Skip to content

Commit 8abca9b

Browse files
kylecarbskylecarbs
authored
chore: rename git_auth to external_auth in our schema (#9935)
* chore: rename `git_auth` to `external_auth` in our schema We're changing Git auth to be external auth. It will support any OAuth2 or OIDC provider. To split up the larger change I want to contribute the schema changes first, and I'll add the feature itself in another PR. * Fix names * Fix outdated view * Rename some additional places * Fix sort order * Fix template versions auth route * Fix types * Fix dbauthz
1 parent 2b5428e commit 8abca9b

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

67 files changed

+1440
-1362
lines changed

Makefile

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -542,12 +542,11 @@ site/src/api/typesGenerated.ts: scripts/apitypings/main.go $(shell find ./coders
542542
cd site
543543
pnpm run format:types ./src/api/typesGenerated.ts
544544

545-
site/e2e/provisionerGenerated.ts:
545+
site/e2e/provisionerGenerated.ts: provisionerd/proto/provisionerd.pb.go
546546
cd site
547547
../scripts/pnpm_install.sh
548548
pnpm run gen:provisioner
549549

550-
551550
examples/examples.gen.json: scripts/examplegen/main.go examples/examples.go $(shell find ./examples/templates)
552551
go run ./scripts/examplegen/main.go > examples/examples.gen.json
553552

cli/cliui/gitauth.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ import (
1212
)
1313

1414
type GitAuthOptions struct {
15-
Fetch func(context.Context) ([]codersdk.TemplateVersionGitAuth, error)
15+
Fetch func(context.Context) ([]codersdk.TemplateVersionExternalAuth, error)
1616
FetchInterval time.Duration
1717
}
1818

cli/cliui/gitauth_test.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26,11 +26,11 @@ func TestGitAuth(t *testing.T) {
2626
Handler: func(inv *clibase.Invocation) error {
2727
var fetched atomic.Bool
2828
return cliui.GitAuth(inv.Context(), inv.Stdout, cliui.GitAuthOptions{
29-
Fetch: func(ctx context.Context) ([]codersdk.TemplateVersionGitAuth, error) {
29+
Fetch: func(ctx context.Context) ([]codersdk.TemplateVersionExternalAuth, error) {
3030
defer fetched.Store(true)
31-
return []codersdk.TemplateVersionGitAuth{{
31+
return []codersdk.TemplateVersionExternalAuth{{
3232
ID: "github",
33-
Type: codersdk.GitProviderGitHub,
33+
Type: codersdk.ExternalAuthProviderGitHub,
3434
Authenticated: fetched.Load(),
3535
AuthenticateURL: "https://example.com/gitauth/github",
3636
}}, nil

cli/create.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -266,8 +266,8 @@ func prepWorkspaceBuild(inv *clibase.Invocation, client *codersdk.Client, args p
266266
}
267267

268268
err = cliui.GitAuth(ctx, inv.Stdout, cliui.GitAuthOptions{
269-
Fetch: func(ctx context.Context) ([]codersdk.TemplateVersionGitAuth, error) {
270-
return client.TemplateVersionGitAuth(ctx, templateVersion.ID)
269+
Fetch: func(ctx context.Context) ([]codersdk.TemplateVersionExternalAuth, error) {
270+
return client.TemplateVersionExternalAuth(ctx, templateVersion.ID)
271271
},
272272
})
273273
if err != nil {

cli/create_test.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -609,11 +609,11 @@ func TestCreateWithGitAuth(t *testing.T) {
609609
}
610610

611611
client := coderdtest.New(t, &coderdtest.Options{
612-
GitAuthConfigs: []*gitauth.Config{{
612+
ExternalAuthConfigs: []*gitauth.Config{{
613613
OAuth2Config: &testutil.OAuth2Config{},
614614
ID: "github",
615615
Regex: regexp.MustCompile(`github\.com`),
616-
Type: codersdk.GitProviderGitHub,
616+
Type: codersdk.ExternalAuthProviderGitHub,
617617
}},
618618
IncludeProvisionerDaemon: true,
619619
})

cli/server.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -608,7 +608,7 @@ func (r *RootCmd) Server(newAPI func(context.Context, *coderd.Options) (*coderd.
608608
Pubsub: pubsub.NewInMemory(),
609609
CacheDir: cacheDir,
610610
GoogleTokenValidator: googleTokenValidator,
611-
GitAuthConfigs: gitAuthConfigs,
611+
ExternalAuthConfigs: gitAuthConfigs,
612612
RealIPConfig: realIPConfig,
613613
SecureAuthCookie: vals.SecureAuthCookie.Value(),
614614
SSHKeygenAlgorithm: sshKeygenAlgorithm,

cmd/cliui/main.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -332,16 +332,16 @@ func main() {
332332
gitlabAuthed.Store(true)
333333
}()
334334
return cliui.GitAuth(inv.Context(), inv.Stdout, cliui.GitAuthOptions{
335-
Fetch: func(ctx context.Context) ([]codersdk.TemplateVersionGitAuth, error) {
335+
Fetch: func(ctx context.Context) ([]codersdk.TemplateVersionExternalAuth, error) {
336336
count.Add(1)
337-
return []codersdk.TemplateVersionGitAuth{{
337+
return []codersdk.TemplateVersionExternalAuth{{
338338
ID: "github",
339-
Type: codersdk.GitProviderGitHub,
339+
Type: codersdk.ExternalAuthProviderGitHub,
340340
Authenticated: githubAuthed.Load(),
341341
AuthenticateURL: "https://example.com/gitauth/github?redirect=" + url.QueryEscape("/gitauth?notify"),
342342
}, {
343343
ID: "gitlab",
344-
Type: codersdk.GitProviderGitLab,
344+
Type: codersdk.ExternalAuthProviderGitLab,
345345
Authenticated: gitlabAuthed.Load(),
346346
AuthenticateURL: "https://example.com/gitauth/gitlab?redirect=" + url.QueryEscape("/gitauth?notify"),
347347
}}, nil

coderd/apidoc/docs.go

Lines changed: 20 additions & 18 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/apidoc/swagger.json

Lines changed: 20 additions & 13 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/coderd.go

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -115,7 +115,7 @@ type Options struct {
115115
SSHKeygenAlgorithm gitsshkey.Algorithm
116116
Telemetry telemetry.Reporter
117117
TracerProvider trace.TracerProvider
118-
GitAuthConfigs []*gitauth.Config
118+
ExternalAuthConfigs []*gitauth.Config
119119
RealIPConfig *httpmw.RealIPConfig
120120
TrialGenerator func(ctx context.Context, email string) error
121121
// TLSCertificates is used to mesh DERP servers securely.
@@ -547,7 +547,7 @@ func New(options *Options) *API {
547547

548548
// Register callback handlers for each OAuth2 provider.
549549
r.Route("/gitauth", func(r chi.Router) {
550-
for _, gitAuthConfig := range options.GitAuthConfigs {
550+
for _, gitAuthConfig := range options.ExternalAuthConfigs {
551551
// We don't need to register a callback handler for device auth.
552552
if gitAuthConfig.DeviceAuth != nil {
553553
continue
@@ -616,7 +616,7 @@ func New(options *Options) *API {
616616
r.Route("/gitauth/{gitauth}", func(r chi.Router) {
617617
r.Use(
618618
apiKeyMiddleware,
619-
httpmw.ExtractGitAuthParam(options.GitAuthConfigs),
619+
httpmw.ExtractGitAuthParam(options.ExternalAuthConfigs),
620620
)
621621
r.Get("/", api.gitAuthByID)
622622
r.Post("/device", api.postGitAuthDeviceByID)
@@ -1117,8 +1117,8 @@ func (api *API) CreateInMemoryProvisionerDaemon(ctx context.Context) (client pro
11171117
api.UserQuietHoursScheduleStore,
11181118
api.DeploymentValues,
11191119
provisionerdserver.Options{
1120-
OIDCConfig: api.OIDCConfig,
1121-
GitAuthConfigs: api.GitAuthConfigs,
1120+
OIDCConfig: api.OIDCConfig,
1121+
ExternalAuthConfigs: api.ExternalAuthConfigs,
11221122
},
11231123
)
11241124
if err != nil {

coderd/coderdtest/coderdtest.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -105,7 +105,7 @@ type Options struct {
105105
AutobuildStats chan<- autobuild.Stats
106106
Auditor audit.Auditor
107107
TLSCertificates []tls.Certificate
108-
GitAuthConfigs []*gitauth.Config
108+
ExternalAuthConfigs []*gitauth.Config
109109
TrialGenerator func(context.Context, string) error
110110
TemplateScheduleStore schedule.TemplateScheduleStore
111111
Coordinator tailnet.Coordinator
@@ -392,7 +392,7 @@ func NewOptions(t testing.TB, options *Options) (func(http.Handler), context.Can
392392
CacheDir: t.TempDir(),
393393
Database: options.Database,
394394
Pubsub: options.Pubsub,
395-
GitAuthConfigs: options.GitAuthConfigs,
395+
ExternalAuthConfigs: options.ExternalAuthConfigs,
396396

397397
Auditor: options.Auditor,
398398
AWSCertificates: options.AWSCertificates,

coderd/database/dbauthz/dbauthz.go

Lines changed: 21 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -913,6 +913,17 @@ func (q *querier) GetDeploymentWorkspaceStats(ctx context.Context) (database.Get
913913
return q.db.GetDeploymentWorkspaceStats(ctx)
914914
}
915915

916+
func (q *querier) GetExternalAuthLink(ctx context.Context, arg database.GetExternalAuthLinkParams) (database.ExternalAuthLink, error) {
917+
return fetch(q.log, q.auth, q.db.GetExternalAuthLink)(ctx, arg)
918+
}
919+
920+
func (q *querier) GetExternalAuthLinksByUserID(ctx context.Context, userID uuid.UUID) ([]database.ExternalAuthLink, error) {
921+
if err := q.authorizeContext(ctx, rbac.ActionRead, rbac.ResourceSystem); err != nil {
922+
return nil, err
923+
}
924+
return q.db.GetExternalAuthLinksByUserID(ctx, userID)
925+
}
926+
916927
func (q *querier) GetFileByHashAndCreator(ctx context.Context, arg database.GetFileByHashAndCreatorParams) (database.File, error) {
917928
file, err := q.db.GetFileByHashAndCreator(ctx, arg)
918929
if err != nil {
@@ -952,17 +963,6 @@ func (q *querier) GetFileTemplates(ctx context.Context, fileID uuid.UUID) ([]dat
952963
return q.db.GetFileTemplates(ctx, fileID)
953964
}
954965

955-
func (q *querier) GetGitAuthLink(ctx context.Context, arg database.GetGitAuthLinkParams) (database.GitAuthLink, error) {
956-
return fetch(q.log, q.auth, q.db.GetGitAuthLink)(ctx, arg)
957-
}
958-
959-
func (q *querier) GetGitAuthLinksByUserID(ctx context.Context, userID uuid.UUID) ([]database.GitAuthLink, error) {
960-
if err := q.authorizeContext(ctx, rbac.ActionRead, rbac.ResourceSystem); err != nil {
961-
return nil, err
962-
}
963-
return q.db.GetGitAuthLinksByUserID(ctx, userID)
964-
}
965-
966966
func (q *querier) GetGitSSHKey(ctx context.Context, userID uuid.UUID) (database.GitSSHKey, error) {
967967
return fetch(q.log, q.auth, q.db.GetGitSSHKey)(ctx, userID)
968968
}
@@ -1955,12 +1955,12 @@ func (q *querier) InsertDeploymentID(ctx context.Context, value string) error {
19551955
return q.db.InsertDeploymentID(ctx, value)
19561956
}
19571957

1958-
func (q *querier) InsertFile(ctx context.Context, arg database.InsertFileParams) (database.File, error) {
1959-
return insert(q.log, q.auth, rbac.ResourceFile.WithOwner(arg.CreatedBy.String()), q.db.InsertFile)(ctx, arg)
1958+
func (q *querier) InsertExternalAuthLink(ctx context.Context, arg database.InsertExternalAuthLinkParams) (database.ExternalAuthLink, error) {
1959+
return insert(q.log, q.auth, rbac.ResourceUserData.WithOwner(arg.UserID.String()).WithID(arg.UserID), q.db.InsertExternalAuthLink)(ctx, arg)
19601960
}
19611961

1962-
func (q *querier) InsertGitAuthLink(ctx context.Context, arg database.InsertGitAuthLinkParams) (database.GitAuthLink, error) {
1963-
return insert(q.log, q.auth, rbac.ResourceUserData.WithOwner(arg.UserID.String()).WithID(arg.UserID), q.db.InsertGitAuthLink)(ctx, arg)
1962+
func (q *querier) InsertFile(ctx context.Context, arg database.InsertFileParams) (database.File, error) {
1963+
return insert(q.log, q.auth, rbac.ResourceFile.WithOwner(arg.CreatedBy.String()), q.db.InsertFile)(ctx, arg)
19641964
}
19651965

19661966
func (q *querier) InsertGitSSHKey(ctx context.Context, arg database.InsertGitSSHKeyParams) (database.GitSSHKey, error) {
@@ -2267,11 +2267,11 @@ func (q *querier) UpdateAPIKeyByID(ctx context.Context, arg database.UpdateAPIKe
22672267
return update(q.log, q.auth, fetch, q.db.UpdateAPIKeyByID)(ctx, arg)
22682268
}
22692269

2270-
func (q *querier) UpdateGitAuthLink(ctx context.Context, arg database.UpdateGitAuthLinkParams) (database.GitAuthLink, error) {
2271-
fetch := func(ctx context.Context, arg database.UpdateGitAuthLinkParams) (database.GitAuthLink, error) {
2272-
return q.db.GetGitAuthLink(ctx, database.GetGitAuthLinkParams{UserID: arg.UserID, ProviderID: arg.ProviderID})
2270+
func (q *querier) UpdateExternalAuthLink(ctx context.Context, arg database.UpdateExternalAuthLinkParams) (database.ExternalAuthLink, error) {
2271+
fetch := func(ctx context.Context, arg database.UpdateExternalAuthLinkParams) (database.ExternalAuthLink, error) {
2272+
return q.db.GetExternalAuthLink(ctx, database.GetExternalAuthLinkParams{UserID: arg.UserID, ProviderID: arg.ProviderID})
22732273
}
2274-
return updateWithReturn(q.log, q.auth, fetch, q.db.UpdateGitAuthLink)(ctx, arg)
2274+
return updateWithReturn(q.log, q.auth, fetch, q.db.UpdateExternalAuthLink)(ctx, arg)
22752275
}
22762276

22772277
func (q *querier) UpdateGitSSHKey(ctx context.Context, arg database.UpdateGitSSHKeyParams) (database.GitSSHKey, error) {
@@ -2485,7 +2485,7 @@ func (q *querier) UpdateTemplateVersionDescriptionByJobID(ctx context.Context, a
24852485
return q.db.UpdateTemplateVersionDescriptionByJobID(ctx, arg)
24862486
}
24872487

2488-
func (q *querier) UpdateTemplateVersionGitAuthProvidersByJobID(ctx context.Context, arg database.UpdateTemplateVersionGitAuthProvidersByJobIDParams) error {
2488+
func (q *querier) UpdateTemplateVersionExternalAuthProvidersByJobID(ctx context.Context, arg database.UpdateTemplateVersionExternalAuthProvidersByJobIDParams) error {
24892489
// An actor is allowed to update the template version git auth providers if they are authorized to update the template.
24902490
tv, err := q.db.GetTemplateVersionByJobID(ctx, arg.JobID)
24912491
if err != nil {
@@ -2504,7 +2504,7 @@ func (q *querier) UpdateTemplateVersionGitAuthProvidersByJobID(ctx context.Conte
25042504
if err := q.authorizeContext(ctx, rbac.ActionUpdate, obj); err != nil {
25052505
return err
25062506
}
2507-
return q.db.UpdateTemplateVersionGitAuthProvidersByJobID(ctx, arg)
2507+
return q.db.UpdateTemplateVersionExternalAuthProvidersByJobID(ctx, arg)
25082508
}
25092509

25102510
func (q *querier) UpdateTemplateWorkspacesLastUsedAt(ctx context.Context, arg database.UpdateTemplateWorkspacesLastUsedAtParams) error {

0 commit comments

Comments
 (0)