Skip to content

chore: add continuous deployment for workspace proxies #7364

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
May 1, 2023
Merged

chore: add continuous deployment for workspace proxies #7364

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
5fc9958
chore: add continuous deployment for workspace proxies
deansheather May 1, 2023
04c5430
move files around
deansheather May 1, 2023
e9c6b8e
rename proxy service
deansheather May 1, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 19 additions & 6 deletions .github/workflows/ci.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -487,14 +487,27 @@ jobs:

- name: Install Release
run: |
set -euo pipefail

regions=(
# gcp-region-id instance-name systemd-service-name
"us-central1-a coder coder"
"australia-southeast1-b coder-sydney coder-proxy"
"europe-west3-c coder-europe coder-proxy"
"southamerica-east1-b coder-brazil coder-proxy"
)

gcloud config set project coder-dogfood
gcloud config set compute/zone us-central1-a
gcloud compute scp ./build/coder_*_linux_amd64.deb coder:/tmp/coder.deb
gcloud compute ssh coder -- sudo dpkg -i --force-confdef /tmp/coder.deb
gcloud compute ssh coder -- sudo systemctl daemon-reload
for region in "${regions[@]}"; do
echo "::group::$region"
set -- $region

gcloud config set compute/zone "$1"
gcloud compute scp ./build/coder_*_linux_amd64.deb "$2":/tmp/coder.deb
gcloud compute ssh "$2" -- /bin/sh -c "set -eux; sudo dpkg -i --force-confdef /tmp/coder.deb; sudo systemctl daemon-reload; sudo service '$3' restart"

- name: Start
run: gcloud compute ssh coder -- sudo service coder restart
echo "::endgroup::"
done

- uses: actions/upload-artifact@v3
with:
Expand Down
4 changes: 2 additions & 2 deletions codersdk/workspaceproxy.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,10 +39,10 @@ type WorkspaceProxyStatus struct {
// A healthy report will have no errors. Warnings are not fatal.
type ProxyHealthReport struct {
// Errors are problems that prevent the workspace proxy from being healthy
Errors []string
Errors []string `json:"errors"`
// Warnings do not prevent the workspace proxy from being healthy, but
// should be addressed.
Warnings []string
Warnings []string `json:"warnings"`
}

type WorkspaceProxy struct {
Expand Down
2 changes: 1 addition & 1 deletion enterprise/wsproxy/wsproxy.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -229,7 +229,7 @@ func New(ctx context.Context, opts *Options) (*Server, error) {
s.AppServer.Attach(r)
})

r.Get("/buildinfo", s.buildInfo)
r.Get("/api/v2/buildinfo", s.buildInfo)
r.Get("/healthz", func(w http.ResponseWriter, r *http.Request) { _, _ = w.Write([]byte("OK")) })
// TODO: @emyrk should this be authenticated or debounced?
r.Get("/healthz-report", s.healthReport)
Expand Down
31 changes: 31 additions & 0 deletions scripts/linux-pkg/coder-workspace-proxy.service
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
[Unit]
Description="Coder - external workspace proxy server"
Documentation=https://coder.com/docs/coder-oss
Requires=network-online.target
After=network-online.target
ConditionFileNotEmpty=/etc/coder.d/coder-proxy.env
StartLimitIntervalSec=60
StartLimitBurst=3

[Service]
Type=notify
EnvironmentFile=/etc/coder.d/coder-proxy.env
User=coder
Group=coder
ProtectSystem=full
PrivateTmp=yes
PrivateDevices=yes
SecureBits=keep-caps
AmbientCapabilities=CAP_IPC_LOCK CAP_NET_BIND_SERVICE
CacheDirectory=coder
CapabilityBoundingSet=CAP_SYSLOG CAP_IPC_LOCK CAP_NET_BIND_SERVICE
KillSignal=SIGINT
KillMode=mixed
NoNewPrivileges=yes
ExecStart=/usr/bin/coder proxy server
Restart=on-failure
RestartSec=5
TimeoutStopSec=90

[Install]
WantedBy=multi-user.target
0 coder.service → scripts/linux-pkg/coder.service
View file
Open in desktop
File renamed without changes.
2 changes: 2 additions & 0 deletions scripts/nfpm.yaml → scripts/linux-pkg/nfpm.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,3 +25,5 @@ contents:
type: "config|noreplace"
- src: coder.service
dst: /usr/lib/systemd/system/coder.service
- src: coder-proxy.service
dst: /usr/lib/systemd/system/coder-proxy.service
0 preinstall.sh → scripts/linux-pkg/preinstall.sh
View file
Open in desktop
File renamed without changes.
7 changes: 4 additions & 3 deletions scripts/package.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -84,9 +84,10 @@ cdroot
temp_dir="$(TMPDIR="$(dirname "$input_file")" mktemp -d)"
ln "$input_file" "$temp_dir/coder"
ln "$(realpath coder.env)" "$temp_dir/"
ln "$(realpath coder.service)" "$temp_dir/"
ln "$(realpath preinstall.sh)" "$temp_dir/"
ln "$(realpath scripts/nfpm.yaml)" "$temp_dir/"
ln "$(realpath scripts/linux-pkg/coder-workspace-proxy.service)" "$temp_dir/"
ln "$(realpath scripts/linux-pkg/coder.service)" "$temp_dir/"
ln "$(realpath scripts/linux-pkg/nfpm.yaml)" "$temp_dir/"
ln "$(realpath scripts/linux-pkg/preinstall.sh)" "$temp_dir/"

pushd "$temp_dir"
GOARCH="$arch" CODER_VERSION="$version" nfpm package \
Expand Down
4 changes: 2 additions & 2 deletions site/src/api/typesGenerated.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -692,8 +692,8 @@ export interface ProvisionerJobLog {

// From codersdk/workspaceproxy.go
export interface ProxyHealthReport {
readonly Errors: string[]
readonly Warnings: string[]
readonly errors: string[]
readonly warnings: string[]
}

// From codersdk/workspaces.go
Expand Down