Skip to content

Commit 228cbec

Browse files
f0sselEmyrk
f0ssel
and
Emyrk
authored
fix: stop updating agent stats from deleted workspaces (#11026)
Co-authored-by: Steven Masley <stevenmasley@gmail.com>
1 parent 1e349f0 commit 228cbec

File tree

6 files changed

+74
-6
lines changed

6 files changed

+74
-6
lines changed

coderd/coderdtest/coderdtest.go

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -619,11 +619,15 @@ func CreateAnotherUserMutators(t testing.TB, client *codersdk.Client, organizati
619619
}
620620

621621
// AuthzUserSubject does not include the user's groups.
622-
func AuthzUserSubject(user codersdk.User) rbac.Subject {
622+
func AuthzUserSubject(user codersdk.User, orgID uuid.UUID) rbac.Subject {
623623
roles := make(rbac.RoleNames, 0, len(user.Roles))
624+
// Member role is always implied
625+
roles = append(roles, rbac.RoleMember())
624626
for _, r := range user.Roles {
625627
roles = append(roles, r.Name)
626628
}
629+
// We assume only 1 org exists
630+
roles = append(roles, rbac.RoleOrgMember(orgID))
627631

628632
return rbac.Subject{
629633
ID: user.ID.String(),

coderd/database/dbmem/dbmem.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3762,6 +3762,9 @@ func (q *FakeQuerier) GetWorkspaceAgentAndOwnerByAuthToken(_ context.Context, au
37623762
if build.WorkspaceID != ws.ID {
37633763
continue
37643764
}
3765+
if ws.Deleted {
3766+
continue
3767+
}
37653768
var row database.GetWorkspaceAgentAndOwnerByAuthTokenRow
37663769
row.WorkspaceID = ws.ID
37673770
usr, err := q.getUserByIDNoLock(ws.OwnerID)

coderd/database/queries.sql.go

Lines changed: 3 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/queries/workspaceagents.sql

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -252,9 +252,10 @@ FROM users
252252
WHERE
253253
-- TODO: we can add more conditions here, such as:
254254
-- 1) The user must be active
255-
-- 2) The user must not be deleted
256-
-- 3) The workspace must be running
255+
-- 2) The workspace must be running
257256
workspace_agents.auth_token = @auth_token
257+
AND
258+
workspaces.deleted = FALSE
258259
GROUP BY
259260
workspace_agents.id,
260261
workspaces.id,

coderd/templates_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -560,7 +560,7 @@ func TestPatchTemplateMeta(t *testing.T) {
560560
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
561561
defer cancel()
562562
// nolint:gocritic // Setting up unit test data
563-
err := db.UpdateTemplateAccessControlByID(dbauthz.As(ctx, coderdtest.AuthzUserSubject(tplAdmin)), database.UpdateTemplateAccessControlByIDParams{
563+
err := db.UpdateTemplateAccessControlByID(dbauthz.As(ctx, coderdtest.AuthzUserSubject(tplAdmin, user.OrganizationID)), database.UpdateTemplateAccessControlByIDParams{
564564
ID: template.ID,
565565
RequireActiveVersion: false,
566566
Deprecated: "Some deprecated message",

coderd/workspaceagents_test.go

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,10 +26,12 @@ import (
2626
"github.com/coder/coder/v2/coderd"
2727
"github.com/coder/coder/v2/coderd/coderdtest"
2828
"github.com/coder/coder/v2/coderd/database"
29+
"github.com/coder/coder/v2/coderd/database/dbauthz"
2930
"github.com/coder/coder/v2/coderd/database/dbfake"
3031
"github.com/coder/coder/v2/coderd/database/dbmem"
3132
"github.com/coder/coder/v2/coderd/database/dbtime"
3233
"github.com/coder/coder/v2/coderd/database/pubsub"
34+
"github.com/coder/coder/v2/coderd/rbac"
3335
"github.com/coder/coder/v2/codersdk"
3436
"github.com/coder/coder/v2/codersdk/agentsdk"
3537
"github.com/coder/coder/v2/provisioner/echo"
@@ -876,6 +878,63 @@ func TestWorkspaceAgentReportStats(t *testing.T) {
876878
"%s is not after %s", newWorkspace.LastUsedAt, r.Workspace.LastUsedAt,
877879
)
878880
})
881+
882+
t.Run("FailDeleted", func(t *testing.T) {
883+
t.Parallel()
884+
885+
owner, db := coderdtest.NewWithDatabase(t, nil)
886+
ownerUser := coderdtest.CreateFirstUser(t, owner)
887+
client, admin := coderdtest.CreateAnotherUser(t, owner, ownerUser.OrganizationID, rbac.RoleTemplateAdmin(), rbac.RoleUserAdmin())
888+
r := dbfake.WorkspaceBuild(t, db, database.Workspace{
889+
OrganizationID: admin.OrganizationIDs[0],
890+
OwnerID: admin.ID,
891+
}).WithAgent().Do()
892+
893+
agentClient := agentsdk.New(client.URL)
894+
agentClient.SetSessionToken(r.AgentToken)
895+
896+
_, err := agentClient.PostStats(context.Background(), &agentsdk.Stats{
897+
ConnectionsByProto: map[string]int64{"TCP": 1},
898+
ConnectionCount: 1,
899+
RxPackets: 1,
900+
RxBytes: 1,
901+
TxPackets: 1,
902+
TxBytes: 1,
903+
SessionCountVSCode: 0,
904+
SessionCountJetBrains: 0,
905+
SessionCountReconnectingPTY: 0,
906+
SessionCountSSH: 0,
907+
ConnectionMedianLatencyMS: 10,
908+
})
909+
require.NoError(t, err)
910+
911+
newWorkspace, err := client.Workspace(context.Background(), r.Workspace.ID)
912+
require.NoError(t, err)
913+
914+
// nolint:gocritic // using db directly over creating a delete job
915+
err = db.UpdateWorkspaceDeletedByID(dbauthz.As(context.Background(),
916+
coderdtest.AuthzUserSubject(admin, ownerUser.OrganizationID)),
917+
database.UpdateWorkspaceDeletedByIDParams{
918+
ID: newWorkspace.ID,
919+
Deleted: true,
920+
})
921+
require.NoError(t, err)
922+
923+
_, err = agentClient.PostStats(context.Background(), &agentsdk.Stats{
924+
ConnectionsByProto: map[string]int64{"TCP": 1},
925+
ConnectionCount: 1,
926+
RxPackets: 1,
927+
RxBytes: 1,
928+
TxPackets: 1,
929+
TxBytes: 1,
930+
SessionCountVSCode: 1,
931+
SessionCountJetBrains: 0,
932+
SessionCountReconnectingPTY: 0,
933+
SessionCountSSH: 0,
934+
ConnectionMedianLatencyMS: 10,
935+
})
936+
require.ErrorContains(t, err, "agent is invalid")
937+
})
879938
}
880939

881940
func TestWorkspaceAgent_LifecycleState(t *testing.T) {

0 commit comments

Comments
 (0)