coder
diff --git a/‎cli/server.go
Lines changed: 2 additions & 0 deletions b/‎cli/server.go
Lines changed: 2 additions & 0 deletions
diff --git a/‎coderd/apidoc/docs.go
Lines changed: 4 additions & 2 deletions b/‎coderd/apidoc/docs.go
Lines changed: 4 additions & 2 deletions
diff --git a/‎coderd/apidoc/swagger.json
Lines changed: 2 additions & 2 deletions b/‎coderd/apidoc/swagger.json
Lines changed: 2 additions & 2 deletions
diff --git a/‎coderd/coderd.go
Lines changed: 14 additions & 7 deletions b/‎coderd/coderd.go
Lines changed: 14 additions & 7 deletions
diff --git a/‎coderd/database/dbauthz/dbauthz.go
Lines changed: 5 additions & 3 deletions b/‎coderd/database/dbauthz/dbauthz.go
Lines changed: 5 additions & 3 deletions
diff --git a/‎coderd/database/dump.sql
Lines changed: 2 additions & 1 deletion b/‎coderd/database/dump.sql
Lines changed: 2 additions & 1 deletion
diff --git a/‎coderd/database/migrations/000121_provisioner_job_tracing.down.sql
Lines changed: 1 addition & 0 deletions b/‎coderd/database/migrations/000121_provisioner_job_tracing.down.sql
Lines changed: 1 addition & 0 deletions
diff --git a/‎coderd/database/migrations/000121_provisioner_job_tracing.up.sql
Lines changed: 1 addition & 0 deletions b/‎coderd/database/migrations/000121_provisioner_job_tracing.up.sql
Lines changed: 1 addition & 0 deletions
diff --git a/‎coderd/database/models.go
Lines changed: 1 addition & 0 deletions b/‎coderd/database/models.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎coderd/database/queries.sql.go
Lines changed: 14 additions & 6 deletions b/‎coderd/database/queries.sql.go
Lines changed: 14 additions & 6 deletions
diff --git a/‎coderd/database/queries/provisionerjobs.sql
Lines changed: 3 additions & 2 deletions b/‎coderd/database/queries/provisionerjobs.sql
Lines changed: 3 additions & 2 deletions
diff --git a/‎coderd/httpmw/apikey.go
Lines changed: 1 addition & 1 deletion b/‎coderd/httpmw/apikey.go
Lines changed: 1 addition & 1 deletion
diff --git a/‎coderd/httpmw/workspaceagent.go
Lines changed: 1 addition & 1 deletion b/‎coderd/httpmw/workspaceagent.go
Lines changed: 1 addition & 1 deletion
diff --git a/‎coderd/provisionerdserver/provisionerdserver.go
Lines changed: 36 additions & 4 deletions b/‎coderd/provisionerdserver/provisionerdserver.go
Lines changed: 36 additions & 4 deletions
@@ -1185,6 +1185,7 @@ func newProvisionerDaemon(
 		return nil, xerrors.Errorf("mkdir %q: %w", cacheDir, err)
 	}
 
+	tracer := coderAPI.TracerProvider.Tracer(tracing.TracerName)
 	terraformClient, terraformServer := provisionersdk.MemTransportPipe()
 	wg.Add(1)
 	go func() {
@@ -1204,6 +1205,7 @@ func newProvisionerDaemon(
 			},
 			CachePath: cacheDir,
 			Logger:    logger,
+			Tracer:    tracer,
 		})
 		if err != nil && !xerrors.Is(err, context.Canceled) {
 			select {
 
@@ -236,6 +236,9 @@ func New(options *Options) *API {
 	if options.SSHConfig.HostnamePrefix == "" {
 		options.SSHConfig.HostnamePrefix = "coder."
 	}
+	if options.TracerProvider == nil {
+		options.TracerProvider = trace.NewNoopTracerProvider()
+	}
 	if options.SetUserGroups == nil {
 		options.SetUserGroups = func(ctx context.Context, _ database.Store, id uuid.UUID, groups []string) error {
 			options.Logger.Warn(ctx, "attempted to assign OIDC groups without enterprise license",
@@ -898,6 +901,7 @@ func compressHandler(h http.Handler) http.Handler {
 // CreateInMemoryProvisionerDaemon is an in-memory connection to a provisionerd.
 // Useful when starting coderd and provisionerd in the same process.
 func (api *API) CreateInMemoryProvisionerDaemon(ctx context.Context, debounce time.Duration) (client proto.DRPCProvisionerDaemonClient, err error) {
+	tracer := api.TracerProvider.Tracer(tracing.TracerName)
 	clientSession, serverSession := provisionersdk.MemTransportPipe()
 	defer func() {
 		if err != nil {
@@ -937,6 +941,7 @@ func (api *API) CreateInMemoryProvisionerDaemon(ctx context.Context, debounce ti
 		Provisioners:          daemon.Provisioners,
 		GitAuthConfigs:        api.GitAuthConfigs,
 		Telemetry:             api.Telemetry,
+		Tracer:                tracer,
 		Tags:                  tags,
 		QuotaCommitter:        &api.QuotaCommitter,
 		Auditor:               &api.Auditor,
@@ -947,14 +952,16 @@ func (api *API) CreateInMemoryProvisionerDaemon(ctx context.Context, debounce ti
 	if err != nil {
 		return nil, err
 	}
-	server := drpcserver.NewWithOptions(mux, drpcserver.Options{
-		Log: func(err error) {
-			if xerrors.Is(err, io.EOF) {
-				return
-			}
-			api.Logger.Debug(ctx, "drpc server error", slog.Error(err))
+	server := drpcserver.NewWithOptions(&tracing.DRPCHandler{Handler: mux},
+		drpcserver.Options{
+			Log: func(err error) {
+				if xerrors.Is(err, io.EOF) {
+					return
+				}
+				api.Logger.Debug(ctx, "drpc server error", slog.Error(err))
+			},
 		},
-	})
+	)
 	go func() {
 		err := server.Serve(ctx, serverSession)
 		if err != nil && !xerrors.Is(err, io.EOF) {
 
@@ -144,7 +144,8 @@ var (
 			},
 		}),
 		Scope: rbac.ScopeAll,
-	}
+	}.WithCachedASTValue()
+
 	subjectAutostart = rbac.Subject{
 		ID: uuid.Nil.String(),
 		Roles: rbac.Roles([]rbac.Role{
@@ -161,7 +162,8 @@ var (
 			},
 		}),
 		Scope: rbac.ScopeAll,
-	}
+	}.WithCachedASTValue()
+
 	subjectSystemRestricted = rbac.Subject{
 		ID: uuid.Nil.String(),
 		Roles: rbac.Roles([]rbac.Role{
@@ -188,7 +190,7 @@ var (
 			},
 		}),
 		Scope: rbac.ScopeAll,
-	}
+	}.WithCachedASTValue()
 )
 
 // AsProvisionerd returns a context with an actor that has permissions required
 
@@ -0,0 +1 @@
+ALTER TABLE provisioner_jobs DROP COLUMN trace_metadata;
@@ -0,0 +1 @@
+ALTER TABLE provisioner_jobs ADD COLUMN trace_metadata jsonb;
@@ -63,10 +63,11 @@ INSERT INTO
 		file_id,
 		"type",
 		"input",
-		tags
+		tags,
+		trace_metadata
 	)
 VALUES
-	($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11) RETURNING *;
+	($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12) RETURNING *;
 
 -- name: UpdateProvisionerJobByID :exec
 UPDATE
 
@@ -379,7 +379,7 @@ func ExtractAPIKey(rw http.ResponseWriter, r *http.Request, cfg ExtractAPIKeyCon
 			Roles:  rbac.RoleNames(roles.Roles),
 			Groups: roles.Groups,
 			Scope:  rbac.ScopeName(key.Scope),
-		},
+		}.WithCachedASTValue(),
 	}
 
 	return &key, &authz, true
 
@@ -110,5 +110,5 @@ func getAgentSubject(ctx context.Context, db database.Store, agent database.Work
 		Roles:  rbac.RoleNames(roles.Roles),
 		Groups: roles.Groups,
 		Scope:  rbac.WorkspaceAgentScope(workspace.ID, user.ID),
-	}, nil
+	}.WithCachedASTValue(), nil
 }
@@ -17,6 +17,8 @@ import (
 
 	"github.com/google/uuid"
 	"github.com/tabbed/pqtype"
+	semconv "go.opentelemetry.io/otel/semconv/v1.14.0"
+	"go.opentelemetry.io/otel/trace"
 	"golang.org/x/exp/maps"
 	"golang.org/x/exp/slices"
 	"golang.org/x/oauth2"
@@ -33,6 +35,7 @@ import (
 	"github.com/coder/coder/coderd/parameter"
 	"github.com/coder/coder/coderd/schedule"
 	"github.com/coder/coder/coderd/telemetry"
+	"github.com/coder/coder/coderd/tracing"
 	"github.com/coder/coder/codersdk"
 	"github.com/coder/coder/provisioner"
 	"github.com/coder/coder/provisionerd/proto"
@@ -55,6 +58,7 @@ type Server struct {
 	Database              database.Store
 	Pubsub                database.Pubsub
 	Telemetry             telemetry.Reporter
+	Tracer                trace.Tracer
 	QuotaCommitter        *atomic.Pointer[proto.QuotaCommitter]
 	Auditor               *atomic.Pointer[audit.Auditor]
 	TemplateScheduleStore *atomic.Pointer[schedule.TemplateScheduleStore]
@@ -129,12 +133,22 @@ func (server *Server) AcquireJob(ctx context.Context, _ *proto.Empty) (*proto.Ac
 		return nil, failJob(fmt.Sprintf("get user: %s", err))
 	}
 
+	jobTraceMetadata := map[string]string{}
+	if job.TraceMetadata.Valid {
+		err := json.Unmarshal(job.TraceMetadata.RawMessage, &jobTraceMetadata)
+		if err != nil {
+			return nil, failJob(fmt.Sprintf("unmarshal metadata: %s", err))
+		}
+	}
+
 	protoJob := &proto.AcquiredJob{
-		JobId:       job.ID.String(),
-		CreatedAt:   job.CreatedAt.UnixMilli(),
-		Provisioner: string(job.Provisioner),
-		UserName:    user.Username,
+		JobId:         job.ID.String(),
+		CreatedAt:     job.CreatedAt.UnixMilli(),
+		Provisioner:   string(job.Provisioner),
+		UserName:      user.Username,
+		TraceMetadata: jobTraceMetadata,
 	}
+
 	switch job.Type {
 	case database.ProvisionerJobTypeWorkspaceBuild:
 		var input WorkspaceProvisionJob
@@ -411,6 +425,9 @@ func (server *Server) includeLastVariableValues(ctx context.Context, templateVer
 }
 
 func (server *Server) CommitQuota(ctx context.Context, request *proto.CommitQuotaRequest) (*proto.CommitQuotaResponse, error) {
+	ctx, span := server.startTrace(ctx, tracing.FuncName())
+	defer span.End()
+
 	//nolint:gocritic // Provisionerd has specific authz rules.
 	ctx = dbauthz.AsProvisionerd(ctx)
 	jobID, err := uuid.Parse(request.JobId)
@@ -442,6 +459,9 @@ func (server *Server) CommitQuota(ctx context.Context, request *proto.CommitQuot
 }
 
 func (server *Server) UpdateJob(ctx context.Context, request *proto.UpdateJobRequest) (*proto.UpdateJobResponse, error) {
+	ctx, span := server.startTrace(ctx, tracing.FuncName())
+	defer span.End()
+
 	//nolint:gocritic // Provisionerd has specific authz rules.
 	ctx = dbauthz.AsProvisionerd(ctx)
 	parsedID, err := uuid.Parse(request.JobId)
@@ -671,6 +691,9 @@ func (server *Server) UpdateJob(ctx context.Context, request *proto.UpdateJobReq
 }
 
 func (server *Server) FailJob(ctx context.Context, failJob *proto.FailedJob) (*proto.Empty, error) {
+	ctx, span := server.startTrace(ctx, tracing.FuncName())
+	defer span.End()
+
 	//nolint:gocritic // Provisionerd has specific authz rules.
 	ctx = dbauthz.AsProvisionerd(ctx)
 	jobID, err := uuid.Parse(failJob.JobId)
@@ -822,6 +845,9 @@ func (server *Server) FailJob(ctx context.Context, failJob *proto.FailedJob) (*p
 //
 //nolint:gocyclo
 func (server *Server) CompleteJob(ctx context.Context, completed *proto.CompletedJob) (*proto.Empty, error) {
+	ctx, span := server.startTrace(ctx, tracing.FuncName())
+	defer span.End()
+
 	//nolint:gocritic // Provisionerd has specific authz rules.
 	ctx = dbauthz.AsProvisionerd(ctx)
 	jobID, err := uuid.Parse(completed.JobId)
@@ -1192,6 +1218,12 @@ func (server *Server) CompleteJob(ctx context.Context, completed *proto.Complete
 	return &proto.Empty{}, nil
 }
 
+func (server *Server) startTrace(ctx context.Context, name string, opts ...trace.SpanStartOption) (context.Context, trace.Span) {
+	return server.Tracer.Start(ctx, name, append(opts, trace.WithAttributes(
+		semconv.ServiceNameKey.String("coderd.provisionerd"),
+	))...)
+}
+
 func InsertWorkspaceResource(ctx context.Context, db database.Store, jobID uuid.UUID, transition database.WorkspaceTransition, protoResource *sdkproto.Resource, snapshot *telemetry.Snapshot) error {
 	resource, err := db.InsertWorkspaceResource(ctx, database.InsertWorkspaceResourceParams{
 		ID:         uuid.New(),
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+ALTER TABLE provisioner_jobs DROP COLUMN trace_metadata;`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+ALTER TABLE provisioner_jobs ADD COLUMN trace_metadata jsonb;`
Original file line number	Diff line number	Diff line change
`@@ -379,7 +379,7 @@ func ExtractAPIKey(rw http.ResponseWriter, r *http.Request, cfg ExtractAPIKeyCon`
`379`	`379`	`Roles: rbac.RoleNames(roles.Roles),`
`380`	`380`	`Groups: roles.Groups,`
`381`	`381`	`Scope: rbac.ScopeName(key.Scope),`
`382`		`- },`
	`382`	`+ }.WithCachedASTValue(),`
`383`	`383`	`}`
`384`	`384`
`385`	`385`	`return &key, &authz, true`
Original file line number	Diff line number	Diff line change
`@@ -110,5 +110,5 @@ func getAgentSubject(ctx context.Context, db database.Store, agent database.Work`
`110`	`110`	`Roles: rbac.RoleNames(roles.Roles),`
`111`	`111`	`Groups: roles.Groups,`
`112`	`112`	`Scope: rbac.WorkspaceAgentScope(workspace.ID, user.ID),`
`113`		`- }, nil`
	`113`	`+ }.WithCachedASTValue(), nil`
`114`	`114`	`}`