Skip to content

Commit 5952b8e

Browse files
f0sself0ssel
committed
chore: add provisioner key crud apis
1 parent e4aef27 commit 5952b8e

22 files changed

+431
-0
lines changed

coderd/apidoc/docs.go

Lines changed: 2 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/apidoc/swagger.json

Lines changed: 2 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/dbauthz/dbauthz.go

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1074,6 +1074,13 @@ func (q *querier) DeleteOrganizationMember(ctx context.Context, arg database.Del
10741074
}, q.db.DeleteOrganizationMember)(ctx, arg)
10751075
}
10761076

1077+
func (q *querier) DeleteProvisionerKey(ctx context.Context, id uuid.UUID) error {
1078+
if err := q.authorizeContext(ctx, policy.ActionDelete, rbac.ResourceProvisionerKeys); err != nil {
1079+
return err
1080+
}
1081+
return q.db.DeleteProvisionerKey(ctx, id)
1082+
}
1083+
10771084
func (q *querier) DeleteReplicasUpdatedBefore(ctx context.Context, updatedAt time.Time) error {
10781085
if err := q.authorizeContext(ctx, policy.ActionDelete, rbac.ResourceSystem); err != nil {
10791086
return err
@@ -1671,6 +1678,13 @@ func (q *querier) GetProvisionerJobsCreatedAfter(ctx context.Context, createdAt
16711678
return q.db.GetProvisionerJobsCreatedAfter(ctx, createdAt)
16721679
}
16731680

1681+
func (q *querier) GetProvisionerKeyByName(ctx context.Context, name database.GetProvisionerKeyByNameParams) (database.ProvisionerKey, error) {
1682+
if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceProvisionerKeys); err != nil {
1683+
return database.ProvisionerKey{}, err
1684+
}
1685+
return q.db.GetProvisionerKeyByName(ctx, name)
1686+
}
1687+
16741688
func (q *querier) GetProvisionerLogsAfterID(ctx context.Context, arg database.GetProvisionerLogsAfterIDParams) ([]database.ProvisionerJobLog, error) {
16751689
// Authorized read on job lets the actor also read the logs.
16761690
_, err := q.GetProvisionerJobByID(ctx, arg.JobID)
@@ -2615,6 +2629,13 @@ func (q *querier) InsertProvisionerJobLogs(ctx context.Context, arg database.Ins
26152629
return q.db.InsertProvisionerJobLogs(ctx, arg)
26162630
}
26172631

2632+
func (q *querier) InsertProvisionerKey(ctx context.Context, arg database.InsertProvisionerKeyParams) (database.ProvisionerKey, error) {
2633+
if err := q.authorizeContext(ctx, policy.ActionCreate, rbac.ResourceProvisionerKeys); err != nil {
2634+
return database.ProvisionerKey{}, err
2635+
}
2636+
return q.db.InsertProvisionerKey(ctx, arg)
2637+
}
2638+
26182639
func (q *querier) InsertReplica(ctx context.Context, arg database.InsertReplicaParams) (database.Replica, error) {
26192640
if err := q.authorizeContext(ctx, policy.ActionCreate, rbac.ResourceSystem); err != nil {
26202641
return database.Replica{}, err
@@ -2843,6 +2864,13 @@ func (q *querier) InsertWorkspaceResourceMetadata(ctx context.Context, arg datab
28432864
return q.db.InsertWorkspaceResourceMetadata(ctx, arg)
28442865
}
28452866

2867+
func (q *querier) ListProvisionerKeysByOrganization(ctx context.Context, organizationID uuid.UUID) ([]database.ListProvisionerKeysByOrganizationRow, error) {
2868+
if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceProvisionerKeys); err != nil {
2869+
return nil, err
2870+
}
2871+
return q.db.ListProvisionerKeysByOrganization(ctx, organizationID)
2872+
}
2873+
28462874
func (q *querier) ListWorkspaceAgentPortShares(ctx context.Context, workspaceID uuid.UUID) ([]database.WorkspaceAgentPortShare, error) {
28472875
workspace, err := q.db.GetWorkspaceByID(ctx, workspaceID)
28482876
if err != nil {

coderd/database/dbmem/dbmem.go

Lines changed: 74 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -168,6 +168,7 @@ type data struct {
168168
provisionerDaemons []database.ProvisionerDaemon
169169
provisionerJobLogs []database.ProvisionerJobLog
170170
provisionerJobs []database.ProvisionerJob
171+
provisionerKeys []database.ProvisionerKey
171172
replicas []database.Replica
172173
templateVersions []database.TemplateVersionTable
173174
templateVersionParameters []database.TemplateVersionParameter
@@ -1734,6 +1735,20 @@ func (q *FakeQuerier) DeleteOrganizationMember(_ context.Context, arg database.D
17341735
return nil
17351736
}
17361737

1738+
func (q *FakeQuerier) DeleteProvisionerKey(_ context.Context, id uuid.UUID) error {
1739+
q.mutex.Lock()
1740+
defer q.mutex.Unlock()
1741+
1742+
for i, key := range q.provisionerKeys {
1743+
if key.ID == id {
1744+
q.provisionerKeys = append(q.provisionerKeys[:i], q.provisionerKeys[i+1:]...)
1745+
return nil
1746+
}
1747+
}
1748+
1749+
return sql.ErrNoRows
1750+
}
1751+
17371752
func (q *FakeQuerier) DeleteReplicasUpdatedBefore(_ context.Context, before time.Time) error {
17381753
q.mutex.Lock()
17391754
defer q.mutex.Unlock()
@@ -3195,6 +3210,19 @@ func (q *FakeQuerier) GetProvisionerJobsCreatedAfter(_ context.Context, after ti
31953210
return jobs, nil
31963211
}
31973212

3213+
func (q *FakeQuerier) GetProvisionerKeyByName(ctx context.Context, arg database.GetProvisionerKeyByNameParams) (database.ProvisionerKey, error) {
3214+
q.mutex.RLock()
3215+
defer q.mutex.RUnlock()
3216+
3217+
for _, key := range q.provisionerKeys {
3218+
if key.Name == arg.Name && key.OrganizationID == arg.OrganizationID {
3219+
return key, nil
3220+
}
3221+
}
3222+
3223+
return database.ProvisionerKey{}, sql.ErrNoRows
3224+
}
3225+
31983226
func (q *FakeQuerier) GetProvisionerLogsAfterID(_ context.Context, arg database.GetProvisionerLogsAfterIDParams) ([]database.ProvisionerJobLog, error) {
31993227
if err := validateDatabaseType(arg); err != nil {
32003228
return nil, err
@@ -6493,6 +6521,33 @@ func (q *FakeQuerier) InsertProvisionerJobLogs(_ context.Context, arg database.I
64936521
return logs, nil
64946522
}
64956523

6524+
func (q *FakeQuerier) InsertProvisionerKey(_ context.Context, arg database.InsertProvisionerKeyParams) (database.ProvisionerKey, error) {
6525+
err := validateDatabaseType(arg)
6526+
if err != nil {
6527+
return database.ProvisionerKey{}, err
6528+
}
6529+
6530+
q.mutex.Lock()
6531+
defer q.mutex.Unlock()
6532+
6533+
for _, key := range q.provisionerKeys {
6534+
if key.ID == arg.ID || (key.OrganizationID == arg.OrganizationID && key.Name == arg.Name) {
6535+
return database.ProvisionerKey{}, errUniqueConstraint
6536+
}
6537+
}
6538+
6539+
provisionerKey := database.ProvisionerKey{
6540+
ID: arg.ID,
6541+
CreatedAt: arg.CreatedAt,
6542+
OrganizationID: arg.OrganizationID,
6543+
Name: arg.Name,
6544+
HashedSecret: []byte(arg.Name),
6545+
}
6546+
q.provisionerKeys = append(q.provisionerKeys, provisionerKey)
6547+
6548+
return provisionerKey, nil
6549+
}
6550+
64966551
func (q *FakeQuerier) InsertReplica(_ context.Context, arg database.InsertReplicaParams) (database.Replica, error) {
64976552
if err := validateDatabaseType(arg); err != nil {
64986553
return database.Replica{}, err
@@ -7170,6 +7225,25 @@ func (q *FakeQuerier) InsertWorkspaceResourceMetadata(_ context.Context, arg dat
71707225
return metadata, nil
71717226
}
71727227

7228+
func (q *FakeQuerier) ListProvisionerKeysByOrganization(ctx context.Context, organizationID uuid.UUID) ([]database.ListProvisionerKeysByOrganizationRow, error) {
7229+
q.mutex.RLock()
7230+
defer q.mutex.RUnlock()
7231+
7232+
keys := make([]database.ListProvisionerKeysByOrganizationRow, 0)
7233+
for _, key := range q.provisionerKeys {
7234+
if key.OrganizationID == organizationID {
7235+
keys = append(keys, database.ListProvisionerKeysByOrganizationRow{
7236+
ID: key.ID,
7237+
CreatedAt: key.CreatedAt,
7238+
OrganizationID: key.OrganizationID,
7239+
Name: key.Name,
7240+
})
7241+
}
7242+
}
7243+
7244+
return keys, nil
7245+
}
7246+
71737247
func (q *FakeQuerier) ListWorkspaceAgentPortShares(_ context.Context, workspaceID uuid.UUID) ([]database.WorkspaceAgentPortShare, error) {
71747248
q.mutex.Lock()
71757249
defer q.mutex.Unlock()

coderd/database/dbmetrics/dbmetrics.go

Lines changed: 28 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/dbmock/dbmock.go

Lines changed: 59 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/dump.sql

Lines changed: 17 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/foreign_key_constraint.go

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/migrations/000223_provisioner_keys.down.sql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
DROP TABLE provisioner_keys;

coderd/database/migrations/000223_provisioner_keys.up.sql

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
CREATE TABLE provisioner_keys (
2+
id uuid PRIMARY KEY,
3+
created_at timestamptz NOT NULL,
4+
organization_id uuid NOT NULL REFERENCES organizations (id) ON DELETE CASCADE,
5+
name varchar(64) NOT NULL,
6+
hashed_secret bytea NOT NULL,
7+
UNIQUE (organization_id, name)
8+
);

0 commit comments

Comments
 (0)