Skip to content

chore: track terraform modules in telemetry #15450

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 34 commits into from
Nov 16, 2024
Merged

chore: track terraform modules in telemetry #15450

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
0f713ed
add the workspace_modules table, add the module column to workspace_r…
hugodutka Nov 6, 2024
82c8a3c
insert workspace modules on provisioner job completion
hugodutka Nov 6, 2024
307a57e
add foreign key to job on workspace_modules
hugodutka Nov 6, 2024
2ae16fc
don't return the root module
hugodutka Nov 7, 2024
7f2f155
add and populate the module_path column to workspace_resources
hugodutka Nov 7, 2024
863235d
TestCompleteJob - Modules WIP
hugodutka Nov 7, 2024
993f0ab
TemplateImport CompleteJob Modules test
hugodutka Nov 8, 2024
e8fbd40
TestCompleteJob Modules WorkspaceBuild
hugodutka Nov 8, 2024
5c542e5
add a test for returning modules in provision_test.go, fix test in re…
hugodutka Nov 8, 2024
9ec5ee1
make gen
hugodutka Nov 8, 2024
119a686
fix dbauthz tests
hugodutka Nov 8, 2024
3a5a025
add workspace modules and workspace resources's ModulePath to telemetry
hugodutka Nov 8, 2024
3377d22
add a workspace_modules fixture
hugodutka Nov 8, 2024
422b112
add a workspace resource's modulePath default to the e2e helper
hugodutka Nov 8, 2024
46b9b36
add modules default on PlanComplete for e2e tests
hugodutka Nov 8, 2024
f3f4d5c
lint
hugodutka Nov 8, 2024
93ed136
set module path to sentinel value when parsing failed and log an error
hugodutka Nov 13, 2024
301a153
change error string
hugodutka Nov 13, 2024
212e7d5
obfuscate workspace module source and version
hugodutka Nov 13, 2024
e9b7c46
fixes after rebase
hugodutka Nov 14, 2024
25cba6d
change migration number
hugodutka Nov 15, 2024
780730f
change fixture number
hugodutka Nov 15, 2024
b47a018
add index on created_at
hugodutka Nov 15, 2024
03be52e
add a comment about using modules from plan instead of apply
hugodutka Nov 15, 2024
00b8131
convert sentinel string to an error
hugodutka Nov 15, 2024
4187fbf
remove unnecessary comment
hugodutka Nov 15, 2024
7e82c3d
don't fail if we can't get modules from disk
hugodutka Nov 15, 2024
42e57ca
add a test for a malformed module
hugodutka Nov 16, 2024
368fc25
add a comment
hugodutka Nov 16, 2024
73b22cf
combine assignment and conditional
hugodutka Nov 16, 2024
7b9d70a
make isCoderModule into a top level function
hugodutka Nov 16, 2024
ea82313
use dbtestutil.NewDB instead of dbmem
hugodutka Nov 16, 2024
8564e9a
make gen
hugodutka Nov 16, 2024
d11fc82
combine 2 more assignments and conditionals
hugodutka Nov 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
insert workspace modules on provisioner job completion
  • Loading branch information
@hugodutka
hugodutka committed Nov 15, 2024
commit 82c8a3c9b3e99bb376a1d132cc29a92c1ddce4fc
7 changes: 7 additions & 0 deletions coderd/database/dbauthz/dbauthz.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3222,6 +3222,13 @@ func (q *querier) InsertWorkspaceBuildParameters(ctx context.Context, arg databa
return q.db.InsertWorkspaceBuildParameters(ctx, arg)
}

func (q *querier) InsertWorkspaceModule(ctx context.Context, arg database.InsertWorkspaceModuleParams) (database.WorkspaceModule, error) {
if err := q.authorizeContext(ctx, policy.ActionCreate, rbac.ResourceSystem); err != nil {
return database.WorkspaceModule{}, err
}
return q.db.InsertWorkspaceModule(ctx, arg)
}

func (q *querier) InsertWorkspaceProxy(ctx context.Context, arg database.InsertWorkspaceProxyParams) (database.WorkspaceProxy, error) {
return insert(q.log, q.auth, rbac.ResourceWorkspaceProxy, q.db.InsertWorkspaceProxy)(ctx, arg)
}
Expand Down
9 changes: 9 additions & 0 deletions coderd/database/dbmem/dbmem.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8233,6 +8233,15 @@ func (q *FakeQuerier) InsertWorkspaceBuildParameters(_ context.Context, arg data
return nil
}

func (q *FakeQuerier) InsertWorkspaceModule(ctx context.Context, arg database.InsertWorkspaceModuleParams) (database.WorkspaceModule, error) {
err := validateDatabaseType(arg)
if err != nil {
return database.WorkspaceModule{}, err
}

panic("not implemented")
}

func (q *FakeQuerier) InsertWorkspaceProxy(_ context.Context, arg database.InsertWorkspaceProxyParams) (database.WorkspaceProxy, error) {
q.mutex.Lock()
defer q.mutex.Unlock()
Expand Down
7 changes: 7 additions & 0 deletions coderd/database/dbmetrics/querymetrics.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

15 changes: 15 additions & 0 deletions coderd/database/dbmock/dbmock.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions coderd/database/querier.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

40 changes: 40 additions & 0 deletions coderd/database/queries.sql.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions coderd/database/queries/workspacemodules.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
-- name: InsertWorkspaceModule :one
INSERT INTO
workspace_modules (id, job_id, transition, source, version, key, created_at)
VALUES
($1, $2, $3, $4, $5, $6, $7) RETURNING *;
51 changes: 51 additions & 0 deletions coderd/provisionerdserver/provisionerdserver.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1267,6 +1267,24 @@ func (s *server) CompleteJob(ctx context.Context, completed *proto.CompletedJob)
}
}
}
for transition, modules := range map[database.WorkspaceTransition][]*sdkproto.Module{
database.WorkspaceTransitionStart: jobType.TemplateImport.StartModules,
database.WorkspaceTransitionStop: jobType.TemplateImport.StopModules,
} {
for _, module := range modules {
s.Logger.Info(ctx, "inserting template import job module",
slog.F("job_id", job.ID.String()),
slog.F("module_source", module.Source),
slog.F("module_version", module.Version),
slog.F("module_key", module.Key),
slog.F("transition", transition))

err = InsertWorkspaceModule(ctx, s.Database, jobID, transition, module)
if err != nil {
return nil, xerrors.Errorf("insert module: %w", err)
}
}
}

for _, richParameter := range jobType.TemplateImport.RichParameters {
s.Logger.Info(ctx, "inserting template import job parameter",
Expand Down Expand Up @@ -1472,6 +1490,12 @@ func (s *server) CompleteJob(ctx context.Context, completed *proto.CompletedJob)
return xerrors.Errorf("insert provisioner job: %w", err)
}
}
for _, module := range jobType.WorkspaceBuild.Modules {
err = InsertWorkspaceModule(ctx, db, job.ID, workspaceBuild.Transition, module)
if err != nil {
return xerrors.Errorf("insert provisioner job module: %w", err)
}
}

// On start, we want to ensure that workspace agents timeout statuses
// are propagated. This method is simple and does not protect against
Expand Down Expand Up @@ -1653,6 +1677,17 @@ func (s *server) CompleteJob(ctx context.Context, completed *proto.CompletedJob)
return nil, xerrors.Errorf("insert resource: %w", err)
}
}
for _, module := range jobType.TemplateDryRun.Modules {
s.Logger.Info(ctx, "inserting template dry-run job module",
slog.F("job_id", job.ID.String()),
slog.F("module_source", module.Source),
)

err = InsertWorkspaceModule(ctx, s.Database, jobID, database.WorkspaceTransitionStart, module)
if err != nil {
return nil, xerrors.Errorf("insert module: %w", err)
}
}

err = s.Database.UpdateProvisionerJobWithCompleteByID(ctx, database.UpdateProvisionerJobWithCompleteByIDParams{
ID: jobID,
Expand Down Expand Up @@ -1734,6 +1769,22 @@ func (s *server) startTrace(ctx context.Context, name string, opts ...trace.Span
))...)
}

func InsertWorkspaceModule(ctx context.Context, db database.Store, jobID uuid.UUID, transition database.WorkspaceTransition, protoModule *sdkproto.Module) error {
_, err := db.InsertWorkspaceModule(ctx, database.InsertWorkspaceModuleParams{
ID: uuid.New(),
CreatedAt: dbtime.Now(),
JobID: jobID,
Transition: transition,
Source: protoModule.Source,
Version: protoModule.Version,
Key: protoModule.Key,
})
if err != nil {
return xerrors.Errorf("insert provisioner job module %q: %w", protoModule.Source, err)
}
return nil
}

func InsertWorkspaceResource(ctx context.Context, db database.Store, jobID uuid.UUID, transition database.WorkspaceTransition, protoResource *sdkproto.Resource, snapshot *telemetry.Snapshot) error {
resource, err := db.InsertWorkspaceResource(ctx, database.InsertWorkspaceResourceParams{
ID: uuid.New(),
Expand Down
52 changes: 52 additions & 0 deletions provisioner/terraform/modules.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
package terraform
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm curious about this.

We extract all other resources from the template by executing terraform graph (see provisioner/terraform/executor.go -> graph()) and then pass that to provisioner/terraform/resources.go -> ConvertState(). From there we retrieve all the template's resources, and they're then persisted.

Did this approach not work for modules?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I couldn't find either module versions or their sources inside the state. This was the first approach I tried, and I switched to reading files only when I couldn't make it work.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the output from a terraform graph run locally with a module specified:

$ terraform graph
digraph G {
  ...
  "module.jetbrains_gateway.coder_app.gateway" -> "coder_agent.main";
  "module.jetbrains_gateway.coder_app.gateway" -> "module.jetbrains_gateway.data.coder_parameter.jetbrains_ide";
  "module.jetbrains_gateway.coder_app.gateway" -> "module.jetbrains_gateway.data.coder_workspace.me";
  "module.jetbrains_gateway.coder_app.gateway" -> "module.jetbrains_gateway.data.coder_workspace_owner.me";
  "module.jetbrains_gateway.coder_app.gateway" -> "module.jetbrains_gateway.data.http.jetbrains_ide_versions";
}

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, the graph only displays the module names specified by the user in the template. It doesn’t show the source, like registry.coder.com/modules/jetbrains-gateway/coder, or the version, like 1.0.23. That information is available in the files on disk.


import (
"encoding/json"
"os"
"path/filepath"

"golang.org/x/xerrors"

"github.com/coder/coder/v2/provisionersdk/proto"
)

type module struct {
Source string `json:"Source"`
Version string `json:"Version"`
Key string `json:"Key"`
}

type modulesFile struct {
Modules []*module `json:"Modules"`
}

func getModulesFilePath(workdir string) string {
return filepath.Join(workdir, ".terraform", "modules", "modules.json")
}

func parseModulesFile(filePath string) ([]*proto.Module, error) {
modules := &modulesFile{}
data, err := os.ReadFile(filePath)
if err != nil {
return nil, xerrors.Errorf("read modules file: %w", err)
}
if err := json.Unmarshal(data, modules); err != nil {
return nil, xerrors.Errorf("unmarshal modules file: %w", err)
}
protoModules := make([]*proto.Module, len(modules.Modules))
for i, m := range modules.Modules {
protoModules[i] = &proto.Module{Source: m.Source, Version: m.Version, Key: m.Key}
}
return protoModules, nil
}

// getModules returns the modules from the modules file if it exists.
// It returns nil if the file does not exist.
// Modules become available after terraform init.
func getModules(workdir string) ([]*proto.Module, error) {
filePath := getModulesFilePath(workdir)
if _, err := os.Stat(filePath); os.IsNotExist(err) {
return nil, nil
}
return parseModulesFile(filePath)
}
6 changes: 6 additions & 0 deletions provisioner/terraform/provision.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -142,6 +142,11 @@ func (s *server) Plan(
return provisionersdk.PlanErrorf("initialize terraform: %s", err)
}

modules, err := getModules(sess.WorkDirectory)
if err != nil {
return provisionersdk.PlanErrorf("get modules: %s", err)
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So, if we fail to get the list of modules for the build that we only need for telemetry purposes, we fail to build?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch, it'd probably be better to only log an error.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On second thought, after the discussion regarding using modules in places other than telemetry, it may make sense to return an error rather than just log. Otherwise any code using module info would have to take into account that it may be missing.

Copy link
Member

@johnstcn johnstcn Nov 14, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just so we're clear, this means that any failure to fetch the modules in the working directory will result in a failure of the whole plan stage.

Right now, as far as I can tell, the only scenario that will trigger this is a malformed modules file. Are there any other possible scenarios I'm missing?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pair review (blocking): as this is currently only for telemetry, we should not fail to plan if anything goes wrong with extracting modules.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are there any other possible scenarios I'm missing?

I don't think there are any other scenarios - barring disk read failures and such. In normal operation this should only happen if terraform changes how it stores modules on disk and we upgrade to that version.


initTimings.ingest(createInitTimingsEvent(timingInitComplete))

s.logger.Debug(ctx, "ran initialization")
Expand All @@ -167,6 +172,7 @@ func (s *server) Plan(
// Prepend init timings since they occur prior to plan timings.
// Order is irrelevant; this is merely indicative.
resp.Timings = append(initTimings.aggregate(), resp.Timings...)
resp.Modules = modules
return resp
}

Expand Down
Loading