coder
diff --git a/‎.github/dependabot.yaml
Lines changed: 1 addition & 0 deletions b/‎.github/dependabot.yaml
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/workflows/ci.yaml
Lines changed: 1 addition & 2 deletions b/‎.github/workflows/ci.yaml
Lines changed: 1 addition & 2 deletions
diff --git a/‎.github/workflows/contrib.yaml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/contrib.yaml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/docker-base.yaml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/docker-base.yaml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/dogfood.yaml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/dogfood.yaml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/pr-deploy.yaml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/pr-deploy.yaml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/release.yaml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/release.yaml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.gitignore
Lines changed: 3 additions & 0 deletions b/‎.gitignore
Lines changed: 3 additions & 0 deletions
diff --git a/‎.prettierignore
Lines changed: 3 additions & 0 deletions b/‎.prettierignore
Lines changed: 3 additions & 0 deletions
diff --git a/‎cli/testdata/coder_templates_init_--help.golden
Lines changed: 1 addition & 1 deletion b/‎cli/testdata/coder_templates_init_--help.golden
Lines changed: 1 addition & 1 deletion
diff --git a/‎coderd/database/dbtestutil/db.go
Lines changed: 101 additions & 0 deletions b/‎coderd/database/dbtestutil/db.go
Lines changed: 101 additions & 0 deletions
diff --git a/‎coderd/database/dump.sql
Lines changed: 1 addition & 1 deletion b/‎coderd/database/dump.sql
Lines changed: 1 addition & 1 deletion
diff --git a/‎coderd/database/migrations/000155_workspaces_last_used_at_timestamptz.down.sql
Lines changed: 6 additions & 0 deletions b/‎coderd/database/migrations/000155_workspaces_last_used_at_timestamptz.down.sql
Lines changed: 6 additions & 0 deletions
diff --git a/‎coderd/database/migrations/000155_workspaces_last_used_at_timestamptz.up.sql
Lines changed: 6 additions & 0 deletions b/‎coderd/database/migrations/000155_workspaces_last_used_at_timestamptz.up.sql
Lines changed: 6 additions & 0 deletions
diff --git a/‎coderd/workspaceagents.go
Lines changed: 1 addition & 1 deletion b/‎coderd/workspaceagents.go
Lines changed: 1 addition & 1 deletion
diff --git a/‎coderd/workspaceagents_test.go
Lines changed: 0 additions & 5 deletions b/‎coderd/workspaceagents_test.go
Lines changed: 0 additions & 5 deletions
diff --git a/‎coderd/workspaces_test.go
Lines changed: 0 additions & 4 deletions b/‎coderd/workspaces_test.go
Lines changed: 0 additions & 4 deletions
diff --git a/‎docs/cli/templates_init.md
Lines changed: 2 additions & 2 deletions b/‎docs/cli/templates_init.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎docs/images/display-apps.png
25.1 KB b/‎docs/images/display-apps.png
25.1 KB
diff --git a/‎docs/templates/index.md
Lines changed: 23 additions & 0 deletions b/‎docs/templates/index.md
Lines changed: 23 additions & 0 deletions
@@ -92,6 +92,7 @@ updates:
       - dependency-name: "@types/node"
         update-types:
           - version-update:semver-major
+    open-pull-requests-limit: 15
     groups:
       react:
         patterns:
 
@@ -53,7 +53,6 @@ jobs:
             docs:
               - "docs/**"
               - "README.md"
-              - "examples/templates/**"
               - "examples/web-server/**"
               - "examples/monitoring/**"
               - "examples/lima/**"
@@ -741,7 +740,7 @@ jobs:
         uses: ./.github/actions/setup-sqlc
 
       - name: GHCR Login
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
 
@@ -34,7 +34,7 @@ jobs:
     steps:
       - name: cla
         if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target'
-        uses: contributor-assistant/github-action@v2.3.0
+        uses: contributor-assistant/github-action@v2.3.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           # the below token should have repo scope and must be manually added by you in the repository's secret
 
@@ -35,7 +35,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Docker login
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
 
@@ -46,7 +46,7 @@ jobs:
       - run: nix build .#devEnvImage && ./result | docker load
 
       - name: Login to DockerHub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_PASSWORD }}
 
@@ -216,7 +216,7 @@ jobs:
         uses: ./.github/actions/setup-sqlc
 
       - name: GHCR Login
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
 
@@ -85,7 +85,7 @@ jobs:
           cat "$CODER_RELEASE_NOTES_FILE"
 
       - name: Docker Login
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
 
@@ -64,3 +64,6 @@ scaletest/terraform/secrets.tfvars
 
 # Nix
 result
+
+# Data dumps from unit tests
+**/*.test.sql
@@ -67,6 +67,9 @@ scaletest/terraform/secrets.tfvars
 
 # Nix
 result
+
+# Data dumps from unit tests
+**/*.test.sql
 # .prettierignore.include:
 # Helm templates contain variables that are invalid YAML and can't be formatted
 # by Prettier.
 
@@ -6,7 +6,7 @@ USAGE:
   Get started with a templated template.
 
 OPTIONS:
-      --id aws-ecs-container|aws-linux|aws-windows|azure-linux|do-linux|docker|docker-with-dotfiles|fly-docker-image|gcp-linux|gcp-vm-container|gcp-windows|kubernetes
+      --id aws-ecs-container|aws-linux|aws-windows|azure-linux|do-linux|docker|docker-with-dotfiles|gcp-linux|gcp-vm-container|gcp-windows|kubernetes
           Specify a given example template by ID.
 
 ———
 
@@ -1,15 +1,21 @@
 package dbtestutil
 
 import (
+	"bytes"
 	"context"
 	"database/sql"
 	"fmt"
 	"net/url"
 	"os"
+	"os/exec"
+	"path/filepath"
+	"regexp"
 	"strings"
 	"testing"
+	"time"
 
 	"github.com/stretchr/testify/require"
+	"golang.org/x/xerrors"
 
 	"github.com/coder/coder/v2/coderd/database"
 	"github.com/coder/coder/v2/coderd/database/dbfake"
@@ -24,6 +30,7 @@ func WillUsePostgres() bool {
 
 type options struct {
 	fixedTimezone string
+	dumpOnFailure bool
 }
 
 type Option func(*options)
@@ -35,6 +42,13 @@ func WithTimezone(tz string) Option {
 	}
 }
 
+// WithDumpOnFailure will dump the entire database on test failure.
+func WithDumpOnFailure() Option {
+	return func(o *options) {
+		o.dumpOnFailure = true
+	}
+}
+
 func NewDB(t testing.TB, opts ...Option) (database.Store, pubsub.Pubsub) {
 	t.Helper()
 
@@ -74,6 +88,9 @@ func NewDB(t testing.TB, opts ...Option) (database.Store, pubsub.Pubsub) {
 		t.Cleanup(func() {
 			_ = sqlDB.Close()
 		})
+		if o.dumpOnFailure {
+			t.Cleanup(func() { DumpOnFailure(t, connectionURL) })
+		}
 		db = database.New(sqlDB)
 
 		ps, err = pubsub.New(context.Background(), sqlDB, connectionURL)
@@ -110,3 +127,87 @@ func dbNameFromConnectionURL(t testing.TB, connectionURL string) string {
 	require.NoError(t, err)
 	return strings.TrimPrefix(u.Path, "/")
 }
+
+// DumpOnFailure exports the database referenced by connectionURL to a file
+// corresponding to the current test, with a suffix indicating the time the
+// test was run.
+// To import this into a new database (assuming you have already run make test-postgres-docker):
+//   - Create a new test database:
+//     go run ./scripts/migrate-ci/main.go and note the database name it outputs
+//   - Import the file into the above database:
+//     psql 'postgres://postgres:postgres@127.0.0.1:5432/<dbname>?sslmode=disable' -f <path to file.test.sql>
+//   - Run a dev server against that database:
+//     ./scripts/coder-dev.sh server --postgres-url='postgres://postgres:postgres@127.0.0.1:5432/<dbname>?sslmode=disable'
+func DumpOnFailure(t testing.TB, connectionURL string) {
+	if !t.Failed() {
+		return
+	}
+	cwd, err := filepath.Abs(".")
+	if err != nil {
+		t.Errorf("dump on failure: cannot determine current working directory")
+		return
+	}
+	snakeCaseName := regexp.MustCompile("[^a-zA-Z0-9-_]+").ReplaceAllString(t.Name(), "_")
+	now := time.Now()
+	timeSuffix := fmt.Sprintf("%d%d%d%d%d%d", now.Year(), now.Month(), now.Day(), now.Hour(), now.Minute(), now.Second())
+	outPath := filepath.Join(cwd, snakeCaseName+"."+timeSuffix+".test.sql")
+	dump, err := pgDump(connectionURL)
+	if err != nil {
+		t.Errorf("dump on failure: failed to run pg_dump")
+		return
+	}
+	if err := os.WriteFile(outPath, filterDump(dump), 0o600); err != nil {
+		t.Errorf("dump on failure: failed to write: %s", err.Error())
+		return
+	}
+	t.Logf("Dumped database to %q due to failed test. I hope you find what you're looking for!", outPath)
+}
+
+// pgDump runs pg_dump against dbURL and returns the output.
+func pgDump(dbURL string) ([]byte, error) {
+	if _, err := exec.LookPath("pg_dump"); err != nil {
+		return nil, xerrors.Errorf("could not find pg_dump in path: %w", err)
+	}
+	cmdArgs := []string{
+		"pg_dump",
+		dbURL,
+		"--data-only",
+		"--column-inserts",
+		"--no-comments",
+		"--no-privileges",
+		"--no-publication",
+		"--no-security-labels",
+		"--no-subscriptions",
+		"--no-tablespaces",
+		// "--no-unlogged-table-data", // some tables are unlogged and may contain data of interest
+		"--no-owner",
+		"--exclude-table=schema_migrations",
+	}
+	cmd := exec.Command(cmdArgs[0], cmdArgs[1:]...) // nolint:gosec
+	cmd.Env = []string{
+		// "PGTZ=UTC", // This is probably not going to be useful if tz has been changed.
+		"PGCLIENTENCODINDG=UTF8",
+		"PGDATABASE=", // we should always specify the database name in the connection string
+	}
+	var stdout bytes.Buffer
+	cmd.Stdout = &stdout
+	if err := cmd.Run(); err != nil {
+		return nil, xerrors.Errorf("exec pg_dump: %w", err)
+	}
+	return stdout.Bytes(), nil
+}
+
+func filterDump(dump []byte) []byte {
+	lines := bytes.Split(dump, []byte{'\n'})
+	var buf bytes.Buffer
+	for _, line := range lines {
+		// We dump in column-insert format, so these are the only lines
+		// we care about
+		if !bytes.HasPrefix(line, []byte("INSERT")) {
+			continue
+		}
+		_, _ = buf.Write(line)
+		_, _ = buf.WriteRune('\n')
+	}
+	return buf.Bytes()
+}
@@ -0,0 +1,6 @@
+ALTER TABLE ONLY workspaces
+ALTER COLUMN last_used_at
+	SET DATA TYPE timestamp
+	USING last_used_at::timestamptz AT TIME ZONE 'UTC',
+ALTER COLUMN last_used_at
+	SET DEFAULT '0001-01-01 00:00:00'::timestamp;
@@ -0,0 +1,6 @@
+ALTER TABLE ONLY workspaces
+ALTER COLUMN last_used_at
+	SET DATA TYPE timestamptz
+	USING last_used_at::timestamp AT TIME ZONE 'UTC',
+ALTER COLUMN last_used_at
+	SET DEFAULT '0001-01-01 00:00:00+00:00'::timestamptz;
@@ -1808,7 +1808,7 @@ func convertWorkspaceAgentMetadata(db []database.WorkspaceAgentMetadatum) []code
 			Result: codersdk.WorkspaceAgentMetadataResult{
 				Value:       datum.Value,
 				Error:       datum.Error,
-				CollectedAt: datum.CollectedAt,
+				CollectedAt: datum.CollectedAt.UTC(),
 				Age:         int64(time.Since(datum.CollectedAt).Seconds()),
 			},
 			Description: codersdk.WorkspaceAgentMetadataDescription{
 
@@ -23,7 +23,6 @@ import (
 	"github.com/coder/coder/v2/agent"
 	"github.com/coder/coder/v2/coderd/coderdtest"
 	"github.com/coder/coder/v2/coderd/database"
-	"github.com/coder/coder/v2/coderd/database/dbtestutil"
 	"github.com/coder/coder/v2/coderd/database/dbtime"
 	"github.com/coder/coder/v2/codersdk"
 	"github.com/coder/coder/v2/codersdk/agentsdk"
@@ -1185,12 +1184,8 @@ func TestWorkspaceAgent_LifecycleState(t *testing.T) {
 func TestWorkspaceAgent_Metadata(t *testing.T) {
 	t.Parallel()
 
-	// nolint:gocritic // https://github.com/coder/coder/issues/9682
-	db, ps := dbtestutil.NewDB(t, dbtestutil.WithTimezone("UTC"))
 	client := coderdtest.New(t, &coderdtest.Options{
 		IncludeProvisionerDaemon: true,
-		Database:                 db,
-		Pubsub:                   ps,
 	})
 	user := coderdtest.CreateFirstUser(t, client)
 	authToken := uuid.NewString()
 
@@ -1515,12 +1515,8 @@ func TestWorkspaceFilterManual(t *testing.T) {
 	t.Run("LastUsed", func(t *testing.T) {
 		t.Parallel()
 
-		// nolint:gocritic // https://github.com/coder/coder/issues/9682
-		db, ps := dbtestutil.NewDB(t, dbtestutil.WithTimezone("UTC"))
 		client, _, api := coderdtest.NewWithAPI(t, &coderdtest.Options{
 			IncludeProvisionerDaemon: true,
-			Database:                 db,
-			Pubsub:                   ps,
 		})
 		user := coderdtest.CreateFirstUser(t, client)
 		authToken := uuid.NewString()
 
@@ -411,6 +411,29 @@ By default, all templates allow developers to connect over SSH and a web
 terminal. See [Configuring Web IDEs](../ides/web-ides.md) to learn how to give
 users access to additional web applications.
 
+Template administrators can hide apps like the web-based Terminal or VS Code
+Desktop with the
+[`display_apps`](https://registry.terraform.io/providers/coder/coder/0.11.2/docs/resources/agent#display_apps)
+configuration in the
+[`coder_agent`](https://registry.terraform.io/providers/coder/coder/latest/docs/resources/agent)
+resource. For example, the following configuration block will hide all default
+Coder apps except the web terminal.
+
+```hcl
+  display_apps {
+    vscode = false
+    vscode_insiders = false
+    ssh_helper = false
+    port_forwarding_helper = false
+    web_terminal = true
+  }
+```
+
+Example use cases for `display_apps` are JetBrains users or zero-trust
+deployments who do not want nor should have access to a local VS Code IDE.
+
+![display-apps](../images/display-apps.png)
+
 ### Data source
 
 When a workspace is being started or stopped, the `coder_workspace` data source