Skip to content

chore: add provisioner key crud apis #13857

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 20 commits into from
Jul 16, 2024
Merged

chore: add provisioner key crud apis #13857

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
6019ded
chore: add provisioner key crud apis
f0ssel Jul 9, 2024
2d2ea40
add api routes
f0ssel Jul 9, 2024
ea9fa64
testing
f0ssel Jul 11, 2024
5ce5549
more tests and rbac fix
f0ssel Jul 11, 2024
06f2e94
fix file
f0ssel Jul 12, 2024
2408612
tests
f0ssel Jul 12, 2024
67701de
gen
f0ssel Jul 12, 2024
53dccb7
fix migrations
f0ssel Jul 12, 2024
5a7e2de
add swagger
f0ssel Jul 12, 2024
76cce30
move to enterprise
f0ssel Jul 12, 2024
e2b2d6b
dbauthz
f0ssel Jul 12, 2024
5f5e923
fix swagger
f0ssel Jul 12, 2024
81d4e92
put routes under experiment
f0ssel Jul 12, 2024
efcf832
add fixture
f0ssel Jul 12, 2024
3530f73
use existing org id
f0ssel Jul 12, 2024
e5f7311
save
f0ssel Jul 15, 2024
28ded45
fix case sensitivity
f0ssel Jul 15, 2024
1d246ec
fix tests and pr comments
f0ssel Jul 16, 2024
1a5deb8
fix migration
f0ssel Jul 16, 2024
ff62057
make gen and test fix
f0ssel Jul 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix case sensitivity
  • Loading branch information
@f0ssel
f0ssel committed Jul 16, 2024
commit 28ded4534b96b135e4fb1cc009aa08da59153e83
2 changes: 1 addition & 1 deletion coderd/database/dbauthz/dbauthz.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2859,7 +2859,7 @@ func (q *querier) InsertWorkspaceResourceMetadata(ctx context.Context, arg datab
return q.db.InsertWorkspaceResourceMetadata(ctx, arg)
}

func (q *querier) ListProvisionerKeysByOrganization(ctx context.Context, organizationID uuid.UUID) ([]database.ListProvisionerKeysByOrganizationRow, error) {
func (q *querier) ListProvisionerKeysByOrganization(ctx context.Context, organizationID uuid.UUID) ([]database.ProvisionerKey, error) {
return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.ListProvisionerKeysByOrganization)(ctx, organizationID)
}

Expand Down
2 changes: 1 addition & 1 deletion coderd/database/dbauthz/dbauthz_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1835,7 +1835,7 @@ func (s *MethodTestSuite) TestProvisionerKeys() {
s.Run("ListProvisionerKeysByOrganization", s.Subtest(func(db database.Store, check *expects) {
org := dbgen.Organization(s.T(), db, database.Organization{})
pk := dbgen.ProvisionerKey(s.T(), db, database.ProvisionerKey{OrganizationID: org.ID})
pks := []database.ListProvisionerKeysByOrganizationRow{
pks := []database.ProvisionerKey{
{
ID: pk.ID,
CreatedAt: pk.CreatedAt,
Expand Down
21 changes: 15 additions & 6 deletions coderd/database/dbmem/dbmem.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,14 @@ func (inTxMutex) RLock() {}
func (inTxMutex) Unlock() {}
func (inTxMutex) RUnlock() {}

// newUniqueContraintError copies the base unique constraint error and sets the constraint to the provided value.
func newUniqueContraintError(uc database.UniqueConstraint) *pq.Error {
newErr := *errUniqueConstraint
newErr.Constraint = string(uc)

return &newErr
}

// FakeQuerier replicates database functionality to enable quick testing. It's an exported type so that our test code
// can do type checks.
type FakeQuerier struct {
Expand Down Expand Up @@ -3228,7 +3236,7 @@ func (q *FakeQuerier) GetProvisionerKeyByName(_ context.Context, arg database.Ge
defer q.mutex.RUnlock()

for _, key := range q.provisionerKeys {
if key.Name == arg.Name && key.OrganizationID == arg.OrganizationID {
if strings.ToLower(key.Name) == strings.ToLower(arg.Name) && key.OrganizationID == arg.OrganizationID {
return key, nil
}
}
Expand Down Expand Up @@ -6544,7 +6552,7 @@ func (q *FakeQuerier) InsertProvisionerKey(_ context.Context, arg database.Inser
defer q.mutex.Unlock()

newErr := *errUniqueConstraint
newErr.Constraint = string(database.UniqueProvisionerKeysOrganizationIDNameKey)
newErr.Constraint = string(database.UniqueProvisionerKeysOrganizationIDNameIndex)
for _, key := range q.provisionerKeys {
if key.ID == arg.ID || (key.OrganizationID == arg.OrganizationID && key.Name == arg.Name) {
return database.ProvisionerKey{}, &newErr
Expand All @@ -6556,7 +6564,7 @@ func (q *FakeQuerier) InsertProvisionerKey(_ context.Context, arg database.Inser
ID: arg.ID,
CreatedAt: arg.CreatedAt,
OrganizationID: arg.OrganizationID,
Name: arg.Name,
Name: strings.ToLower(arg.Name),
HashedSecret: arg.HashedSecret,
}
q.provisionerKeys = append(q.provisionerKeys, provisionerKey)
Expand Down Expand Up @@ -7241,18 +7249,19 @@ func (q *FakeQuerier) InsertWorkspaceResourceMetadata(_ context.Context, arg dat
return metadata, nil
}

func (q *FakeQuerier) ListProvisionerKeysByOrganization(_ context.Context, organizationID uuid.UUID) ([]database.ListProvisionerKeysByOrganizationRow, error) {
func (q *FakeQuerier) ListProvisionerKeysByOrganization(_ context.Context, organizationID uuid.UUID) ([]database.ProvisionerKey, error) {
q.mutex.RLock()
defer q.mutex.RUnlock()

keys := make([]database.ListProvisionerKeysByOrganizationRow, 0)
keys := make([]database.ProvisionerKey, 0)
for _, key := range q.provisionerKeys {
if key.OrganizationID == organizationID {
keys = append(keys, database.ListProvisionerKeysByOrganizationRow{
keys = append(keys, database.ProvisionerKey{
ID: key.ID,
CreatedAt: key.CreatedAt,
OrganizationID: key.OrganizationID,
Name: key.Name,
HashedSecret: key.HashedSecret,
})
}
}
Expand Down
2 changes: 1 addition & 1 deletion coderd/database/dbmetrics/dbmetrics.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions coderd/database/dbmock/dbmock.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 2 additions & 3 deletions coderd/database/dump.sql
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions coderd/database/migrations/000226_provisioner_keys.up.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ CREATE TABLE provisioner_keys (
created_at timestamptz NOT NULL,
organization_id uuid NOT NULL REFERENCES organizations (id) ON DELETE CASCADE,
name varchar(64) NOT NULL,
hashed_secret bytea NOT NULL,
hashed_secret bytea NOT NULL
);

CREATE INDEX provisioner_keys_organization_id_name_idx ON provisioner_keys (organization_id, name);
CREATE UNIQUE INDEX provisioner_keys_organization_id_name_idx ON provisioner_keys (organization_id, name);
2 changes: 1 addition & 1 deletion coderd/database/querier.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

27 changes: 9 additions & 18 deletions coderd/database/queries.sql.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 3 additions & 6 deletions coderd/database/queries/provisionerkeys.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ INSERT INTO
hashed_secret
)
VALUES
($1, $2, $3, lower($4), $5) RETURNING *;
($1, $2, $3, lower(@name), $4) RETURNING *;

-- name: GetProvisionerKeyByID :one
SELECT
Expand All @@ -26,14 +26,11 @@ FROM
WHERE
organization_id = $1
AND
name = $2;
name = lower(@name);

-- name: ListProvisionerKeysByOrganization :many
SELECT
id,
created_at,
organization_id,
name
*
FROM
provisioner_keys
WHERE
Expand Down
2 changes: 1 addition & 1 deletion coderd/database/unique_constraint.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions codersdk/provisionerdaemons.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -271,6 +271,7 @@ type ProvisionerKey struct {
CreatedAt time.Time `json:"created_at" format:"date-time"`
OrganizationID uuid.UUID `json:"organization" format:"uuid"`
Name string `json:"name"`
// HashedSecret - never include the access token in the API response
}

type CreateProvisionerKeyRequest struct {
Expand Down
5 changes: 3 additions & 2 deletions enterprise/coderd/provisionerkeys.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ func (api *API) postProvisionerKey(rw http.ResponseWriter, r *http.Request) {
}

_, err = api.Database.InsertProvisionerKey(ctx, params)
if database.IsUniqueViolation(err, database.UniqueProvisionerKeysOrganizationIDNameKey) {
if database.IsUniqueViolation(err, database.UniqueProvisionerKeysOrganizationIDNameIndex) {
httpapi.Write(ctx, rw, http.StatusConflict, codersdk.Response{
Message: fmt.Sprintf("Provisioner key with name '%s' already exists in organization", req.Name),
})
Expand Down Expand Up @@ -135,14 +135,15 @@ func (api *API) deleteProvisionerKey(rw http.ResponseWriter, r *http.Request) {
httpapi.Write(ctx, rw, http.StatusNoContent, nil)
}

func convertProvisionerKeys(dbKeys []database.ListProvisionerKeysByOrganizationRow) []codersdk.ProvisionerKey {
func convertProvisionerKeys(dbKeys []database.ProvisionerKey) []codersdk.ProvisionerKey {
keys := make([]codersdk.ProvisionerKey, 0, len(dbKeys))
for _, dbKey := range dbKeys {
keys = append(keys, codersdk.ProvisionerKey{
ID: dbKey.ID,
CreatedAt: dbKey.CreatedAt,
OrganizationID: dbKey.OrganizationID,
Name: dbKey.Name,
// HashedSecret - never include the access token in the API response
})
}
return keys
Expand Down
4 changes: 2 additions & 2 deletions enterprise/coderd/provisionerkeys_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ func TestProvisionerKeys(t *testing.T) {

// org admin can create a provisioner key
_, err = orgAdmin.CreateProvisionerKey(ctx, owner.OrganizationID, codersdk.CreateProvisionerKeyRequest{
Name: "key",
Name: "Key", // case insensitive
})
require.NoError(t, err, "org admin create provisioner key")

Expand Down Expand Up @@ -99,7 +99,7 @@ func TestProvisionerKeys(t *testing.T) {
require.Len(t, keys, 1, "org admin list provisioner keys")

// org admin can delete a provisioner key
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, "key")
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, "key") // using lowercase here works
require.NoError(t, err, "org admin delete provisioner key")

// org admin cannot delete a provisioner key that doesn't exist
Expand Down