coder
diff --git a/‎.github/workflows/dogfood.yaml
Lines changed: 25 additions & 1 deletion b/‎.github/workflows/dogfood.yaml
Lines changed: 25 additions & 1 deletion
diff --git a/‎.github/workflows/typos.toml
Lines changed: 2 additions & 0 deletions b/‎.github/workflows/typos.toml
Lines changed: 2 additions & 0 deletions
diff --git a/‎.vscode/settings.json
Lines changed: 4 additions & 0 deletions b/‎.vscode/settings.json
Lines changed: 4 additions & 0 deletions
diff --git a/‎agent/agent.go
Lines changed: 1 addition & 0 deletions b/‎agent/agent.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎agent/agent_test.go
Lines changed: 2 additions & 4 deletions b/‎agent/agent_test.go
Lines changed: 2 additions & 4 deletions
diff --git a/‎cli/agent_test.go
Lines changed: 6 additions & 8 deletions b/‎cli/agent_test.go
Lines changed: 6 additions & 8 deletions
diff --git a/‎cli/config/file.go
Lines changed: 5 additions & 0 deletions b/‎cli/config/file.go
Lines changed: 5 additions & 0 deletions
diff --git a/‎cli/configssh_test.go
Lines changed: 1 addition & 2 deletions b/‎cli/configssh_test.go
Lines changed: 1 addition & 2 deletions
diff --git a/‎cli/deployment/flags.go
Lines changed: 8 additions & 1 deletion b/‎cli/deployment/flags.go
Lines changed: 8 additions & 1 deletion
diff --git a/‎cli/login.go
Lines changed: 3 additions & 3 deletions b/‎cli/login.go
Lines changed: 3 additions & 3 deletions
diff --git a/‎cli/login_test.go
Lines changed: 1 addition & 1 deletion b/‎cli/login_test.go
Lines changed: 1 addition & 1 deletion
diff --git a/‎cli/portforward.go
Lines changed: 2 additions & 3 deletions b/‎cli/portforward.go
Lines changed: 2 additions & 3 deletions
diff --git a/‎cli/root.go
Lines changed: 4 additions & 2 deletions b/‎cli/root.go
Lines changed: 4 additions & 2 deletions
diff --git a/‎cli/server.go
Lines changed: 27 additions & 10 deletions b/‎cli/server.go
Lines changed: 27 additions & 10 deletions
@@ -12,7 +12,7 @@ on:
   workflow_dispatch:
 
 jobs:
-  deploy:
+  deploy_image:
     runs-on: ubuntu-latest
     steps:
       - name: Get branch name
@@ -47,3 +47,27 @@ jobs:
           tags: "codercom/oss-dogfood:${{ steps.docker-tag-name.outputs.tag }},codercom/oss-dogfood:latest"
           cache-from: type=registry,ref=codercom/oss-dogfood:latest
           cache-to: type=inline
+  deploy_template:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Get short commit SHA
+        id: vars
+        run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
+      - name: "Install latest Coder"
+        run: |
+          curl -L https://coder.com/install.sh | sh
+        # env:
+        #   VERSION: 0.x
+      - name: "Push template"
+        run: |
+          coder templates push $CODER_TEMPLATE_NAME --directory $CODER_TEMPLATE_DIR --yes --name=$CODER_TEMPLATE_VERSION
+        env:
+          # Consumed by Coder CLI
+          CODER_URL: https://dev.coder.com
+          CODER_SESSION_TOKEN: ${{ secrets.CODER_SESSION_TOKEN }}
+          # Template source & details
+          CODER_TEMPLATE_NAME: ${{ secrets.CODER_TEMPLATE_NAME }}
+          CODER_TEMPLATE_VERSION: ${{ steps.vars.outputs.sha_short }}
+          CODER_TEMPLATE_DIR: ./dogfood
@@ -5,6 +5,8 @@ IST = "IST"
 MacOS = "macOS"
 
 [default.extend-words]
+# do as sudo replacement
+doas = "doas"
 
 [files]
 extend-exclude = [
 
@@ -19,12 +19,14 @@
     "derphttp",
     "derpmap",
     "devel",
+    "dflags",
     "drpc",
     "drpcconn",
     "drpcmux",
     "drpcserver",
     "Dsts",
     "enablements",
+    "eventsourcemock",
     "fatih",
     "Formik",
     "gitsshkey",
@@ -85,8 +87,10 @@
     "ptytest",
     "quickstart",
     "reconfig",
+    "replicasync",
     "retrier",
     "rpty",
+    "SCIM",
     "sdkproto",
     "sdktrace",
     "Signup",
 
@@ -170,6 +170,7 @@ func (a *agent) runTailnet(ctx context.Context, derpMap *tailcfg.DERPMap) {
 	if a.isClosed() {
 		return
 	}
+	a.logger.Debug(ctx, "running tailnet with derpmap", slog.F("derpmap", derpMap))
 	if a.network != nil {
 		a.network.SetDERPMap(derpMap)
 		return
 
@@ -465,7 +465,7 @@ func TestAgent(t *testing.T) {
 
 				conn, _ := setupAgent(t, codersdk.WorkspaceAgentMetadata{}, 0)
 				require.Eventually(t, func() bool {
-					_, err := conn.Ping()
+					_, err := conn.Ping(context.Background())
 					return err == nil
 				}, testutil.WaitMedium, testutil.IntervalFast)
 				conn1, err := conn.DialContext(context.Background(), l.Addr().Network(), l.Addr().String())
@@ -483,9 +483,7 @@ func TestAgent(t *testing.T) {
 
 	t.Run("Speedtest", func(t *testing.T) {
 		t.Parallel()
-		if testing.Short() {
-			t.Skip("The minimum duration for a speedtest is hardcoded in Tailscale to 5s!")
-		}
+		t.Skip("This test is relatively flakey because of Tailscale's speedtest code...")
 		derpMap := tailnettest.RunDERPAndSTUN(t)
 		conn, _ := setupAgent(t, codersdk.WorkspaceAgentMetadata{
 			DERPMap: derpMap,
 
@@ -7,8 +7,6 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
-	"cdr.dev/slog"
-
 	"github.com/coder/coder/cli/clitest"
 	"github.com/coder/coder/coderd/coderdtest"
 	"github.com/coder/coder/provisioner/echo"
@@ -67,11 +65,11 @@ func TestWorkspaceAgent(t *testing.T) {
 		if assert.NotEmpty(t, workspace.LatestBuild.Resources) && assert.NotEmpty(t, resources[0].Agents) {
 			assert.NotEmpty(t, resources[0].Agents[0].Version)
 		}
-		dialer, err := client.DialWorkspaceAgentTailnet(ctx, slog.Logger{}, resources[0].Agents[0].ID)
+		dialer, err := client.DialWorkspaceAgent(ctx, resources[0].Agents[0].ID, nil)
 		require.NoError(t, err)
 		defer dialer.Close()
 		require.Eventually(t, func() bool {
-			_, err := dialer.Ping()
+			_, err := dialer.Ping(ctx)
 			return err == nil
 		}, testutil.WaitMedium, testutil.IntervalFast)
 		cancelFunc()
@@ -128,11 +126,11 @@ func TestWorkspaceAgent(t *testing.T) {
 		if assert.NotEmpty(t, resources) && assert.NotEmpty(t, resources[0].Agents) {
 			assert.NotEmpty(t, resources[0].Agents[0].Version)
 		}
-		dialer, err := client.DialWorkspaceAgentTailnet(ctx, slog.Logger{}, resources[0].Agents[0].ID)
+		dialer, err := client.DialWorkspaceAgent(ctx, resources[0].Agents[0].ID, nil)
 		require.NoError(t, err)
 		defer dialer.Close()
 		require.Eventually(t, func() bool {
-			_, err := dialer.Ping()
+			_, err := dialer.Ping(ctx)
 			return err == nil
 		}, testutil.WaitMedium, testutil.IntervalFast)
 		cancelFunc()
@@ -189,11 +187,11 @@ func TestWorkspaceAgent(t *testing.T) {
 		if assert.NotEmpty(t, resources) && assert.NotEmpty(t, resources[0].Agents) {
 			assert.NotEmpty(t, resources[0].Agents[0].Version)
 		}
-		dialer, err := client.DialWorkspaceAgentTailnet(ctx, slog.Logger{}, resources[0].Agents[0].ID)
+		dialer, err := client.DialWorkspaceAgent(ctx, resources[0].Agents[0].ID, nil)
 		require.NoError(t, err)
 		defer dialer.Close()
 		require.Eventually(t, func() bool {
-			_, err := dialer.Ping()
+			_, err := dialer.Ping(ctx)
 			return err == nil
 		}, testutil.WaitMedium, testutil.IntervalFast)
 		cancelFunc()
 
@@ -13,6 +13,11 @@ func (r Root) Session() File {
 	return File(filepath.Join(string(r), "session"))
 }
 
+// ReplicaID is a unique identifier for the Coder server.
+func (r Root) ReplicaID() File {
+	return File(filepath.Join(string(r), "replica_id"))
+}
+
 func (r Root) URL() File {
 	return File(filepath.Join(string(r), "url"))
 }
 
@@ -19,7 +19,6 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 
-	"cdr.dev/slog"
 	"cdr.dev/slog/sloggers/slogtest"
 
 	"github.com/coder/coder/agent"
@@ -115,7 +114,7 @@ func TestConfigSSH(t *testing.T) {
 		_ = agentCloser.Close()
 	}()
 	resources := coderdtest.AwaitWorkspaceAgents(t, client, workspace.ID)
-	agentConn, err := client.DialWorkspaceAgentTailnet(context.Background(), slog.Logger{}, resources[0].Agents[0].ID)
+	agentConn, err := client.DialWorkspaceAgent(context.Background(), resources[0].Agents[0].ID, nil)
 	require.NoError(t, err)
 	defer agentConn.Close()
 
 
@@ -32,7 +32,7 @@ func Flags() *codersdk.DeploymentFlags {
 			Name:        "Wildcard Address URL",
 			Flag:        "wildcard-access-url",
 			EnvVar:      "CODER_WILDCARD_ACCESS_URL",
-			Description: `Specifies the wildcard hostname to use for workspace applications in the form "*.example.com".`,
+			Description: `Specifies the wildcard hostname to use for workspace applications in the form "*.example.com" or "*-suffix.example.com". Ports or schemes should not be included. The scheme will be copied from the access URL.`,
 		},
 		Address: &codersdk.StringFlag{
 			Name:        "Bind Address",
@@ -85,6 +85,13 @@ func Flags() *codersdk.DeploymentFlags {
 			Description: "Addresses for STUN servers to establish P2P connections. Set empty to disable P2P connections.",
 			Default:     []string{"stun.l.google.com:19302"},
 		},
+		DerpServerRelayAddress: &codersdk.StringFlag{
+			Name:        "DERP Server Relay Address",
+			Flag:        "derp-server-relay-address",
+			EnvVar:      "CODER_DERP_SERVER_RELAY_ADDRESS",
+			Description: "An HTTP address that is accessible by other replicas to relay DERP traffic. Required for high availability.",
+			Enterprise:  true,
+		},
 		DerpConfigURL: &codersdk.StringFlag{
 			Name:        "DERP Config URL",
 			Flag:        "derp-config-url",
 
@@ -248,9 +248,9 @@ func login() *cobra.Command {
 			return nil
 		},
 	}
-	cliflag.StringVarP(cmd.Flags(), &email, "email", "e", "CODER_EMAIL", "", "Specifies an email address to authenticate with.")
-	cliflag.StringVarP(cmd.Flags(), &username, "username", "u", "CODER_USERNAME", "", "Specifies a username to authenticate with.")
-	cliflag.StringVarP(cmd.Flags(), &password, "password", "p", "CODER_PASSWORD", "", "Specifies a password to authenticate with.")
+	cliflag.StringVarP(cmd.Flags(), &email, "first-user-email", "", "CODER_FIRST_USER_EMAIL", "", "Specifies an email address to use if creating the first user for the deployment.")
+	cliflag.StringVarP(cmd.Flags(), &username, "first-user-username", "", "CODER_FIRST_USER_USERNAME", "", "Specifies a username to use if creating the first user for the deployment.")
+	cliflag.StringVarP(cmd.Flags(), &password, "first-user-password", "", "CODER_FIRST_USER_PASSWORD", "", "Specifies a password to use if creating the first user for the deployment.")
 	return cmd
 }
 
 
@@ -74,7 +74,7 @@ func TestLogin(t *testing.T) {
 		// accurately detect Windows ptys when they are not attached to a process:
 		// https://github.com/mattn/go-isatty/issues/59
 		doneChan := make(chan struct{})
-		root, _ := clitest.New(t, "login", client.URL.String(), "--username", "testuser", "--email", "user@coder.com", "--password", "password")
+		root, _ := clitest.New(t, "login", client.URL.String(), "--first-user-username", "testuser", "--first-user-email", "user@coder.com", "--first-user-password", "password")
 		pty := ptytest.New(t)
 		root.SetIn(pty.Input())
 		root.SetOut(pty.Output())
 
@@ -16,7 +16,6 @@ import (
 	"github.com/spf13/cobra"
 	"golang.org/x/xerrors"
 
-	"cdr.dev/slog"
 	"github.com/coder/coder/agent"
 	"github.com/coder/coder/cli/cliflag"
 	"github.com/coder/coder/cli/cliui"
@@ -96,7 +95,7 @@ func portForward() *cobra.Command {
 				return xerrors.Errorf("await agent: %w", err)
 			}
 
-			conn, err := client.DialWorkspaceAgentTailnet(ctx, slog.Logger{}, workspaceAgent.ID)
+			conn, err := client.DialWorkspaceAgent(ctx, workspaceAgent.ID, nil)
 			if err != nil {
 				return err
 			}
@@ -156,7 +155,7 @@ func portForward() *cobra.Command {
 				case <-ticker.C:
 				}
 
-				_, err = conn.Ping()
+				_, err = conn.Ping(ctx)
 				if err != nil {
 					continue
 				}
 
@@ -4,6 +4,7 @@ import (
 	"context"
 	"flag"
 	"fmt"
+	"io"
 	"net/http"
 	"net/url"
 	"os"
@@ -100,8 +101,9 @@ func Core() []*cobra.Command {
 }
 
 func AGPL() []*cobra.Command {
-	all := append(Core(), Server(deployment.Flags(), func(_ context.Context, o *coderd.Options) (*coderd.API, error) {
-		return coderd.New(o), nil
+	all := append(Core(), Server(deployment.Flags(), func(_ context.Context, o *coderd.Options) (*coderd.API, io.Closer, error) {
+		api := coderd.New(o)
+		return api, api, nil
 	}))
 	return all
 }
 
@@ -17,6 +17,7 @@ import (
 	"os/signal"
 	"os/user"
 	"path/filepath"
+	"regexp"
 	"strconv"
 	"strings"
 	"sync"
@@ -53,6 +54,7 @@ import (
 	"github.com/coder/coder/coderd/database/migrations"
 	"github.com/coder/coder/coderd/devtunnel"
 	"github.com/coder/coder/coderd/gitsshkey"
+	"github.com/coder/coder/coderd/httpapi"
 	"github.com/coder/coder/coderd/prometheusmetrics"
 	"github.com/coder/coder/coderd/telemetry"
 	"github.com/coder/coder/coderd/tracing"
@@ -67,7 +69,7 @@ import (
 )
 
 // nolint:gocyclo
-func Server(dflags *codersdk.DeploymentFlags, newAPI func(context.Context, *coderd.Options) (*coderd.API, error)) *cobra.Command {
+func Server(dflags *codersdk.DeploymentFlags, newAPI func(context.Context, *coderd.Options) (*coderd.API, io.Closer, error)) *cobra.Command {
 	root := &cobra.Command{
 		Use:   "server",
 		Short: "Start a Coder server",
@@ -165,9 +167,10 @@ func Server(dflags *codersdk.DeploymentFlags, newAPI func(context.Context, *code
 			}
 			defer listener.Close()
 
+			var tlsConfig *tls.Config
 			if dflags.TLSEnable.Value {
-				listener, err = configureServerTLS(
-					listener, dflags.TLSMinVersion.Value,
+				tlsConfig, err = configureTLS(
+					dflags.TLSMinVersion.Value,
 					dflags.TLSClientAuth.Value,
 					dflags.TLSCertFiles.Value,
 					dflags.TLSKeyFiles.Value,
@@ -176,6 +179,7 @@ func Server(dflags *codersdk.DeploymentFlags, newAPI func(context.Context, *code
 				if err != nil {
 					return xerrors.Errorf("configure tls: %w", err)
 				}
+				listener = tls.NewListener(listener, tlsConfig)
 			}
 
 			tcpAddr, valid := listener.Addr().(*net.TCPAddr)
@@ -297,13 +301,19 @@ func Server(dflags *codersdk.DeploymentFlags, newAPI func(context.Context, *code
 				return xerrors.Errorf("create derp map: %w", err)
 			}
 
-			appHostname := strings.TrimPrefix(dflags.WildcardAccessURL.Value, "http://")
-			appHostname = strings.TrimPrefix(appHostname, "https://")
-			appHostname = strings.TrimPrefix(appHostname, "*.")
+			appHostname := strings.TrimSpace(dflags.WildcardAccessURL.Value)
+			var appHostnameRegex *regexp.Regexp
+			if appHostname != "" {
+				appHostnameRegex, err = httpapi.CompileHostnamePattern(appHostname)
+				if err != nil {
+					return xerrors.Errorf("parse wildcard access URL %q: %w", appHostname, err)
+				}
+			}
 
 			options := &coderd.Options{
 				AccessURL:                   accessURLParsed,
 				AppHostname:                 appHostname,
+				AppHostnameRegex:            appHostnameRegex,
 				Logger:                      logger.Named("coderd"),
 				Database:                    databasefake.New(),
 				DERPMap:                     derpMap,
@@ -320,6 +330,9 @@ func Server(dflags *codersdk.DeploymentFlags, newAPI func(context.Context, *code
 				Experimental:                ExperimentalEnabled(cmd),
 				DeploymentFlags:             dflags,
 			}
+			if tlsConfig != nil {
+				options.TLSCertificates = tlsConfig.Certificates
+			}
 
 			if dflags.OAuth2GithubClientSecret.Value != "" {
 				options.GithubOAuth2Config, err = configureGithubOAuth2(accessURLParsed,
@@ -463,11 +476,14 @@ func Server(dflags *codersdk.DeploymentFlags, newAPI func(context.Context, *code
 				), dflags.PromAddress.Value, "prometheus")()
 			}
 
-			coderAPI, err := newAPI(ctx, options)
+			// We use a separate closer so the Enterprise API
+			// can have it's own close functions. This is cleaner
+			// than abstracting the Coder API itself.
+			coderAPI, closer, err := newAPI(ctx, options)
 			if err != nil {
 				return err
 			}
-			defer coderAPI.Close()
+			defer closer.Close()
 
 			client := codersdk.New(localURL)
 			if dflags.TLSEnable.Value {
@@ -885,7 +901,7 @@ func loadCertificates(tlsCertFiles, tlsKeyFiles []string) ([]tls.Certificate, er
 	return certs, nil
 }
 
-func configureServerTLS(listener net.Listener, tlsMinVersion, tlsClientAuth string, tlsCertFiles, tlsKeyFiles []string, tlsClientCAFile string) (net.Listener, error) {
+func configureTLS(tlsMinVersion, tlsClientAuth string, tlsCertFiles, tlsKeyFiles []string, tlsClientCAFile string) (*tls.Config, error) {
 	tlsConfig := &tls.Config{
 		MinVersion: tls.VersionTLS12,
 	}
@@ -921,6 +937,7 @@ func configureServerTLS(listener net.Listener, tlsMinVersion, tlsClientAuth stri
 	if err != nil {
 		return nil, xerrors.Errorf("load certificates: %w", err)
 	}
+	tlsConfig.Certificates = certs
 	tlsConfig.GetCertificate = func(hi *tls.ClientHelloInfo) (*tls.Certificate, error) {
 		// If there's only one certificate, return it.
 		if len(certs) == 1 {
@@ -955,7 +972,7 @@ func configureServerTLS(listener net.Listener, tlsMinVersion, tlsClientAuth stri
 		tlsConfig.ClientCAs = caPool
 	}
 
-	return tls.NewListener(listener, tlsConfig), nil
+	return tlsConfig, nil
 }
 
 func configureGithubOAuth2(accessURL *url.URL, clientID, clientSecret string, allowSignups bool, allowOrgs []string, rawTeams []string, enterpriseBaseURL string) (*coderd.GithubOAuth2Config, error) {
Original file line number	Diff line number	Diff line change
`@@ -170,6 +170,7 @@ func (a agent) runTailnet(ctx context.Context, derpMap tailcfg.DERPMap) {`
`170`	`170`	`if a.isClosed() {`
`171`	`171`	`return`
`172`	`172`	`}`
	`173`	`+ a.logger.Debug(ctx, "running tailnet with derpmap", slog.F("derpmap", derpMap))`
`173`	`174`	`if a.network != nil {`
`174`	`175`	`a.network.SetDERPMap(derpMap)`
`175`	`176`	`return`
Original file line number	Diff line number	Diff line change
`@@ -13,6 +13,11 @@ func (r Root) Session() File {`
`13`	`13`	`return File(filepath.Join(string(r), "session"))`
`14`	`14`	`}`
`15`	`15`
	`16`	`+// ReplicaID is a unique identifier for the Coder server.`
	`17`	`+func (r Root) ReplicaID() File {`
	`18`	`+ return File(filepath.Join(string(r), "replica_id"))`
	`19`	`+}`
	`20`	`+`
`16`	`21`	`func (r Root) URL() File {`
`17`	`22`	`return File(filepath.Join(string(r), "url"))`
`18`	`23`	`}`
Original file line number	Diff line number	Diff line change
`@@ -248,9 +248,9 @@ func login() *cobra.Command {`
`248`	`248`	`return nil`
`249`	`249`	`},`
`250`	`250`	`}`
`251`		`- cliflag.StringVarP(cmd.Flags(), &email, "email", "e", "CODER_EMAIL", "", "Specifies an email address to authenticate with.")`
`252`		`- cliflag.StringVarP(cmd.Flags(), &username, "username", "u", "CODER_USERNAME", "", "Specifies a username to authenticate with.")`
`253`		`- cliflag.StringVarP(cmd.Flags(), &password, "password", "p", "CODER_PASSWORD", "", "Specifies a password to authenticate with.")`
	`251`	`+ cliflag.StringVarP(cmd.Flags(), &email, "first-user-email", "", "CODER_FIRST_USER_EMAIL", "", "Specifies an email address to use if creating the first user for the deployment.")`
	`252`	`+ cliflag.StringVarP(cmd.Flags(), &username, "first-user-username", "", "CODER_FIRST_USER_USERNAME", "", "Specifies a username to use if creating the first user for the deployment.")`
	`253`	`+ cliflag.StringVarP(cmd.Flags(), &password, "first-user-password", "", "CODER_FIRST_USER_PASSWORD", "", "Specifies a password to use if creating the first user for the deployment.")`
`254`	`254`	`return cmd`
`255`	`255`	`}`
`256`	`256`
Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,6 @@ import (`
`16`	`16`	`"github.com/spf13/cobra"`
`17`	`17`	`"golang.org/x/xerrors"`
`18`	`18`
`19`		`- "cdr.dev/slog"`
`20`	`19`	`"github.com/coder/coder/agent"`
`21`	`20`	`"github.com/coder/coder/cli/cliflag"`
`22`	`21`	`"github.com/coder/coder/cli/cliui"`
`@@ -96,7 +95,7 @@ func portForward() *cobra.Command {`
`96`	`95`	`return xerrors.Errorf("await agent: %w", err)`
`97`	`96`	`}`
`98`	`97`
`99`		`- conn, err := client.DialWorkspaceAgentTailnet(ctx, slog.Logger{}, workspaceAgent.ID)`
	`98`	`+ conn, err := client.DialWorkspaceAgent(ctx, workspaceAgent.ID, nil)`
`100`	`99`	`if err != nil {`
`101`	`100`	`return err`
`102`	`101`	`}`
`@@ -156,7 +155,7 @@ func portForward() *cobra.Command {`
`156`	`155`	`case <-ticker.C:`
`157`	`156`	`}`
`158`	`157`
`159`		`- _, err = conn.Ping()`
	`158`	`+ _, err = conn.Ping(ctx)`
`160`	`159`	`if err != nil {`
`161`	`160`	`continue`
`162`	`161`	`}`