coder
diff --git a/‎.vscode/settings.json
Lines changed: 3 additions & 0 deletions b/‎.vscode/settings.json
Lines changed: 3 additions & 0 deletions
diff --git a/‎Makefile
Lines changed: 7 additions & 0 deletions b/‎Makefile
Lines changed: 7 additions & 0 deletions
diff --git a/‎coderd/apidoc/docs.go
Lines changed: 1 addition & 5 deletions b/‎coderd/apidoc/docs.go
Lines changed: 1 addition & 5 deletions
diff --git a/‎coderd/apidoc/swagger.json
Lines changed: 1 addition & 5 deletions b/‎coderd/apidoc/swagger.json
Lines changed: 1 addition & 5 deletions
diff --git a/‎coderd/audit.go
Lines changed: 0 additions & 2 deletions b/‎coderd/audit.go
Lines changed: 0 additions & 2 deletions
diff --git a/‎coderd/audit/diff.go
Lines changed: 0 additions & 2 deletions b/‎coderd/audit/diff.go
Lines changed: 0 additions & 2 deletions
diff --git a/‎coderd/audit/request.go
Lines changed: 0 additions & 6 deletions b/‎coderd/audit/request.go
Lines changed: 0 additions & 6 deletions
diff --git a/‎coderd/workspaceagents.go
Lines changed: 14 additions & 6 deletions b/‎coderd/workspaceagents.go
Lines changed: 14 additions & 6 deletions
diff --git a/‎codersdk/audit.go
Lines changed: 1 addition & 4 deletions b/‎codersdk/audit.go
Lines changed: 1 addition & 4 deletions
diff --git a/‎docs/admin/audit-logs.md
Lines changed: 17 additions & 9 deletions b/‎docs/admin/audit-logs.md
Lines changed: 17 additions & 9 deletions
diff --git a/‎docs/api/audit.md
Lines changed: 2 additions & 2 deletions b/‎docs/api/audit.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎docs/api/schemas.md
Lines changed: 5 additions & 8 deletions b/‎docs/api/schemas.md
Lines changed: 5 additions & 8 deletions
@@ -3,6 +3,7 @@
     "afero",
     "apps",
     "ASKPASS",
+    "autostop",
     "awsidentity",
     "bodyclose",
     "buildinfo",
@@ -117,6 +118,7 @@
     "tailnet",
     "tailnettest",
     "Tailscale",
+    "tbody",
     "TCGETS",
     "tcpip",
     "TCSETS",
@@ -128,6 +130,7 @@
     "tfjson",
     "tfplan",
     "tfstate",
+    "thead",
     "tios",
     "tmpdir",
     "tparallel",
 
@@ -418,6 +418,7 @@ gen: \
 	provisionerd/proto/provisionerd.pb.go \
 	site/src/api/typesGenerated.ts \
 	docs/admin/prometheus.md \
+	docs/admin/audit-logs.md \
 	coderd/apidoc/swagger.json \
 	.prettierignore.include \
 	.prettierignore \
@@ -436,6 +437,7 @@ gen/mark-fresh:
 		provisionerd/proto/provisionerd.pb.go \
 		site/src/api/typesGenerated.ts \
 		docs/admin/prometheus.md \
+		docs/admin/audit-logs.md \
 		coderd/apidoc/swagger.json \
 		.prettierignore.include \
 		.prettierignore \
@@ -490,6 +492,11 @@ docs/admin/prometheus.md: scripts/metricsdocgen/main.go scripts/metricsdocgen/me
 	cd site
 	yarn run format:write:only ../docs/admin/prometheus.md
 
+docs/admin/audit-logs.md: scripts/auditdocgen/main.go enterprise/audit/table.go
+	go run scripts/auditdocgen/main.go
+	cd site
+	yarn run format:write:only ../docs/admin/audit-logs.md
+
 coderd/apidoc/swagger.json: $(shell find ./scripts/apidocgen $(FIND_EXCLUSIONS) -type f) $(wildcard coderd/*.go) $(wildcard enterprise/coderd/*.go) $(wildcard codersdk/*.go) .swaggo docs/manifest.json
 	./scripts/apidocgen/generate.sh
 	yarn run --cwd=site format:write:only ../docs/api ../docs/manifest.json ../coderd/apidoc/swagger.json
 
@@ -452,8 +452,6 @@ func auditSearchQuery(query string) (database.GetAuditLogsOffsetParams, []coders
 
 func resourceTypeFromString(resourceTypeString string) string {
 	switch codersdk.ResourceType(resourceTypeString) {
-	case codersdk.ResourceTypeOrganization:
-		return resourceTypeString
 	case codersdk.ResourceTypeTemplate:
 		return resourceTypeString
 	case codersdk.ResourceTypeTemplateVersion:
 
@@ -9,8 +9,6 @@ import (
 // AuditableResources, then add it to this interface.
 type Auditable interface {
 	database.APIKey |
-		database.Organization |
-		database.OrganizationMember |
 		database.Template |
 		database.TemplateVersion |
 		database.User |
 
@@ -49,8 +49,6 @@ type BuildAuditParams[T Auditable] struct {
 
 func ResourceTarget[T Auditable](tgt T) string {
 	switch typed := any(tgt).(type) {
-	case database.Organization:
-		return typed.Name
 	case database.Template:
 		return typed.Name
 	case database.TemplateVersion:
@@ -73,8 +71,6 @@ func ResourceTarget[T Auditable](tgt T) string {
 
 func ResourceID[T Auditable](tgt T) uuid.UUID {
 	switch typed := any(tgt).(type) {
-	case database.Organization:
-		return typed.ID
 	case database.Template:
 		return typed.ID
 	case database.TemplateVersion:
@@ -96,8 +92,6 @@ func ResourceID[T Auditable](tgt T) uuid.UUID {
 
 func ResourceType[T Auditable](tgt T) database.ResourceType {
 	switch any(tgt).(type) {
-	case database.Organization:
-		return database.ResourceTypeOrganization
 	case database.Template:
 		return database.ResourceTypeTemplate
 	case database.TemplateVersion:
 
@@ -402,11 +402,6 @@ func (api *API) workspaceAgentListeningPorts(rw http.ResponseWriter, r *http.Req
 
 func (api *API) dialWorkspaceAgentTailnet(r *http.Request, agentID uuid.UUID) (*codersdk.AgentConn, error) {
 	clientConn, serverConn := net.Pipe()
-	go func() {
-		<-r.Context().Done()
-		_ = clientConn.Close()
-		_ = serverConn.Close()
-	}()
 
 	derpMap := api.DERPMap.Clone()
 	for _, region := range derpMap.Regions {
@@ -453,7 +448,16 @@ func (api *API) dialWorkspaceAgentTailnet(r *http.Request, agentID uuid.UUID) (*
 	}
 
 	sendNodes, _ := tailnet.ServeCoordinator(clientConn, func(node []*tailnet.Node) error {
-		return conn.UpdateNodes(node)
+		err := conn.RemoveAllPeers()
+		if err != nil {
+			return xerrors.Errorf("remove all peers: %w", err)
+		}
+
+		err = conn.UpdateNodes(node)
+		if err != nil {
+			return xerrors.Errorf("update nodes: %w", err)
+		}
+		return nil
 	})
 	conn.SetNodeCallback(sendNodes)
 	go func() {
@@ -465,6 +469,10 @@ func (api *API) dialWorkspaceAgentTailnet(r *http.Request, agentID uuid.UUID) (*
 	}()
 	return &codersdk.AgentConn{
 		Conn: conn,
+		CloseFunc: func() {
+			_ = clientConn.Close()
+			_ = serverConn.Close()
+		},
 	}, nil
 }
 
 
@@ -14,7 +14,6 @@ import (
 type ResourceType string
 
 const (
-	ResourceTypeOrganization    ResourceType = "organization"
 	ResourceTypeTemplate        ResourceType = "template"
 	ResourceTypeTemplateVersion ResourceType = "template_version"
 	ResourceTypeUser            ResourceType = "user"
@@ -27,8 +26,6 @@ const (
 
 func (r ResourceType) FriendlyString() string {
 	switch r {
-	case ResourceTypeOrganization:
-		return "organization"
 	case ResourceTypeTemplate:
 		return "template"
 	case ResourceTypeTemplateVersion:
@@ -122,7 +119,7 @@ type AuditLogResponse struct {
 
 type CreateTestAuditLogRequest struct {
 	Action       AuditAction  `json:"action,omitempty" enums:"create,write,delete,start,stop"`
-	ResourceType ResourceType `json:"resource_type,omitempty" enums:"organization,template,template_version,user,workspace,workspace_build,git_ssh_key,api_key,group"`
+	ResourceType ResourceType `json:"resource_type,omitempty" enums:"template,template_version,user,workspace,workspace_build,git_ssh_key,auditable_group"`
 	ResourceID   uuid.UUID    `json:"resource_id,omitempty" format:"uuid"`
 	Time         time.Time    `json:"time,omitempty" format:"date-time"`
 	BuildReason  BuildReason  `json:"build_reason,omitempty" enums:"autostart,autostop,initiator"`
 
@@ -5,15 +5,23 @@ their deployment.
 
 ## Tracked Events
 
-We track **create, update and delete** events for the following resources:
-
-- GitSSHKey
-- Template
-- TemplateVersion
-- Workspace
-- WorkspaceBuild
-- User
-- Group
+We track the following resources:
+
+<!-- Code generated by 'make docs/admin/audit-logs.md'. DO NOT EDIT -->
+
+| <b>Resource<b>     |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |
+| ------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| AuditableGroup     | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>avatar_url</td><td>true</td></tr><tr><td>id</td><td>true</td></tr><tr><td>members</td><td>true</td></tr><tr><td>name</td><td>true</td></tr><tr><td>organization_id</td><td>false</td></tr><tr><td>quota_allowance</td><td>true</td></tr></tbody></table>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
+| GitSSHKey          | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>created_at</td><td>false</td></tr><tr><td>private_key</td><td>true</td></tr><tr><td>public_key</td><td>true</td></tr><tr><td>updated_at</td><td>false</td></tr><tr><td>user_id</td><td>true</td></tr></tbody></table>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
+| Organization       | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>created_at</td><td>false</td></tr><tr><td>description</td><td>true</td></tr><tr><td>id</td><td>true</td></tr><tr><td>name</td><td>true</td></tr><tr><td>updated_at</td><td>false</td></tr></tbody></table>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
+| OrganizationMember | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>created_at</td><td>false</td></tr><tr><td>organization_id</td><td>true</td></tr><tr><td>roles</td><td>true</td></tr><tr><td>updated_at</td><td>false</td></tr><tr><td>user_id</td><td>true</td></tr></tbody></table>                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
+| Template           | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>active_version_id</td><td>true</td></tr><tr><td>allow_user_cancel_workspace_jobs</td><td>true</td></tr><tr><td>created_at</td><td>false</td></tr><tr><td>created_by</td><td>true</td></tr><tr><td>default_ttl</td><td>true</td></tr><tr><td>deleted</td><td>false</td></tr><tr><td>description</td><td>true</td></tr><tr><td>display_name</td><td>true</td></tr><tr><td>group_acl</td><td>true</td></tr><tr><td>icon</td><td>true</td></tr><tr><td>id</td><td>true</td></tr><tr><td>is_private</td><td>true</td></tr><tr><td>min_autostart_interval</td><td>true</td></tr><tr><td>name</td><td>true</td></tr><tr><td>organization_id</td><td>false</td></tr><tr><td>provisioner</td><td>true</td></tr><tr><td>updated_at</td><td>false</td></tr><tr><td>user_acl</td><td>true</td></tr></tbody></table> |
+| TemplateVersion    | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>created_at</td><td>false</td></tr><tr><td>created_by</td><td>true</td></tr><tr><td>id</td><td>true</td></tr><tr><td>job_id</td><td>false</td></tr><tr><td>name</td><td>true</td></tr><tr><td>organization_id</td><td>false</td></tr><tr><td>readme</td><td>true</td></tr><tr><td>template_id</td><td>true</td></tr><tr><td>updated_at</td><td>false</td></tr></tbody></table>                                                                                                                                                                                                                                                                                                                                                                                                                           |
+| User               | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>avatar_url</td><td>false</td></tr><tr><td>created_at</td><td>false</td></tr><tr><td>deleted</td><td>true</td></tr><tr><td>email</td><td>true</td></tr><tr><td>hashed_password</td><td>true</td></tr><tr><td>id</td><td>true</td></tr><tr><td>last_seen_at</td><td>false</td></tr><tr><td>login_type</td><td>false</td></tr><tr><td>rbac_roles</td><td>true</td></tr><tr><td>status</td><td>true</td></tr><tr><td>updated_at</td><td>false</td></tr><tr><td>username</td><td>true</td></tr></tbody></table>                                                                                                                                                                                                                                                                                              |
+| Workspace          | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>autostart_schedule</td><td>true</td></tr><tr><td>created_at</td><td>false</td></tr><tr><td>deleted</td><td>false</td></tr><tr><td>id</td><td>true</td></tr><tr><td>last_used_at</td><td>false</td></tr><tr><td>name</td><td>true</td></tr><tr><td>organization_id</td><td>false</td></tr><tr><td>owner_id</td><td>true</td></tr><tr><td>template_id</td><td>true</td></tr><tr><td>ttl</td><td>true</td></tr><tr><td>updated_at</td><td>false</td></tr></tbody></table>                                                                                                                                                                                                                                                                                                                                  |
+| WorkspaceBuild     | <table><thead><tr><th>Field</th><th>Tracked</th></tr></thead><tbody><tr><td>build_number</td><td>false</td></tr><tr><td>created_at</td><td>false</td></tr><tr><td>daily_cost</td><td>false</td></tr><tr><td>deadline</td><td>false</td></tr><tr><td>id</td><td>false</td></tr><tr><td>initiator_id</td><td>false</td></tr><tr><td>job_id</td><td>false</td></tr><tr><td>provisioner_state</td><td>false</td></tr><tr><td>reason</td><td>false</td></tr><tr><td>template_version_id</td><td>true</td></tr><tr><td>transition</td><td>false</td></tr><tr><td>updated_at</td><td>false</td></tr><tr><td>workspace_id</td><td>false</td></tr></tbody></table>                                                                                                                                                                                                                           |
+
+<!-- End generated by 'make docs/admin/audit-logs.md'. -->
 
 ## Filtering logs
 
 
@@ -54,7 +54,7 @@ curl -X GET http://coder-server:8080/api/v2/audit?q=string \
       "resource_id": "4d5215ed-38bb-48ed-879a-fdb9ca58522f",
       "resource_link": "string",
       "resource_target": "string",
-      "resource_type": "organization",
+      "resource_type": "template",
       "status_code": 0,
       "time": "2019-08-24T14:15:22Z",
       "user": {
@@ -108,7 +108,7 @@ curl -X POST http://coder-server:8080/api/v2/audit/testgenerate \
   "action": "create",
   "build_reason": "autostart",
   "resource_id": "4d5215ed-38bb-48ed-879a-fdb9ca58522f",
-  "resource_type": "organization",
+  "resource_type": "template",
   "time": "2019-08-24T14:15:22Z"
 }
 ```
 
@@ -330,7 +330,7 @@
   "resource_id": "4d5215ed-38bb-48ed-879a-fdb9ca58522f",
   "resource_link": "string",
   "resource_target": "string",
-  "resource_type": "organization",
+  "resource_type": "template",
   "status_code": 0,
   "time": "2019-08-24T14:15:22Z",
   "user": {
@@ -406,7 +406,7 @@
       "resource_id": "4d5215ed-38bb-48ed-879a-fdb9ca58522f",
       "resource_link": "string",
       "resource_target": "string",
-      "resource_type": "organization",
+      "resource_type": "template",
       "status_code": 0,
       "time": "2019-08-24T14:15:22Z",
       "user": {
@@ -785,7 +785,7 @@ CreateParameterRequest is a structure used to create a new parameter value for a
   "action": "create",
   "build_reason": "autostart",
   "resource_id": "4d5215ed-38bb-48ed-879a-fdb9ca58522f",
-  "resource_type": "organization",
+  "resource_type": "template",
   "time": "2019-08-24T14:15:22Z"
 }
 ```
@@ -812,15 +812,13 @@ CreateParameterRequest is a structure used to create a new parameter value for a
 | `build_reason`  | `autostart`        |
 | `build_reason`  | `autostop`         |
 | `build_reason`  | `initiator`        |
-| `resource_type` | `organization`     |
 | `resource_type` | `template`         |
 | `resource_type` | `template_version` |
 | `resource_type` | `user`             |
 | `resource_type` | `workspace`        |
 | `resource_type` | `workspace_build`  |
 | `resource_type` | `git_ssh_key`      |
-| `resource_type` | `api_key`          |
-| `resource_type` | `group`            |
+| `resource_type` | `auditable_group`  |
 
 ## codersdk.CreateTokenRequest
 
@@ -3739,7 +3737,7 @@ Parameter represents a set value for the scope.
 ## codersdk.ResourceType
 
 ```json
-"organization"
+"template"
 ```
 
 ### Properties
@@ -3748,7 +3746,6 @@ Parameter represents a set value for the scope.
 
 | Value              |
 | ------------------ |
-| `organization`     |
 | `template`         |
 | `template_version` |
 | `user`             |