coder
diff --git a/‎.github/workflows/ci.yaml
Lines changed: 1 addition & 0 deletions b/‎.github/workflows/ci.yaml
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/workflows/security.yaml
Lines changed: 1 addition & 11 deletions b/‎.github/workflows/security.yaml
Lines changed: 1 addition & 11 deletions
diff --git a/‎coderd/database/migrations/000270_template_deprecation_notification.down.sql
Lines changed: 1 addition & 0 deletions b/‎coderd/database/migrations/000270_template_deprecation_notification.down.sql
Lines changed: 1 addition & 0 deletions
diff --git a/‎coderd/database/migrations/000270_template_deprecation_notification.up.sql
Lines changed: 22 additions & 0 deletions b/‎coderd/database/migrations/000270_template_deprecation_notification.up.sql
Lines changed: 22 additions & 0 deletions
diff --git a/‎coderd/httpapi/websocket.go
Lines changed: 20 additions & 3 deletions b/‎coderd/httpapi/websocket.go
Lines changed: 20 additions & 3 deletions
diff --git a/‎coderd/notifications/events.go
Lines changed: 2 additions & 1 deletion b/‎coderd/notifications/events.go
Lines changed: 2 additions & 1 deletion
diff --git a/‎coderd/notifications/fetcher.go
Lines changed: 0 additions & 4 deletions b/‎coderd/notifications/fetcher.go
Lines changed: 0 additions & 4 deletions
diff --git a/‎coderd/notifications/notifications_test.go
Lines changed: 14 additions & 0 deletions b/‎coderd/notifications/notifications_test.go
Lines changed: 14 additions & 0 deletions
diff --git a/‎coderd/notifications/notifier.go
Lines changed: 24 additions & 4 deletions b/‎coderd/notifications/notifier.go
Lines changed: 24 additions & 4 deletions
diff --git a/‎coderd/notifications/testdata/rendered-templates/smtp/TemplateTemplateDeprecated.html.golden
Lines changed: 98 additions & 0 deletions b/‎coderd/notifications/testdata/rendered-templates/smtp/TemplateTemplateDeprecated.html.golden
Lines changed: 98 additions & 0 deletions
diff --git a/‎coderd/notifications/testdata/rendered-templates/webhook/TemplateTemplateDeprecated.json.golden
Lines changed: 33 additions & 0 deletions b/‎coderd/notifications/testdata/rendered-templates/webhook/TemplateTemplateDeprecated.json.golden
Lines changed: 33 additions & 0 deletions
@@ -90,6 +90,7 @@ jobs:
               - "coderd/**"
               - "enterprise/**"
               - "examples/*"
+              - "helm/**"
               - "provisioner/**"
               - "provisionerd/**"
               - "provisionersdk/**"
 
@@ -96,7 +96,7 @@ jobs:
           # version in the comments will differ. This is also defined in
           # ci.yaml.
           set -x
-          cd dogfood
+          cd dogfood/contents
           DOCKER_BUILDKIT=1 docker build . --target proto -t protoc
           protoc_path=/usr/local/bin/protoc
           docker run --rm --entrypoint cat protoc /tmp/bin/protoc > $protoc_path
@@ -144,16 +144,6 @@ jobs:
           path: trivy-results.sarif
           retention-days: 7
 
-      # Prisma cloud scan runs last because it fails the entire job if it
-      # detects vulnerabilities. :|
-      - name: Run Prisma Cloud image scan
-        uses: PaloAltoNetworks/prisma-cloud-scan@124b48d8325c23f58a35da0f1b4d9a6b54301d05 # v1.6.7
-        with:
-          pcc_console_url: ${{ secrets.PRISMA_CLOUD_URL }}
-          pcc_user: ${{ secrets.PRISMA_CLOUD_ACCESS_KEY }}
-          pcc_pass: ${{ secrets.PRISMA_CLOUD_SECRET_KEY }}
-          image_name: ${{ steps.build.outputs.image }}
-
       - name: Send Slack notification on failure
         if: ${{ failure() }}
         run: |
 
@@ -0,0 +1 @@
+DELETE FROM notification_templates WHERE id = 'f40fae84-55a2-42cd-99fa-b41c1ca64894';
@@ -0,0 +1,22 @@
+INSERT INTO notification_templates
+	(id, name, title_template, body_template, "group", actions)
+VALUES (
+	'f40fae84-55a2-42cd-99fa-b41c1ca64894',
+	'Template Deprecated',
+	E'Template ''{{.Labels.template}}'' has been deprecated',
+    E'Hello {{.UserName}},\n\n'||
+		E'The template **{{.Labels.template}}** has been deprecated with the following message:\n\n' ||
+		E'**{{.Labels.message}}**\n\n' ||
+		E'New workspaces may not be created from this template. Existing workspaces will continue to function normally.',
+    'Template Events',
+	'[
+		{
+			"label": "See affected workspaces",
+			"url": "{{base_url}}/workspaces?filter=owner%3Ame+template%3A{{.Labels.template}}"
+		},
+		{
+			"label": "View template",
+			"url": "{{base_url}}/templates/{{.Labels.organization}}/{{.Labels.template}}"
+		}
+	]'::jsonb
+);
@@ -2,8 +2,10 @@ package httpapi
 
 import (
 	"context"
+	"errors"
 	"time"
 
+	"golang.org/x/xerrors"
 	"nhooyr.io/websocket"
 
 	"cdr.dev/slog"
@@ -31,7 +33,8 @@ func Heartbeat(ctx context.Context, conn *websocket.Conn) {
 // Heartbeat loops to ping a WebSocket to keep it alive. It calls `exit` on ping
 // failure.
 func HeartbeatClose(ctx context.Context, logger slog.Logger, exit func(), conn *websocket.Conn) {
-	ticker := time.NewTicker(15 * time.Second)
+	interval := 15 * time.Second
+	ticker := time.NewTicker(interval)
 	defer ticker.Stop()
 
 	for {
@@ -40,12 +43,26 @@ func HeartbeatClose(ctx context.Context, logger slog.Logger, exit func(), conn *
 			return
 		case <-ticker.C:
 		}
-		err := conn.Ping(ctx)
+		err := pingWithTimeout(ctx, conn, interval)
 		if err != nil {
+			// context.DeadlineExceeded is expected when the client disconnects without sending a close frame
+			if !errors.Is(err, context.DeadlineExceeded) {
+				logger.Error(ctx, "failed to heartbeat ping", slog.Error(err))
+			}
 			_ = conn.Close(websocket.StatusGoingAway, "Ping failed")
-			logger.Info(ctx, "failed to heartbeat ping", slog.Error(err))
 			exit()
 			return
 		}
 	}
 }
+
+func pingWithTimeout(ctx context.Context, conn *websocket.Conn, timeout time.Duration) error {
+	ctx, cancel := context.WithTimeout(ctx, timeout)
+	defer cancel()
+	err := conn.Ping(ctx)
+	if err != nil {
+		return xerrors.Errorf("failed to ping: %w", err)
+	}
+
+	return nil
+}
@@ -30,7 +30,8 @@ var (
 
 // Template-related events.
 var (
-	TemplateTemplateDeleted = uuid.MustParse("29a09665-2a4c-403f-9648-54301670e7be")
+	TemplateTemplateDeleted    = uuid.MustParse("29a09665-2a4c-403f-9648-54301670e7be")
+	TemplateTemplateDeprecated = uuid.MustParse("f40fae84-55a2-42cd-99fa-b41c1ca64894")
 
 	TemplateWorkspaceBuildsFailedReport = uuid.MustParse("34a20db2-e9cc-4a93-b0e4-8569699d7a00")
 )
@@ -7,19 +7,15 @@ import (
 	"text/template"
 
 	"golang.org/x/xerrors"
-
-	"cdr.dev/slog"
 )
 
 func (n *notifier) fetchHelpers(ctx context.Context) (map[string]any, error) {
 	appName, err := n.fetchAppName(ctx)
 	if err != nil {
-		n.log.Error(ctx, "failed to fetch app name", slog.Error(err))
 		return nil, xerrors.Errorf("fetch app name: %w", err)
 	}
 	logoURL, err := n.fetchLogoURL(ctx)
 	if err != nil {
-		n.log.Error(ctx, "failed to fetch logo URL", slog.Error(err))
 		return nil, xerrors.Errorf("fetch logo URL: %w", err)
 	}
 
 
@@ -1021,6 +1021,20 @@ func TestNotificationTemplates_Golden(t *testing.T) {
 			appName: "Custom Application Name",
 			logoURL: "https://custom.application/logo.png",
 		},
+		{
+			name: "TemplateTemplateDeprecated",
+			id:   notifications.TemplateTemplateDeprecated,
+			payload: types.MessagePayload{
+				UserName:     "Bobby",
+				UserEmail:    "bobby@coder.com",
+				UserUsername: "bobby",
+				Labels: map[string]string{
+					"template":     "alpha",
+					"message":      "This template has been replaced by beta",
+					"organization": "coder",
+				},
+			},
+		},
 	}
 
 	// We must have a test case for every notification_template. This is enforced below:
 
@@ -3,6 +3,7 @@ package notifications
 import (
 	"context"
 	"encoding/json"
+	"fmt"
 	"sync"
 	"text/template"
 
@@ -27,7 +28,22 @@ const (
 	notificationsDefaultAppName = "Coder"
 )
 
-var errDecorateHelpersFailed = xerrors.New("failed to decorate helpers")
+type decorateHelpersError struct {
+	inner error
+}
+
+func (e decorateHelpersError) Error() string {
+	return fmt.Sprintf("failed to decorate helpers: %s", e.inner.Error())
+}
+
+func (e decorateHelpersError) Unwrap() error {
+	return e.inner
+}
+
+func (decorateHelpersError) Is(other error) bool {
+	_, ok := other.(decorateHelpersError)
+	return ok
+}
 
 // notifier is a consumer of the notifications_messages queue. It dequeues messages from that table and processes them
 // through a pipeline of fetch -> prepare -> render -> acquire handler -> deliver.
@@ -164,8 +180,12 @@ func (n *notifier) process(ctx context.Context, success chan<- dispatchResult, f
 		// A message failing to be prepared correctly should not affect other messages.
 		deliverFn, err := n.prepare(ctx, msg)
 		if err != nil {
-			n.log.Warn(ctx, "dispatcher construction failed", slog.F("msg_id", msg.ID), slog.Error(err))
-			failure <- n.newFailedDispatch(msg, err, xerrors.Is(err, errDecorateHelpersFailed))
+			if database.IsQueryCanceledError(err) {
+				n.log.Debug(ctx, "dispatcher construction canceled", slog.F("msg_id", msg.ID), slog.Error(err))
+			} else {
+				n.log.Error(ctx, "dispatcher construction failed", slog.F("msg_id", msg.ID), slog.Error(err))
+			}
+			failure <- n.newFailedDispatch(msg, err, xerrors.Is(err, decorateHelpersError{}))
 			n.metrics.PendingUpdates.Set(float64(len(success) + len(failure)))
 			continue
 		}
@@ -226,7 +246,7 @@ func (n *notifier) prepare(ctx context.Context, msg database.AcquireNotification
 
 	helpers, err := n.fetchHelpers(ctx)
 	if err != nil {
-		return nil, errDecorateHelpersFailed
+		return nil, decorateHelpersError{err}
 	}
 
 	var title, body string
 
@@ -0,0 +1,98 @@
+From: system@coder.com
+To: bobby@coder.com
+Subject: Template 'alpha' has been deprecated
+Message-Id: 02ee4935-73be-4fa1-a290-ff9999026b13@blush-whale-48
+Date: Fri, 11 Oct 2024 09:03:06 +0000
+Content-Type: multipart/alternative;  boundary=bbe61b741255b6098bb6b3c1f41b885773df633cb18d2a3002b68e4bc9c4
+MIME-Version: 1.0
+
+--bbe61b741255b6098bb6b3c1f41b885773df633cb18d2a3002b68e4bc9c4
+Content-Transfer-Encoding: quoted-printable
+Content-Type: text/plain; charset=UTF-8
+
+Hello Bobby,
+
+The template alpha has been deprecated with the following message:
+
+This template has been replaced by beta
+
+New workspaces may not be created from this template. Existing workspaces w=
+ill continue to function normally.
+
+
+See affected workspaces: http://test.com/workspaces?filter=3Downer%3Ame+tem=
+plate%3Aalpha
+
+View template: http://test.com/templates/coder/alpha
+
+--bbe61b741255b6098bb6b3c1f41b885773df633cb18d2a3002b68e4bc9c4
+Content-Transfer-Encoding: quoted-printable
+Content-Type: text/html; charset=UTF-8
+
+<!doctype html>
+<html lang=3D"en">
+  <head>
+    <meta charset=3D"UTF-8" />
+    <meta name=3D"viewport" content=3D"width=3Ddevice-width, initial-scale=
+=3D1.0" />
+    <title>Template 'alpha' has been deprecated</title>
+  </head>
+  <body style=3D"margin: 0; padding: 0; font-family: -apple-system, system-=
+ui, BlinkMacSystemFont, 'Segoe UI', 'Roboto', 'Oxygen', 'Ubuntu', 'Cantarel=
+l', 'Fira Sans', 'Droid Sans', 'Helvetica Neue', sans-serif; color: #020617=
+; background: #f8fafc;">
+    <div style=3D"max-width: 600px; margin: 20px auto; padding: 60px; borde=
+r: 1px solid #e2e8f0; border-radius: 8px; background-color: #fff; text-alig=
+n: left; font-size: 14px; line-height: 1.5;">
+      <div style=3D"text-align: center;">
+        <img src=3D"https://coder.com/coder-logo-horizontal.png" alt=3D"Cod=
+er Logo" style=3D"height: 40px;" />
+      </div>
+      <h1 style=3D"text-align: center; font-size: 24px; font-weight: 400; m=
+argin: 8px 0 32px; line-height: 1.5;">
+        Template 'alpha' has been deprecated
+      </h1>
+      <div style=3D"line-height: 1.5;">
+        <p>Hello Bobby,</p>
+
+<p>The template <strong>alpha</strong> has been deprecated with the followi=
+ng message:</p>
+
+<p><strong>This template has been replaced by beta</strong></p>
+
+<p>New workspaces may not be created from this template. Existing workspace=
+s will continue to function normally.</p>
+      </div>
+      <div style=3D"text-align: center; margin-top: 32px;">
+       =20
+        <a href=3D"http://test.com/workspaces?filter=3Downer%3Ame+template%=
+3Aalpha" style=3D"display: inline-block; padding: 13px 24px; background-col=
+or: #020617; color: #f8fafc; text-decoration: none; border-radius: 8px; mar=
+gin: 0 4px;">
+          See affected workspaces
+        </a>
+       =20
+        <a href=3D"http://test.com/templates/coder/alpha" style=3D"display:=
+ inline-block; padding: 13px 24px; background-color: #020617; color: #f8faf=
+c; text-decoration: none; border-radius: 8px; margin: 0 4px;">
+          View template
+        </a>
+       =20
+      </div>
+      <div style=3D"border-top: 1px solid #e2e8f0; color: #475569; font-siz=
+e: 12px; margin-top: 64px; padding-top: 24px; line-height: 1.6;">
+        <p>&copy;&nbsp;2024&nbsp;Coder. All rights reserved&nbsp;-&nbsp;<a =
+href=3D"http://test.com" style=3D"color: #2563eb; text-decoration: none;">h=
+ttp://test.com</a></p>
+        <p><a href=3D"http://test.com/settings/notifications" style=3D"colo=
+r: #2563eb; text-decoration: none;">Click here to manage your notification =
+settings</a></p>
+        <p><a href=3D"http://test.com/settings/notifications?disabled=3Df40=
+fae84-55a2-42cd-99fa-b41c1ca64894" style=3D"color: #2563eb; text-decoration=
+: none;">Stop receiving emails like this</a></p>
+      </div>
+    </div>
+  </body>
+</html>
+
+--bbe61b741255b6098bb6b3c1f41b885773df633cb18d2a3002b68e4bc9c4--
@@ -0,0 +1,33 @@
+{
+  "_version": "1.1",
+  "msg_id": "00000000-0000-0000-0000-000000000000",
+  "payload": {
+    "_version": "1.1",
+    "notification_name": "Template Deprecated",
+    "notification_template_id": "00000000-0000-0000-0000-000000000000",
+    "user_id": "00000000-0000-0000-0000-000000000000",
+    "user_email": "bobby@coder.com",
+    "user_name": "Bobby",
+    "user_username": "bobby",
+    "actions": [
+      {
+        "label": "See affected workspaces",
+        "url": "http://test.com/workspaces?filter=owner%3Ame+template%3Aalpha"
+      },
+      {
+        "label": "View template",
+        "url": "http://test.com/templates/coder/alpha"
+      }
+    ],
+    "labels": {
+      "message": "This template has been replaced by beta",
+      "organization": "coder",
+      "template": "alpha"
+    },
+    "data": null
+  },
+  "title": "Template 'alpha' has been deprecated",
+  "title_markdown": "Template 'alpha' has been deprecated",
+  "body": "Hello Bobby,\n\nThe template alpha has been deprecated with the following message:\n\nThis template has been replaced by beta\n\nNew workspaces may not be created from this template. Existing workspaces will continue to function normally.",
+  "body_markdown": "Hello Bobby,\n\nThe template **alpha** has been deprecated with the following message:\n\n**This template has been replaced by beta**\n\nNew workspaces may not be created from this template. Existing workspaces will continue to function normally."
+}
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+DELETE FROM notification_templates WHERE id = 'f40fae84-55a2-42cd-99fa-b41c1ca64894';`
Original file line number	Diff line number	Diff line change
`@@ -30,7 +30,8 @@ var (`
`30`	`30`
`31`	`31`	`// Template-related events.`
`32`	`32`	`var (`
`33`		`- TemplateTemplateDeleted = uuid.MustParse("29a09665-2a4c-403f-9648-54301670e7be")`
	`33`	`+ TemplateTemplateDeleted = uuid.MustParse("29a09665-2a4c-403f-9648-54301670e7be")`
	`34`	`+ TemplateTemplateDeprecated = uuid.MustParse("f40fae84-55a2-42cd-99fa-b41c1ca64894")`
`34`	`35`
`35`	`36`	`TemplateWorkspaceBuildsFailedReport = uuid.MustParse("34a20db2-e9cc-4a93-b0e4-8569699d7a00")`
`36`	`37`	`)`
Original file line number	Diff line number	Diff line change
`@@ -7,19 +7,15 @@ import (`
`7`	`7`	`"text/template"`
`8`	`8`
`9`	`9`	`"golang.org/x/xerrors"`
`10`		`-`
`11`		`- "cdr.dev/slog"`
`12`	`10`	`)`
`13`	`11`
`14`	`12`	`func (n *notifier) fetchHelpers(ctx context.Context) (map[string]any, error) {`
`15`	`13`	`appName, err := n.fetchAppName(ctx)`
`16`	`14`	`if err != nil {`
`17`		`- n.log.Error(ctx, "failed to fetch app name", slog.Error(err))`
`18`	`15`	`return nil, xerrors.Errorf("fetch app name: %w", err)`
`19`	`16`	`}`
`20`	`17`	`logoURL, err := n.fetchLogoURL(ctx)`
`21`	`18`	`if err != nil {`
`22`		`- n.log.Error(ctx, "failed to fetch logo URL", slog.Error(err))`
`23`	`19`	`return nil, xerrors.Errorf("fetch logo URL: %w", err)`
`24`	`20`	`}`
`25`	`21`