feat(coderd): add support for external agents to API's and provisioner #19286
Conversation
|
Warning This pull request is not mergeable via GitHub because a downstack PR is open. Once all requirements are satisfied, merge this PR as a stack on Graphite.
This stack of pull requests is managed by Graphite. Learn more about stacking. |
b641ffe to
07a9c42
Compare
c012284 to
63fefbb
Compare
60cccc2 to
0cf5381
Compare
| t.Run("OK Linux", func(t *testing.T) { | ||
| t.Parallel() | ||
| client := coderdtest.New(t, nil) | ||
| script, err := client.InitScript(context.Background(), "linux", "amd64") |
There was a problem hiding this comment.
Probably should make one of these arm64 for variety, and also assert that the string /bin/coder-OS-ARCH[.exe] shows up
| }) | ||
| if err != nil { | ||
| return xerrors.Errorf("update template version external auth providers: %w", err) | ||
| return xerrors.Errorf("update template version ai task and external agent: %w", err) |
There was a problem hiding this comment.
| return xerrors.Errorf("update template version ai task and external agent: %w", err) | |
| return xerrors.Errorf("update template version flags: %w", err) |
| }); err != nil { | ||
| return xerrors.Errorf("update workspace build ai tasks flag: %w", err) | ||
| return xerrors.Errorf("update workspace build ai tasks and external agent flag: %w", err) |
There was a problem hiding this comment.
| return xerrors.Errorf("update workspace build ai tasks and external agent flag: %w", err) | |
| return xerrors.Errorf("update workspace build flags: %w", err) |
| HasAITask: parser.NullableBoolean(values, sql.NullBool{}, "has-ai-task"), | ||
| AuthorID: parser.UUID(values, uuid.Nil, "author_id"), | ||
| AuthorUsername: parser.String(values, "", "author"), | ||
| HasExternalAgent: parser.NullableBoolean(values, sql.NullBool{}, "has-external-agent"), |
There was a problem hiding this comment.
This mixes - and _. I know has-ai-task uses dashes, but it probably needs to be changed to underscores...
| @@ -943,6 +952,18 @@ func (api *API) CheckBuildUsage(ctx context.Context, store database.Store, templ | |||
| // When there are no licenses installed, a noop usage checker is used | |||
| // instead. | |||
There was a problem hiding this comment.
Dude to this comment above (and the entitlements code in the function above), external agents won't be blocked if there are no licenses installed (e.g. an enterprise build in free mode). Is that what you want? If it's not, I can walk you through a few changes to fix this.
| return | ||
| } | ||
|
|
||
| initScriptURL := fmt.Sprintf("%s/api/v2/init-script/%s/%s", api.AccessURL.String(), agent.OperatingSystem, agent.Architecture) |
There was a problem hiding this comment.
Judging by the code, it seems every agent that doesn't use instance identity could be used on this endpoint and successfully return the agent token. This probably should only return a value for agents that are actually marked as external.
There was a problem hiding this comment.
Could you perhaps pull all the build resources and check if the agent is a child of the external agent resource?
There was a problem hiding this comment.
Should also add 404 tests for non-external agents after fixing this
This pull request introduces support for external workspace management, allowing users to register and manage workspaces that are provisioned and managed outside of the Coder.
Depends on: coder/terraform-provider-coder#424