Skip to content

feat: add cli support for --require-active-version #10337

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 10 commits into from
Oct 19, 2023
Merged

feat: add cli support for --require-active-version #10337

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
825b827
feat: add cli support for --require-active-version
sreya Oct 18, 2023
8644201
add support for template edit
sreya Oct 19, 2023
e9c7b2f
make gen
sreya Oct 19, 2023
e0e28a2
golden files
sreya Oct 19, 2023
de17520
add test for start
sreya Oct 19, 2023
202d29a
add tests for start/restart
sreya Oct 19, 2023
a67768f
fix race
sreya Oct 19, 2023
8e19b79
pr comments
sreya Oct 19, 2023
9b96767
pr comments
sreya Oct 19, 2023
0ed711e
fix tests
sreya Oct 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 23 additions & 12 deletions cli/restart.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,15 @@ package cli

import (
"fmt"
"net/http"
"time"

"golang.org/x/xerrors"

"github.com/coder/pretty"

"github.com/coder/coder/v2/cli/clibase"
"github.com/coder/coder/v2/cli/cliui"
"github.com/coder/coder/v2/codersdk"
"github.com/coder/pretty"
)

func (r *RootCmd) restart() *clibase.Cmd {
Expand Down Expand Up @@ -40,19 +40,14 @@ func (r *RootCmd) restart() *clibase.Cmd {
return err
}

template, err := client.Template(inv.Context(), workspace.TemplateID)
if err != nil {
return err
}

buildOptions, err := asWorkspaceBuildParameters(parameterFlags.buildOptions)
if err != nil {
return xerrors.Errorf("can't parse build options: %w", err)
}

buildParameters, err := prepStartWorkspace(inv, client, prepStartWorkspaceArgs{
Action: WorkspaceRestart,
Template: template,
Action: WorkspaceRestart,
TemplateVersionID: workspace.LatestBuild.TemplateVersionID,

LastBuildParameters: lastBuildParameters,

Expand Down Expand Up @@ -82,13 +77,29 @@ func (r *RootCmd) restart() *clibase.Cmd {
return err
}

build, err = client.CreateWorkspaceBuild(ctx, workspace.ID, codersdk.CreateWorkspaceBuildRequest{
req := codersdk.CreateWorkspaceBuildRequest{
Transition: codersdk.WorkspaceTransitionStart,
RichParameterValues: buildParameters,
})
if err != nil {
TemplateVersionID: workspace.LatestBuild.TemplateVersionID,
}

build, err = client.CreateWorkspaceBuild(ctx, workspace.ID, req)
// It's possible for a workspace build to fail due to the template requiring starting
// workspaces with the active version.
if cerr, ok := codersdk.AsError(err); ok && cerr.StatusCode() == http.StatusUnauthorized {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Whoops. This should have been 403 Forbidden, not 401 Unauthorized. Despite the name, 401 is for when we failed to authenticate the user. Probably shouldn't change it now, though.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah that's fair I'll update it in a separate PR

build, err = startWorkspaceActiveVersion(inv, client, startWorkspaceActiveVersionArgs{
BuildOptions: buildOptions,
LastBuildParameters: lastBuildParameters,
PromptBuildOptions: parameterFlags.promptBuildOptions,
Workspace: workspace,
})
if err != nil {
return xerrors.Errorf("start workspace with active template version: %w", err)
}
} else if err != nil {
return err
}

err = cliui.WorkspaceBuild(ctx, out, client, build.ID)
if err != nil {
return err
Expand Down
78 changes: 65 additions & 13 deletions cli/start.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,10 @@ package cli

import (
"fmt"
"net/http"
"time"

"github.com/google/uuid"
"golang.org/x/xerrors"

"github.com/coder/coder/v2/cli/clibase"
Expand Down Expand Up @@ -35,19 +37,14 @@ func (r *RootCmd) start() *clibase.Cmd {
return err
}

template, err := client.Template(inv.Context(), workspace.TemplateID)
if err != nil {
return err
}

buildOptions, err := asWorkspaceBuildParameters(parameterFlags.buildOptions)
if err != nil {
return xerrors.Errorf("unable to parse build options: %w", err)
}

buildParameters, err := prepStartWorkspace(inv, client, prepStartWorkspaceArgs{
Action: WorkspaceStart,
Template: template,
Action: WorkspaceStart,
TemplateVersionID: workspace.LatestBuild.TemplateVersionID,

LastBuildParameters: lastBuildParameters,

Expand All @@ -58,11 +55,26 @@ func (r *RootCmd) start() *clibase.Cmd {
return err
}

build, err := client.CreateWorkspaceBuild(inv.Context(), workspace.ID, codersdk.CreateWorkspaceBuildRequest{
req := codersdk.CreateWorkspaceBuildRequest{
Transition: codersdk.WorkspaceTransitionStart,
RichParameterValues: buildParameters,
})
if err != nil {
TemplateVersionID: workspace.LatestBuild.TemplateVersionID,
}

build, err := client.CreateWorkspaceBuild(inv.Context(), workspace.ID, req)
// It's possible for a workspace build to fail due to the template requiring starting
// workspaces with the active version.
if cerr, ok := codersdk.AsError(err); ok && cerr.StatusCode() == http.StatusUnauthorized {
build, err = startWorkspaceActiveVersion(inv, client, startWorkspaceActiveVersionArgs{
BuildOptions: buildOptions,
LastBuildParameters: lastBuildParameters,
PromptBuildOptions: parameterFlags.promptBuildOptions,
Workspace: workspace,
})
if err != nil {
return xerrors.Errorf("start workspace with active template version: %w", err)
}
} else if err != nil {
return err
}

Expand All @@ -82,8 +94,8 @@ func (r *RootCmd) start() *clibase.Cmd {
}

type prepStartWorkspaceArgs struct {
Action WorkspaceCLIAction
Template codersdk.Template
Action WorkspaceCLIAction
TemplateVersionID uuid.UUID

LastBuildParameters []codersdk.WorkspaceBuildParameter

Expand All @@ -94,7 +106,7 @@ type prepStartWorkspaceArgs struct {
func prepStartWorkspace(inv *clibase.Invocation, client *codersdk.Client, args prepStartWorkspaceArgs) ([]codersdk.WorkspaceBuildParameter, error) {
ctx := inv.Context()

templateVersion, err := client.TemplateVersion(ctx, args.Template.ActiveVersionID)
templateVersion, err := client.TemplateVersion(ctx, args.TemplateVersionID)
if err != nil {
return nil, xerrors.Errorf("get template version: %w", err)
}
Expand All @@ -110,3 +122,43 @@ func prepStartWorkspace(inv *clibase.Invocation, client *codersdk.Client, args p
WithBuildOptions(args.BuildOptions)
return resolver.Resolve(inv, args.Action, templateVersionParameters)
}

type startWorkspaceActiveVersionArgs struct {
BuildOptions []codersdk.WorkspaceBuildParameter
LastBuildParameters []codersdk.WorkspaceBuildParameter
PromptBuildOptions bool
Workspace codersdk.Workspace
}

func startWorkspaceActiveVersion(inv *clibase.Invocation, client *codersdk.Client, args startWorkspaceActiveVersionArgs) (codersdk.WorkspaceBuild, error) {
_, _ = fmt.Fprintln(inv.Stdout, "Failed to restart with the template version from your last build. Policy may require you to restart with the current active template version.")

template, err := client.Template(inv.Context(), args.Workspace.TemplateID)
if err != nil {
return codersdk.WorkspaceBuild{}, xerrors.Errorf("get template: %w", err)
}

buildParameters, err := prepStartWorkspace(inv, client, prepStartWorkspaceArgs{
Action: WorkspaceStart,
TemplateVersionID: template.ActiveVersionID,

LastBuildParameters: args.LastBuildParameters,

PromptBuildOptions: args.PromptBuildOptions,
BuildOptions: args.BuildOptions,
})
if err != nil {
return codersdk.WorkspaceBuild{}, err
}

build, err := client.CreateWorkspaceBuild(inv.Context(), args.Workspace.ID, codersdk.CreateWorkspaceBuildRequest{
Transition: codersdk.WorkspaceTransitionStart,
RichParameterValues: buildParameters,
TemplateVersionID: template.ActiveVersionID,
})
if err != nil {
return codersdk.WorkspaceBuild{}, err
}

return build, nil
}
49 changes: 38 additions & 11 deletions cli/templatecreate.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,12 @@ import (

func (r *RootCmd) templateCreate() *clibase.Cmd {
var (
provisioner string
provisionerTags []string
variablesFile string
variables []string
disableEveryone bool
provisioner string
provisionerTags []string
variablesFile string
variables []string
disableEveryone bool
requireActiveVersion bool

defaultTTL time.Duration
failureTTL time.Duration
Expand All @@ -46,17 +47,35 @@ func (r *RootCmd) templateCreate() *clibase.Cmd {
r.InitClient(client),
),
Handler: func(inv *clibase.Invocation) error {
if failureTTL != 0 || inactivityTTL != 0 || maxTTL != 0 {
isTemplateSchedulingOptionsSet := failureTTL != 0 || inactivityTTL != 0 || maxTTL != 0

if isTemplateSchedulingOptionsSet || requireActiveVersion {
entitlements, err := client.Entitlements(inv.Context())
var sdkErr *codersdk.Error
if xerrors.As(err, &sdkErr) && sdkErr.StatusCode() == http.StatusNotFound {
return xerrors.Errorf("your deployment appears to be an AGPL deployment, so you cannot set --failure-ttl or --inactivityTTL")
if cerr, ok := codersdk.AsError(err); ok && cerr.StatusCode() == http.StatusNotFound {
return xerrors.Errorf("your deployment appears to be an AGPL deployment, so you cannot set enterprise-only flags")
} else if err != nil {
return xerrors.Errorf("get entitlements: %w", err)
}

if !entitlements.Features[codersdk.FeatureAdvancedTemplateScheduling].Enabled {
return xerrors.Errorf("your license is not entitled to use advanced template scheduling, so you cannot set --failure-ttl or --inactivityTTL")
if isTemplateSchedulingOptionsSet {
if !entitlements.Features[codersdk.FeatureAdvancedTemplateScheduling].Enabled {
return xerrors.Errorf("your license is not entitled to use advanced template scheduling, so you cannot set --failure-ttl or --inactivityTTL")
}
}

if requireActiveVersion {
if !entitlements.Features[codersdk.FeatureAccessControl].Enabled {
return xerrors.Errorf("your license is not entitled to use enterprise access control, so you cannot set --require-active-version")
}

experiments, exErr := client.Experiments(inv.Context())
if exErr != nil {
return xerrors.Errorf("get experiments: %w", exErr)
}

if !experiments.Enabled(codersdk.ExperimentTemplateUpdatePolicies) {
return xerrors.Errorf("--require-active-version is an experimental feature, contact an administrator to enable the 'template_update_policies' experiment on your Coder server")
}
}
}

Expand Down Expand Up @@ -129,6 +148,7 @@ func (r *RootCmd) templateCreate() *clibase.Cmd {
MaxTTLMillis: ptr.Ref(maxTTL.Milliseconds()),
TimeTilDormantMillis: ptr.Ref(inactivityTTL.Milliseconds()),
DisableEveryoneGroupAccess: disableEveryone,
RequireActiveVersion: requireActiveVersion,
}

_, err = client.CreateTemplate(inv.Context(), organization.ID, createReq)
Expand Down Expand Up @@ -205,6 +225,13 @@ func (r *RootCmd) templateCreate() *clibase.Cmd {
Value: clibase.StringOf(&provisioner),
Hidden: true,
},
{
Flag: "require-active-version",
Description: "Requires workspace builds to use the active template version. This setting does not apply to template admins. This is an enterprise-only feature.",
Value: clibase.BoolOf(&requireActiveVersion),
Default: "false",
},

cliui.SkipPromptOption(),
}
cmd.Options = append(cmd.Options, uploadFlags.options()...)
Expand Down
31 changes: 31 additions & 0 deletions cli/templatecreate_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ import (
"github.com/coder/coder/v2/cli/clitest"
"github.com/coder/coder/v2/coderd/coderdtest"
"github.com/coder/coder/v2/coderd/database"
"github.com/coder/coder/v2/codersdk"
"github.com/coder/coder/v2/provisioner/echo"
"github.com/coder/coder/v2/provisionersdk/proto"
"github.com/coder/coder/v2/pty/ptytest"
Expand Down Expand Up @@ -393,6 +394,36 @@ func TestTemplateCreate(t *testing.T) {
}
}
})

t.Run("RequireActiveVersionInvalid", func(t *testing.T) {
t.Parallel()

dv := coderdtest.DeploymentValues(t)
dv.Experiments = []string{
string(codersdk.ExperimentTemplateUpdatePolicies),
}

client := coderdtest.New(t, &coderdtest.Options{
IncludeProvisionerDaemon: true,
DeploymentValues: dv,
})
coderdtest.CreateFirstUser(t, client)
source := clitest.CreateTemplateVersionSource(t, completeWithAgent())
args := []string{
"templates",
"create",
"my-template",
"--directory", source,
"--test.provisioner", string(database.ProvisionerTypeEcho),
"--require-active-version",
}
inv, root := clitest.New(t, args...)
clitest.SetupConfig(t, client, root)

err := inv.Run()
require.Error(t, err)
require.Contains(t, err.Error(), "your deployment appears to be an AGPL deployment, so you cannot set enterprise-only flags")
})
}

// Need this for Windows because of a known issue with Go:
Expand Down
Loading