Skip to content

Commit ed85167

Browse files
kylecarbskylecarbs
committed
Merge branch 'main' into templates
2 parents 1ac8aed + 584c8b4 commit ed85167

22 files changed

+1014
-13
lines changed

cli/start.go

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@ import (
3131
"github.com/coder/coder/coderd"
3232
"github.com/coder/coder/coderd/database"
3333
"github.com/coder/coder/coderd/database/databasefake"
34+
"github.com/coder/coder/coderd/gitsshkey"
3435
"github.com/coder/coder/coderd/tunnel"
3536
"github.com/coder/coder/codersdk"
3637
"github.com/coder/coder/provisioner/terraform"
@@ -57,6 +58,7 @@ func start() *cobra.Command {
5758
useTunnel bool
5859
traceDatadog bool
5960
secureAuthCookie bool
61+
sshKeygenAlgorithmRaw string
6062
)
6163
root := &cobra.Command{
6264
Use: "start",
@@ -126,6 +128,12 @@ func start() *cobra.Command {
126128
if err != nil {
127129
return xerrors.Errorf("parse access url %q: %w", accessURL, err)
128130
}
131+
132+
sshKeygenAlgorithm, err := gitsshkey.ParseAlgorithm(sshKeygenAlgorithmRaw)
133+
if err != nil {
134+
return xerrors.Errorf("parse ssh keygen algorithm %s: %w", sshKeygenAlgorithmRaw, err)
135+
}
136+
129137
logger := slog.Make(sloghuman.Sink(os.Stderr))
130138
options := &coderd.Options{
131139
AccessURL: accessURLParsed,
@@ -134,6 +142,7 @@ func start() *cobra.Command {
134142
Pubsub: database.NewPubsubInMemory(),
135143
GoogleTokenValidator: validator,
136144
SecureAuthCookie: secureAuthCookie,
145+
SSHKeygenAlgorithm: sshKeygenAlgorithm,
137146
}
138147

139148
if !dev {
@@ -337,6 +346,8 @@ func start() *cobra.Command {
337346
_ = root.Flags().MarkHidden("tunnel")
338347
cliflag.BoolVarP(root.Flags(), &traceDatadog, "trace-datadog", "", "CODER_TRACE_DATADOG", false, "Send tracing data to a datadog agent")
339348
cliflag.BoolVarP(root.Flags(), &secureAuthCookie, "secure-auth-cookie", "", "CODER_SECURE_AUTH_COOKIE", false, "Specifies if the 'Secure' property is set on browser session cookies")
349+
cliflag.StringVarP(root.Flags(), &sshKeygenAlgorithmRaw, "ssh-keygen-algorithm", "", "CODER_SSH_KEYGEN_ALGORITHM", "ed25519", "Specifies the algorithm to use for generating ssh keys. "+
350+
`Accepted values are "ed25519", "ecdsa", or "rsa4096"`)
340351

341352
return root
342353
}

coderd/coderd.go

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ import (
1414
"cdr.dev/slog"
1515
"github.com/coder/coder/coderd/awsidentity"
1616
"github.com/coder/coder/coderd/database"
17+
"github.com/coder/coder/coderd/gitsshkey"
1718
"github.com/coder/coder/coderd/httpapi"
1819
"github.com/coder/coder/coderd/httpmw"
1920
"github.com/coder/coder/site"
@@ -30,7 +31,8 @@ type Options struct {
3031
AWSCertificates awsidentity.Certificates
3132
GoogleTokenValidator *idtoken.Validator
3233

33-
SecureAuthCookie bool
34+
SecureAuthCookie bool
35+
SSHKeygenAlgorithm gitsshkey.Algorithm
3436
}
3537

3638
// New constructs the Coder API into an HTTP handler.
@@ -146,6 +148,8 @@ func New(options *Options) (http.Handler, func()) {
146148
r.Get("/", api.workspacesByUser)
147149
r.Get("/{workspacename}", api.workspaceByUserAndName)
148150
})
151+
r.Get("/gitsshkey", api.gitSSHKey)
152+
r.Put("/gitsshkey", api.regenerateGitSSHKey)
149153
})
150154
})
151155
})
@@ -157,6 +161,7 @@ func New(options *Options) (http.Handler, func()) {
157161
r.Route("/agent", func(r chi.Router) {
158162
r.Use(httpmw.ExtractWorkspaceAgent(options.Database))
159163
r.Get("/", api.workspaceAgentListen)
164+
r.Get("/gitsshkey", api.agentGitSSHKey)
160165
})
161166
r.Route("/{workspaceresource}", func(r chi.Router) {
162167
r.Use(

coderd/coderdtest/coderdtest.go

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@ import (
3838
"github.com/coder/coder/coderd/database"
3939
"github.com/coder/coder/coderd/database/databasefake"
4040
"github.com/coder/coder/coderd/database/postgres"
41+
"github.com/coder/coder/coderd/gitsshkey"
4142
"github.com/coder/coder/codersdk"
4243
"github.com/coder/coder/cryptorand"
4344
"github.com/coder/coder/provisioner/echo"
@@ -49,6 +50,7 @@ import (
4950
type Options struct {
5051
AWSInstanceIdentity awsidentity.Certificates
5152
GoogleInstanceIdentity *idtoken.Validator
53+
SSHKeygenAlgorithm gitsshkey.Algorithm
5254
}
5355

5456
// New constructs an in-memory coderd instance and returns
@@ -98,6 +100,12 @@ func New(t *testing.T, options *Options) *codersdk.Client {
98100
serverURL, err := url.Parse(srv.URL)
99101
require.NoError(t, err)
100102
var closeWait func()
103+
104+
// match default with cli default
105+
if options.SSHKeygenAlgorithm == "" {
106+
options.SSHKeygenAlgorithm = gitsshkey.AlgorithmEd25519
107+
}
108+
101109
// We set the handler after server creation for the access URL.
102110
srv.Config.Handler, closeWait = coderd.New(&coderd.Options{
103111
AgentConnectionUpdateFrequency: 25 * time.Millisecond,
@@ -108,6 +116,7 @@ func New(t *testing.T, options *Options) *codersdk.Client {
108116

109117
AWSCertificates: options.AWSInstanceIdentity,
110118
GoogleTokenValidator: options.GoogleInstanceIdentity,
119+
SSHKeygenAlgorithm: options.SSHKeygenAlgorithm,
111120
})
112121
t.Cleanup(func() {
113122
srv.Close()

coderd/database/databasefake/databasefake.go

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@ func New() database.Store {
3131
provisionerJobResource: make([]database.WorkspaceResource, 0),
3232
workspaceBuild: make([]database.WorkspaceBuild, 0),
3333
provisionerJobAgent: make([]database.WorkspaceAgent, 0),
34+
GitSSHKey: make([]database.GitSSHKey, 0),
3435
}
3536
}
3637

@@ -57,6 +58,7 @@ type fakeQuerier struct {
5758
provisionerJobLog []database.ProvisionerJobLog
5859
workspace []database.Workspace
5960
workspaceBuild []database.WorkspaceBuild
61+
GitSSHKey []database.GitSSHKey
6062
}
6163

6264
// InTx doesn't rollback data properly for in-memory yet.
@@ -1239,3 +1241,63 @@ func (q *fakeQuerier) UpdateWorkspaceDeletedByID(_ context.Context, arg database
12391241
}
12401242
return sql.ErrNoRows
12411243
}
1244+
1245+
func (q *fakeQuerier) InsertGitSSHKey(_ context.Context, arg database.InsertGitSSHKeyParams) (database.GitSSHKey, error) {
1246+
q.mutex.Lock()
1247+
defer q.mutex.Unlock()
1248+
1249+
//nolint:gosimple
1250+
gitSSHKey := database.GitSSHKey{
1251+
UserID: arg.UserID,
1252+
CreatedAt: arg.CreatedAt,
1253+
UpdatedAt: arg.UpdatedAt,
1254+
PrivateKey: arg.PrivateKey,
1255+
PublicKey: arg.PublicKey,
1256+
}
1257+
q.GitSSHKey = append(q.GitSSHKey, gitSSHKey)
1258+
return gitSSHKey, nil
1259+
}
1260+
1261+
func (q *fakeQuerier) GetGitSSHKey(_ context.Context, userID uuid.UUID) (database.GitSSHKey, error) {
1262+
q.mutex.RLock()
1263+
defer q.mutex.RUnlock()
1264+
1265+
for _, key := range q.GitSSHKey {
1266+
if key.UserID == userID {
1267+
return key, nil
1268+
}
1269+
}
1270+
return database.GitSSHKey{}, sql.ErrNoRows
1271+
}
1272+
1273+
func (q *fakeQuerier) UpdateGitSSHKey(_ context.Context, arg database.UpdateGitSSHKeyParams) error {
1274+
q.mutex.Lock()
1275+
defer q.mutex.Unlock()
1276+
1277+
for index, key := range q.GitSSHKey {
1278+
if key.UserID.String() != arg.UserID.String() {
1279+
continue
1280+
}
1281+
key.UpdatedAt = arg.UpdatedAt
1282+
key.PrivateKey = arg.PrivateKey
1283+
key.PublicKey = arg.PublicKey
1284+
q.GitSSHKey[index] = key
1285+
return nil
1286+
}
1287+
return sql.ErrNoRows
1288+
}
1289+
1290+
func (q *fakeQuerier) DeleteGitSSHKey(_ context.Context, userID uuid.UUID) error {
1291+
q.mutex.Lock()
1292+
defer q.mutex.Unlock()
1293+
1294+
for index, key := range q.GitSSHKey {
1295+
if key.UserID.String() != userID.String() {
1296+
continue
1297+
}
1298+
q.GitSSHKey[index] = q.GitSSHKey[len(q.GitSSHKey)-1]
1299+
q.GitSSHKey = q.GitSSHKey[:len(q.GitSSHKey)-1]
1300+
return nil
1301+
}
1302+
return sql.ErrNoRows
1303+
}

coderd/database/dump.sql

Lines changed: 14 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/migrations/000005_gitsshkey.down.sql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
DROP TABLE gitsshkeys;

coderd/database/migrations/000005_gitsshkey.up.sql

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
CREATE TABLE IF NOT EXISTS gitsshkeys (
2+
user_id uuid PRIMARY KEY NOT NULL REFERENCES users (id),
3+
created_at timestamptz NOT NULL,
4+
updated_at timestamptz NOT NULL,
5+
private_key text NOT NULL,
6+
public_key text NOT NULL
7+
);

coderd/database/models.go

Lines changed: 8 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/querier.go

Lines changed: 4 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/queries.sql.go

Lines changed: 102 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)