "code-server" {
diff --git a/examples/templates/gcp-linux/main.tf b/examples/templates/gcp-linux/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     coder = {
       source  = "coder/coder"
-      version = "0.3.4"
+      version = "0.4.3"
     }
     google = {
       source  = "hashicorp/google"
diff --git a/examples/templates/gcp-vm-container/main.tf b/examples/templates/gcp-vm-container/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     coder = {
       source  = "coder/coder"
-      version = "0.3.4"
+      version = "0.4.3"
     }
     google = {
       source  = "hashicorp/google"
diff --git a/examples/templates/gcp-windows/main.tf b/examples/templates/gcp-windows/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     coder = {
       source  = "coder/coder"
-      version = "0.3.4"
+      version = "0.4.3"
     }
     google = {
       source  = "hashicorp/google"
diff --git a/examples/templates/kubernetes-multi-service/main.tf b/examples/templates/kubernetes-multi-service/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     coder = {
       source  = "coder/coder"
-      version = "~> 0.3.1"
+      version = "~> 0.4.3"
     }
     kubernetes = {
       source  = "hashicorp/kubernetes"
diff --git a/provisioner/terraform/provision.go b/provisioner/terraform/provision.go
@@ -162,6 +162,7 @@ func provisionEnv(start *proto.Provision_Start) ([]string, error) {
 		"CODER_WORKSPACE_TRANSITION="+strings.ToLower(start.Metadata.WorkspaceTransition.String()),
 		"CODER_WORKSPACE_NAME="+start.Metadata.WorkspaceName,
 		"CODER_WORKSPACE_OWNER="+start.Metadata.WorkspaceOwner,
+		"CODER_WORKSPACE_OWNER_EMAIL="+start.Metadata.WorkspaceOwnerEmail,
 		"CODER_WORKSPACE_ID="+start.Metadata.WorkspaceId,
 		"CODER_WORKSPACE_OWNER_ID="+start.Metadata.WorkspaceOwnerId,
 	)
diff --git a/provisionersdk/proto/provisioner.pb.go b/provisionersdk/proto/provisioner.pb.go
diff --git a/provisionersdk/proto/provisioner.proto b/provisionersdk/proto/provisioner.proto

Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,7 @@ terraform {`
`2`	`2`	`required_providers {`
`3`	`3`	`coder = {`
`4`	`4`	`source = "coder/coder"`
`5`		`- version = "0.3.4"`
	`5`	`+ version = "0.4.3"`
`6`	`6`	`}`
`7`	`7`	`}`
`8`	`8`	`}`
Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,7 @@ terraform {`
`9`	`9`	`required_providers {`
`10`	`10`	`coder = {`
`11`	`11`	`source = "coder/coder"`
`12`		`- version = "0.4.2"`
	`12`	`+ version = "0.4.3"`
`13`	`13`	`}`
`14`	`14`	`docker = {`
`15`	`15`	`source = "kreuzwerker/docker"`
Original file line number	Diff line number	Diff line change
`@@ -162,6 +162,7 @@ func provisionEnv(start *proto.Provision_Start) ([]string, error) {`
`162`	`162`	`"CODER_WORKSPACE_TRANSITION="+strings.ToLower(start.Metadata.WorkspaceTransition.String()),`
`163`	`163`	`"CODER_WORKSPACE_NAME="+start.Metadata.WorkspaceName,`
`164`	`164`	`"CODER_WORKSPACE_OWNER="+start.Metadata.WorkspaceOwner,`
	`165`	`+ "CODER_WORKSPACE_OWNER_EMAIL="+start.Metadata.WorkspaceOwnerEmail,`
`165`	`166`	`"CODER_WORKSPACE_ID="+start.Metadata.WorkspaceId,`
`166`	`167`	`"CODER_WORKSPACE_OWNER_ID="+start.Metadata.WorkspaceOwnerId,`
`167`	`168`	`)`