Skip to content
Merged
Prev Previous commit
Next Next commit
pr comments
  • Loading branch information
f0ssel committed Sep 16, 2024
commit c0ae05624723b5f673a9ea6f61bb2e26dd18633f
10 changes: 5 additions & 5 deletions coderd/database/db2sdk/db2sdk.go
Original file line number Diff line number Diff line change
Expand Up @@ -544,11 +544,6 @@ func ProvisionerDaemon(dbDaemon database.ProvisionerDaemon) codersdk.Provisioner
func RecentProvisionerDaemons(now time.Time, staleInterval time.Duration, daemons []database.ProvisionerDaemon) []codersdk.ProvisionerDaemon {
results := []codersdk.ProvisionerDaemon{}

// Ensure stable order for display and for tests
sort.Slice(daemons, func(i, j int) bool {
return daemons[i].Name < daemons[j].Name
})

for _, daemon := range daemons {
// Daemon never connected, skip.
if !daemon.LastSeenAt.Valid {
Expand All @@ -562,6 +557,11 @@ func RecentProvisionerDaemons(now time.Time, staleInterval time.Duration, daemon
results = append(results, ProvisionerDaemon(daemon))
}

// Ensure stable order for display and for tests
sort.Slice(results, func(i, j int) bool {
return results[i].Name < results[j].Name
})

return results
}

Expand Down
6 changes: 3 additions & 3 deletions coderd/database/dbmem/dbmem.go
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,7 @@ func New() database.Store {
OrganizationID: defaultOrg.ID,
CreatedAt: dbtime.Now(),
HashedSecret: []byte{},
Name: "built-in",
Name: codersdk.ProvisionerKeyNameBuiltIn,
Tags: map[string]string{},
})
if err != nil {
Expand All @@ -126,7 +126,7 @@ func New() database.Store {
OrganizationID: defaultOrg.ID,
CreatedAt: dbtime.Now(),
HashedSecret: []byte{},
Name: "user-auth",
Name: codersdk.ProvisionerKeyNameUserAuth,
Tags: map[string]string{},
})
if err != nil {
Expand All @@ -137,7 +137,7 @@ func New() database.Store {
OrganizationID: defaultOrg.ID,
CreatedAt: dbtime.Now(),
HashedSecret: []byte{},
Name: "psk",
Name: codersdk.ProvisionerKeyNamePSK,
Tags: map[string]string{},
})
if err != nil {
Expand Down
5 changes: 5 additions & 0 deletions coderd/database/dbpurge/dbpurge_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ import (
"github.com/coder/coder/v2/coderd/database/dbrollup"
"github.com/coder/coder/v2/coderd/database/dbtestutil"
"github.com/coder/coder/v2/coderd/database/dbtime"
"github.com/coder/coder/v2/codersdk"
"github.com/coder/coder/v2/provisionerd/proto"
"github.com/coder/coder/v2/provisionersdk"
"github.com/coder/coder/v2/testutil"
Expand Down Expand Up @@ -412,6 +413,7 @@ func TestDeleteOldProvisionerDaemons(t *testing.T) {
Version: "1.0.0",
APIVersion: proto.CurrentVersion.String(),
OrganizationID: defaultOrg.ID,
KeyID: uuid.MustParse(codersdk.ProvisionerKeyIDBuiltIn),
})
require.NoError(t, err)
_, err = db.UpsertProvisionerDaemon(ctx, database.UpsertProvisionerDaemonParams{
Expand All @@ -424,6 +426,7 @@ func TestDeleteOldProvisionerDaemons(t *testing.T) {
Version: "1.0.0",
APIVersion: proto.CurrentVersion.String(),
OrganizationID: defaultOrg.ID,
KeyID: uuid.MustParse(codersdk.ProvisionerKeyIDBuiltIn),
})
require.NoError(t, err)
_, err = db.UpsertProvisionerDaemon(ctx, database.UpsertProvisionerDaemonParams{
Expand All @@ -438,6 +441,7 @@ func TestDeleteOldProvisionerDaemons(t *testing.T) {
Version: "1.0.0",
APIVersion: proto.CurrentVersion.String(),
OrganizationID: defaultOrg.ID,
KeyID: uuid.MustParse(codersdk.ProvisionerKeyIDBuiltIn),
})
require.NoError(t, err)
_, err = db.UpsertProvisionerDaemon(ctx, database.UpsertProvisionerDaemonParams{
Expand All @@ -453,6 +457,7 @@ func TestDeleteOldProvisionerDaemons(t *testing.T) {
Version: "1.0.0",
APIVersion: proto.CurrentVersion.String(),
OrganizationID: defaultOrg.ID,
KeyID: uuid.MustParse(codersdk.ProvisionerKeyIDBuiltIn),
})
require.NoError(t, err)

Expand Down
3 changes: 3 additions & 0 deletions coderd/database/queries/provisionerkeys.sql
Original file line number Diff line number Diff line change
Expand Up @@ -45,10 +45,13 @@ FROM
WHERE
organization_id = $1
AND
-- exclude reserved built-in key
id != '11111111-1111-1111-1111-111111111111'::uuid
AND
-- exclude reserved user-auth key
id != '22222222-2222-2222-2222-222222222222'::uuid
AND
-- exclude reserved psk key
id != '33333333-3333-3333-3333-333333333333'::uuid;

-- name: DeleteProvisionerKey :exec
Expand Down
14 changes: 14 additions & 0 deletions codersdk/provisionerdaemons.go
Original file line number Diff line number Diff line change
Expand Up @@ -289,6 +289,20 @@ const (
ProvisionerKeyIDPSK = "33333333-3333-3333-3333-333333333333"
)

const (
ProvisionerKeyNameBuiltIn = "built-in"
ProvisionerKeyNameUserAuth = "user-auth"
ProvisionerKeyNamePSK = "psk"
)

func ReservedProvisionerKeyNames() []string {
return []string{
ProvisionerKeyNameBuiltIn,
ProvisionerKeyNameUserAuth,
ProvisionerKeyNamePSK,
}
}

type CreateProvisionerKeyRequest struct {
Name string `json:"name"`
Tags map[string]string `json:"tags"`
Expand Down
3 changes: 1 addition & 2 deletions enterprise/coderd/provisionerkeys.go
Original file line number Diff line number Diff line change
Expand Up @@ -55,8 +55,7 @@ func (api *API) postProvisionerKey(rw http.ResponseWriter, r *http.Request) {
return
}

reserved := []string{"built-in", "psk", "user-auth"}
if slices.Contains(reserved, req.Name) {
if slices.Contains(codersdk.ReservedProvisionerKeyNames(), req.Name) {
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
Message: fmt.Sprintf("Name cannot be reserved name '%s'", req.Name),
Validations: []codersdk.ValidationError{
Expand Down
12 changes: 6 additions & 6 deletions enterprise/coderd/provisionerkeys_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -66,15 +66,15 @@ func TestProvisionerKeys(t *testing.T) {

// org admin cannot create reserved provisioner keys
_, err = orgAdmin.CreateProvisionerKey(ctx, owner.OrganizationID, codersdk.CreateProvisionerKeyRequest{
Name: "built-in",
Name: codersdk.ProvisionerKeyNameBuiltIn,
})
require.ErrorContains(t, err, "reserved")
_, err = orgAdmin.CreateProvisionerKey(ctx, owner.OrganizationID, codersdk.CreateProvisionerKeyRequest{
Name: "user-auth",
Name: codersdk.ProvisionerKeyNameUserAuth,
})
require.ErrorContains(t, err, "reserved")
_, err = orgAdmin.CreateProvisionerKey(ctx, owner.OrganizationID, codersdk.CreateProvisionerKeyRequest{
Name: "psk",
Name: codersdk.ProvisionerKeyNamePSK,
})
require.ErrorContains(t, err, "reserved")

Expand Down Expand Up @@ -127,10 +127,10 @@ func TestProvisionerKeys(t *testing.T) {
require.ErrorContains(t, err, "Resource not found")

// org admin cannot delete reserved provisioner keys
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, "built-in")
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, codersdk.ProvisionerKeyNameBuiltIn)
require.ErrorContains(t, err, "reserved")
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, "user-auth")
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, codersdk.ProvisionerKeyNameUserAuth)
require.ErrorContains(t, err, "reserved")
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, "psk")
err = orgAdmin.DeleteProvisionerKey(ctx, owner.OrganizationID, codersdk.ProvisionerKeyNamePSK)
require.ErrorContains(t, err, "reserved")
}