Thanks to visit codestin.com
Credit goes to github.com

Skip to content

feat: Add workspace application support #1773

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 42 commits into from
Jun 4, 2022
Merged

feat: Add workspace application support #1773

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
42 commits
Select commit Hold shift + click to select a range
bdfa61a
feat: Add app support
kylecarbs May 6, 2022
8b2f6c4
Merge branch 'main' into devurls
kylecarbs May 15, 2022
e3cf488
Merge branch 'main' into devurls
kylecarbs May 24, 2022
e3ff8ad
Compare fields in apps test
kylecarbs May 24, 2022
b6e1ea6
Update Terraform provider to use relative path
kylecarbs May 25, 2022
430cfe7
Add some basic structure for routing
kylecarbs May 26, 2022
6ef781c
chore: Remove interface from coderd and lift API surface
kylecarbs May 26, 2022
f70dd17
Merge branch 'routeclean' into devurls
kylecarbs May 26, 2022
0805250
Merge branch 'main' into devurls
kylecarbs May 26, 2022
934b1ff
Add basic proxy logic
kylecarbs May 26, 2022
866eeed
Add proxying based on path
kylecarbs May 27, 2022
4b73034
Merge branch 'main' into apps
kylecarbs May 27, 2022
b4f9615
Add app proxying for wildcards
kylecarbs May 27, 2022
c88df46
Add wsconncache
kylecarbs May 31, 2022
d327df7
fix: Race when writing to a closed pipe
kylecarbs May 31, 2022
f84f5ea
Merge branch 'readclose' into apps
kylecarbs May 31, 2022
cec2de3
fix: Race when writing to a closed pipe
kylecarbs May 31, 2022
c57f8dd
Merge branch 'readclose' into apps
kylecarbs May 31, 2022
8e61cac
fix: Race when writing to a closed pipe
kylecarbs May 31, 2022
b6e6d7b
Merge branch 'readclose' into apps
kylecarbs May 31, 2022
46b24f7
fix: Race when writing to a closed pipe
kylecarbs May 31, 2022
4d8b257
Merge branch 'readclose' into apps
kylecarbs Jun 1, 2022
e9b7463
Add workspace route proxying endpoint
kylecarbs Jun 3, 2022
80b5600
Add embed errors
kylecarbs Jun 3, 2022
8b81c35
chore: Refactor site to improve testing
kylecarbs Jun 3, 2022
60ad881
Merge branch 'refactorsite' into apps
kylecarbs Jun 3, 2022
0a63bec
Add test for error handler
kylecarbs Jun 3, 2022
d3b9ab5
Remove unused access url
kylecarbs Jun 3, 2022
7a1ae15
Add RBAC tests
kylecarbs Jun 3, 2022
5b9194f
Merge branch 'main' into apps
kylecarbs Jun 3, 2022
cd2d12e
Merge branch 'main' into apps
kylecarbs Jun 3, 2022
b056400
Fix dial agent syntax
kylecarbs Jun 3, 2022
fe3aecc
Merge branch 'main' into apps
kylecarbs Jun 3, 2022
2018cdc
Fix linting errors
kylecarbs Jun 3, 2022
2d5261f
Fix gen
kylecarbs Jun 3, 2022
856f17d
Fix icon required
kylecarbs Jun 3, 2022
1a21f94
Merge branch 'main' into apps
kylecarbs Jun 3, 2022
ad90bcb
Adjust migration number
kylecarbs Jun 3, 2022
38abbb5
Fix proxy error status code
kylecarbs Jun 4, 2022
4f89642
Fix empty db lookup
kylecarbs Jun 4, 2022
637be3e
Merge branch 'main' into apps
kylecarbs Jun 4, 2022
50da4fb
Merge branch 'main' into apps
kylecarbs Jun 4, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions .vscode/settings.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
{
"cSpell.words": [
"apps",
"awsidentity",
"buildinfo",
"buildname",
"circbuf",
"cliflag",
Expand All @@ -16,6 +19,7 @@
"Dsts",
"fatih",
"Formik",
"gitsshkey",
"goarch",
"gographviz",
"goleak",
Expand All @@ -30,6 +34,7 @@
"incpatch",
"isatty",
"Jobf",
"Keygen",
"kirsle",
"ldflags",
"manifoldco",
Expand All @@ -54,6 +59,7 @@
"retrier",
"rpty",
"sdkproto",
"sdktrace",
"Signup",
"sourcemapped",
"stretchr",
Expand All @@ -66,13 +72,18 @@
"tfjson",
"tfstate",
"trimprefix",
"turnconn",
"typegen",
"unconvert",
"Untar",
"VMID",
"weblinks",
"webrtc",
"workspaceagent",
"workspaceapp",
"workspaceapps",
"workspacebuilds",
"wsconncache",
"xerrors",
"xstate",
"yamux"
Expand Down
2 changes: 1 addition & 1 deletion agent/conn.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ func (c *Conn) DialContext(ctx context.Context, network string, addr string) (ne
var res dialResponse
err = dec.Decode(&res)
if err != nil {
return nil, xerrors.Errorf("failed to decode initial packet: %w", err)
return nil, xerrors.Errorf("decode agent dial response: %w", err)
}
if res.Error != "" {
_ = channel.Close()
Expand Down
38 changes: 29 additions & 9 deletions coderd/coderd.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ import (
"github.com/coder/coder/coderd/rbac"
"github.com/coder/coder/coderd/tracing"
"github.com/coder/coder/coderd/turnconn"
"github.com/coder/coder/coderd/wsconncache"
"github.com/coder/coder/codersdk"
"github.com/coder/coder/site"
)
Expand All @@ -44,14 +45,14 @@ type Options struct {
// app. Specific routes may have their own limiters.
APIRateLimit int
AWSCertificates awsidentity.Certificates
Authorizer rbac.Authorizer
AzureCertificates x509.VerifyOptions
GoogleTokenValidator *idtoken.Validator
GithubOAuth2Config *GithubOAuth2Config
ICEServers []webrtc.ICEServer
SecureAuthCookie bool
SSHKeygenAlgorithm gitsshkey.Algorithm
TURNServer *turnconn.Server
Authorizer rbac.Authorizer
TracerProvider *sdktrace.TracerProvider
}

Expand All @@ -75,9 +76,11 @@ func New(options *Options) *API {

r := chi.NewRouter()
api := &API{
Options: options,
Handler: r,
Options: options,
Handler: r,
siteHandler: site.Handler(site.FS()),
}
api.workspaceAgentCache = wsconncache.New(api.dialWorkspaceAgent, 0)

apiKeyMiddleware := httpmw.ExtractAPIKey(options.Database, &httpmw.OAuth2Configs{
Github: options.GithubOAuth2Config,
Expand All @@ -93,6 +96,20 @@ func New(options *Options) *API {
tracing.HTTPMW(api.TracerProvider, "coderd.http"),
)

apps := func(r chi.Router) {
r.Use(
httpmw.RateLimitPerMinute(options.APIRateLimit),
apiKeyMiddleware,
httpmw.ExtractUserParam(api.Database),
)
r.Get("/*", api.workspaceAppsProxyPath)
}
// %40 is the encoded character of the @ symbol. VS Code Web does
// not handle character encoding properly, so it's safe to assume
// other applications might not as well.
r.Route("/%40{user}/{workspacename}/apps/{workspaceapp}", apps)
Copy link
Contributor

@greyscaled greyscaled Jun 3, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this mean the FE should use encodeURIComponent ?

https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent

so like

async (username: string, workspaceName: string, app: string) => {
  encoderURIComponent(`/api/v0/@{username}/{workspaceName}/apps/{app}`)
}

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nah, we should always use @ if possible. This is an edge-case for where certain client-side applications don't handle the @ properly.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TY!!

r.Route("/@{user}/{workspacename}/apps/{workspaceapp}", apps)

r.Route("/api/v2", func(r chi.Router) {
r.NotFound(func(rw http.ResponseWriter, r *http.Request) {
httpapi.Write(rw, http.StatusNotFound, httpapi.Response{
Expand Down Expand Up @@ -327,24 +344,27 @@ func New(options *Options) *API {
r.Get("/state", api.workspaceBuildState)
})
})
r.NotFound(site.Handler(site.FS()).ServeHTTP)

r.NotFound(api.siteHandler.ServeHTTP)
return api
}

type API struct {
*Options

Handler chi.Router
websocketWaitMutex sync.Mutex
websocketWaitGroup sync.WaitGroup
Handler chi.Router
siteHandler http.Handler
websocketWaitMutex sync.Mutex
websocketWaitGroup sync.WaitGroup
workspaceAgentCache *wsconncache.Cache
}

// Close waits for all WebSocket connections to drain before returning.
func (api *API) Close() {
func (api *API) Close() error {
api.websocketWaitMutex.Lock()
api.websocketWaitGroup.Wait()
api.websocketWaitMutex.Unlock()

return api.workspaceAgentCache.Close()
}

func debugLogRequest(log slog.Logger) func(http.Handler) http.Handler {
Expand Down
14 changes: 14 additions & 0 deletions coderd/coderd_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,10 @@ func TestAuthorizeAllEndpoints(t *testing.T) {
Agents: []*proto.Agent{{
Id: "something",
Auth: &proto.Agent_Token{},
Apps: []*proto.App{{
Name: "app",
Url: "http://localhost:3000",
}},
}},
}},
},
Expand Down Expand Up @@ -128,6 +132,15 @@ func TestAuthorizeAllEndpoints(t *testing.T) {
"GET:/api/v2/users/authmethods": {NoAuthorize: true},
"POST:/api/v2/csp/reports": {NoAuthorize: true},

"GET:/%40{user}/{workspacename}/apps/{application}/*": {
AssertAction: rbac.ActionRead,
AssertObject: workspaceRBACObj,
},
"GET:/@{user}/{workspacename}/apps/{application}/*": {
AssertAction: rbac.ActionRead,
AssertObject: workspaceRBACObj,
},

// Has it's own auth
"GET:/api/v2/users/oauth2/github/callback": {NoAuthorize: true},

Expand Down Expand Up @@ -368,6 +381,7 @@ func TestAuthorizeAllEndpoints(t *testing.T) {
route = strings.ReplaceAll(route, "{template}", template.ID.String())
route = strings.ReplaceAll(route, "{hash}", file.Hash)
route = strings.ReplaceAll(route, "{workspaceresource}", workspaceResources[0].ID.String())
route = strings.ReplaceAll(route, "{workspaceapp}", workspaceResources[0].Agents[0].Apps[0].Name)
route = strings.ReplaceAll(route, "{templateversion}", version.ID.String())
route = strings.ReplaceAll(route, "{templateversiondryrun}", templateVersionDryRun.ID.String())
route = strings.ReplaceAll(route, "{templatename}", template.Name)
Expand Down
2 changes: 1 addition & 1 deletion coderd/coderdtest/coderdtest.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -173,7 +173,7 @@ func NewWithAPI(t *testing.T, options *Options) (*codersdk.Client, *coderd.API)
cancelFunc()
_ = turnServer.Close()
srv.Close()
coderAPI.Close()
_ = coderAPI.Close()
})

return codersdk.New(serverURL), coderAPI
Expand Down
69 changes: 69 additions & 0 deletions coderd/database/databasefake/databasefake.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ func New() database.Store {
templateVersions: make([]database.TemplateVersion, 0),
templates: make([]database.Template, 0),
workspaceBuilds: make([]database.WorkspaceBuild, 0),
workspaceApps: make([]database.WorkspaceApp, 0),
workspaces: make([]database.Workspace, 0),
}
}
Expand Down Expand Up @@ -63,6 +64,7 @@ type fakeQuerier struct {
templateVersions []database.TemplateVersion
templates []database.Template
workspaceBuilds []database.WorkspaceBuild
workspaceApps []database.WorkspaceApp
workspaces []database.Workspace
}

Expand Down Expand Up @@ -388,6 +390,38 @@ func (q *fakeQuerier) GetWorkspaceByOwnerIDAndName(_ context.Context, arg databa
return database.Workspace{}, sql.ErrNoRows
}

func (q *fakeQuerier) GetWorkspaceAppsByAgentID(_ context.Context, id uuid.UUID) ([]database.WorkspaceApp, error) {
q.mutex.RLock()
defer q.mutex.RUnlock()

apps := make([]database.WorkspaceApp, 0)
for _, app := range q.workspaceApps {
if app.AgentID == id {
apps = append(apps, app)
}
}
if len(apps) == 0 {
return nil, sql.ErrNoRows
}
return apps, nil
}

func (q *fakeQuerier) GetWorkspaceAppsByAgentIDs(_ context.Context, ids []uuid.UUID) ([]database.WorkspaceApp, error) {
q.mutex.RLock()
defer q.mutex.RUnlock()

apps := make([]database.WorkspaceApp, 0)
for _, app := range q.workspaceApps {
for _, id := range ids {
if app.AgentID.String() == id.String() {
apps = append(apps, app)
break
}
}
}
return apps, nil
}

func (q *fakeQuerier) GetWorkspacesAutostart(_ context.Context) ([]database.Workspace, error) {
q.mutex.RLock()
defer q.mutex.RUnlock()
Expand Down Expand Up @@ -1031,6 +1065,22 @@ func (q *fakeQuerier) GetWorkspaceAgentsByResourceIDs(_ context.Context, resourc
return workspaceAgents, nil
}

func (q *fakeQuerier) GetWorkspaceAppByAgentIDAndName(_ context.Context, arg database.GetWorkspaceAppByAgentIDAndNameParams) (database.WorkspaceApp, error) {
q.mutex.RLock()
defer q.mutex.RUnlock()

for _, app := range q.workspaceApps {
if app.AgentID != arg.AgentID {
continue
}
if app.Name != arg.Name {
continue
}
return app, nil
}
return database.WorkspaceApp{}, sql.ErrNoRows
}

func (q *fakeQuerier) GetProvisionerDaemonByID(_ context.Context, id uuid.UUID) (database.ProvisionerDaemon, error) {
q.mutex.RLock()
defer q.mutex.RUnlock()
Expand Down Expand Up @@ -1521,6 +1571,25 @@ func (q *fakeQuerier) InsertWorkspaceBuild(_ context.Context, arg database.Inser
return workspaceBuild, nil
}

func (q *fakeQuerier) InsertWorkspaceApp(_ context.Context, arg database.InsertWorkspaceAppParams) (database.WorkspaceApp, error) {
q.mutex.Lock()
defer q.mutex.Unlock()

// nolint:gosimple
workspaceApp := database.WorkspaceApp{
ID: arg.ID,
AgentID: arg.AgentID,
CreatedAt: arg.CreatedAt,
Name: arg.Name,
Icon: arg.Icon,
Command: arg.Command,
Url: arg.Url,
RelativePath: arg.RelativePath,
}
q.workspaceApps = append(q.workspaceApps, workspaceApp)
return workspaceApp, nil
}

func (q *fakeQuerier) UpdateAPIKeyByID(_ context.Context, arg database.UpdateAPIKeyByIDParams) error {
q.mutex.Lock()
defer q.mutex.Unlock()
Expand Down
20 changes: 20 additions & 0 deletions coderd/database/dump.sql
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions coderd/database/migrations/000020_workspace_apps.down.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
DROP TABLE workspace_apps;
12 changes: 12 additions & 0 deletions coderd/database/migrations/000020_workspace_apps.up.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
CREATE TABLE workspace_apps (
id uuid NOT NULL,
created_at timestamp with time zone NOT NULL,
agent_id uuid NOT NULL REFERENCES workspace_agents (id) ON DELETE CASCADE,
name varchar(64) NOT NULL,
icon varchar(256) NOT NULL,
command varchar(65534),
url varchar(65534),
relative_path boolean NOT NULL DEFAULT false,
PRIMARY KEY (id),
UNIQUE(agent_id, name)
);
11 changes: 11 additions & 0 deletions coderd/database/models.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 4 additions & 0 deletions coderd/database/querier.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading