From 5fc995865ea6e6af7d6659681e5867b4d7fb85eb Mon Sep 17 00:00:00 2001 From: Dean Sheather Date: Mon, 1 May 2023 20:45:49 +0000 Subject: [PATCH 1/3] chore: add continuous deployment for workspace proxies --- .github/workflows/ci.yaml | 25 +++++++++++++++++++------ coder-proxy.service | 31 +++++++++++++++++++++++++++++++ codersdk/workspaceproxy.go | 4 ++-- enterprise/wsproxy/wsproxy.go | 2 +- scripts/nfpm.yaml | 2 ++ scripts/package.sh | 1 + site/src/api/typesGenerated.ts | 4 ++-- 7 files changed, 58 insertions(+), 11 deletions(-) create mode 100644 coder-proxy.service diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 40d6c599c3a31..d8c55c7a08e06 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -487,14 +487,27 @@ jobs: - name: Install Release run: | + set -euo pipefail + + regions=( + # gcp-region-id instance-name systemd-service-name + "us-central1-a coder coder" + "australia-southeast1-b coder-sydney coder-proxy" + "europe-west3-c coder-europe coder-proxy" + "southamerica-east1-b coder-brazil coder-proxy" + ) + gcloud config set project coder-dogfood - gcloud config set compute/zone us-central1-a - gcloud compute scp ./build/coder_*_linux_amd64.deb coder:/tmp/coder.deb - gcloud compute ssh coder -- sudo dpkg -i --force-confdef /tmp/coder.deb - gcloud compute ssh coder -- sudo systemctl daemon-reload + for region in "${regions[@]}"; do + echo "::group::$region" + set -- $region + + gcloud config set compute/zone "$1" + gcloud compute scp ./build/coder_*_linux_amd64.deb "$2":/tmp/coder.deb + gcloud compute ssh "$2" -- /bin/sh -c "set -eux; sudo dpkg -i --force-confdef /tmp/coder.deb; sudo systemctl daemon-reload; sudo service '$3' restart" - - name: Start - run: gcloud compute ssh coder -- sudo service coder restart + echo "::endgroup::" + done - uses: actions/upload-artifact@v3 with: diff --git a/coder-proxy.service b/coder-proxy.service new file mode 100644 index 0000000000000..eb663233bb38d --- /dev/null +++ b/coder-proxy.service @@ -0,0 +1,31 @@ +[Unit] +Description="Coder - external workspace proxy server" +Documentation=https://coder.com/docs/coder-oss +Requires=network-online.target +After=network-online.target +ConditionFileNotEmpty=/etc/coder.d/coder-proxy.env +StartLimitIntervalSec=60 +StartLimitBurst=3 + +[Service] +Type=notify +EnvironmentFile=/etc/coder.d/coder-proxy.env +User=coder +Group=coder +ProtectSystem=full +PrivateTmp=yes +PrivateDevices=yes +SecureBits=keep-caps +AmbientCapabilities=CAP_IPC_LOCK CAP_NET_BIND_SERVICE +CacheDirectory=coder +CapabilityBoundingSet=CAP_SYSLOG CAP_IPC_LOCK CAP_NET_BIND_SERVICE +KillSignal=SIGINT +KillMode=mixed +NoNewPrivileges=yes +ExecStart=/usr/bin/coder proxy server +Restart=on-failure +RestartSec=5 +TimeoutStopSec=90 + +[Install] +WantedBy=multi-user.target diff --git a/codersdk/workspaceproxy.go b/codersdk/workspaceproxy.go index 336d37e30b283..23a275f53d9b2 100644 --- a/codersdk/workspaceproxy.go +++ b/codersdk/workspaceproxy.go @@ -39,10 +39,10 @@ type WorkspaceProxyStatus struct { // A healthy report will have no errors. Warnings are not fatal. type ProxyHealthReport struct { // Errors are problems that prevent the workspace proxy from being healthy - Errors []string + Errors []string `json:"errors"` // Warnings do not prevent the workspace proxy from being healthy, but // should be addressed. - Warnings []string + Warnings []string `json:"warnings"` } type WorkspaceProxy struct { diff --git a/enterprise/wsproxy/wsproxy.go b/enterprise/wsproxy/wsproxy.go index 3f03d486fe87c..67f7ec56be997 100644 --- a/enterprise/wsproxy/wsproxy.go +++ b/enterprise/wsproxy/wsproxy.go @@ -229,7 +229,7 @@ func New(ctx context.Context, opts *Options) (*Server, error) { s.AppServer.Attach(r) }) - r.Get("/buildinfo", s.buildInfo) + r.Get("/api/v2/buildinfo", s.buildInfo) r.Get("/healthz", func(w http.ResponseWriter, r *http.Request) { _, _ = w.Write([]byte("OK")) }) // TODO: @emyrk should this be authenticated or debounced? r.Get("/healthz-report", s.healthReport) diff --git a/scripts/nfpm.yaml b/scripts/nfpm.yaml index 528dc817c3eff..c075b569e3891 100644 --- a/scripts/nfpm.yaml +++ b/scripts/nfpm.yaml @@ -25,3 +25,5 @@ contents: type: "config|noreplace" - src: coder.service dst: /usr/lib/systemd/system/coder.service + - src: coder-proxy.service + dst: /usr/lib/systemd/system/coder-proxy.service diff --git a/scripts/package.sh b/scripts/package.sh index dcd5614ae145a..459019cd5e440 100755 --- a/scripts/package.sh +++ b/scripts/package.sh @@ -85,6 +85,7 @@ temp_dir="$(TMPDIR="$(dirname "$input_file")" mktemp -d)" ln "$input_file" "$temp_dir/coder" ln "$(realpath coder.env)" "$temp_dir/" ln "$(realpath coder.service)" "$temp_dir/" +ln "$(realpath coder-proxy.service)" "$temp_dir/" ln "$(realpath preinstall.sh)" "$temp_dir/" ln "$(realpath scripts/nfpm.yaml)" "$temp_dir/" diff --git a/site/src/api/typesGenerated.ts b/site/src/api/typesGenerated.ts index 6c3e7f0cea6bf..07d9030a1a51a 100644 --- a/site/src/api/typesGenerated.ts +++ b/site/src/api/typesGenerated.ts @@ -692,8 +692,8 @@ export interface ProvisionerJobLog { // From codersdk/workspaceproxy.go export interface ProxyHealthReport { - readonly Errors: string[] - readonly Warnings: string[] + readonly errors: string[] + readonly warnings: string[] } // From codersdk/workspaces.go From 04c54302474904b5b500563805f072463875d1ec Mon Sep 17 00:00:00 2001 From: Dean Sheather Date: Mon, 1 May 2023 21:29:12 +0000 Subject: [PATCH 2/3] move files around --- .../linux-pkg/coder-proxy.service | 0 coder.service => scripts/linux-pkg/coder.service | 0 scripts/{ => linux-pkg}/nfpm.yaml | 0 preinstall.sh => scripts/linux-pkg/preinstall.sh | 0 scripts/package.sh | 8 ++++---- 5 files changed, 4 insertions(+), 4 deletions(-) rename coder-proxy.service => scripts/linux-pkg/coder-proxy.service (100%) rename coder.service => scripts/linux-pkg/coder.service (100%) rename scripts/{ => linux-pkg}/nfpm.yaml (100%) rename preinstall.sh => scripts/linux-pkg/preinstall.sh (100%) diff --git a/coder-proxy.service b/scripts/linux-pkg/coder-proxy.service similarity index 100% rename from coder-proxy.service rename to scripts/linux-pkg/coder-proxy.service diff --git a/coder.service b/scripts/linux-pkg/coder.service similarity index 100% rename from coder.service rename to scripts/linux-pkg/coder.service diff --git a/scripts/nfpm.yaml b/scripts/linux-pkg/nfpm.yaml similarity index 100% rename from scripts/nfpm.yaml rename to scripts/linux-pkg/nfpm.yaml diff --git a/preinstall.sh b/scripts/linux-pkg/preinstall.sh similarity index 100% rename from preinstall.sh rename to scripts/linux-pkg/preinstall.sh diff --git a/scripts/package.sh b/scripts/package.sh index 459019cd5e440..59b5429ba805f 100755 --- a/scripts/package.sh +++ b/scripts/package.sh @@ -84,10 +84,10 @@ cdroot temp_dir="$(TMPDIR="$(dirname "$input_file")" mktemp -d)" ln "$input_file" "$temp_dir/coder" ln "$(realpath coder.env)" "$temp_dir/" -ln "$(realpath coder.service)" "$temp_dir/" -ln "$(realpath coder-proxy.service)" "$temp_dir/" -ln "$(realpath preinstall.sh)" "$temp_dir/" -ln "$(realpath scripts/nfpm.yaml)" "$temp_dir/" +ln "$(realpath scripts/linux-pkg/coder-proxy.service)" "$temp_dir/" +ln "$(realpath scripts/linux-pkg/coder.service)" "$temp_dir/" +ln "$(realpath scripts/linux-pkg/nfpm.yaml)" "$temp_dir/" +ln "$(realpath scripts/linux-pkg/preinstall.sh)" "$temp_dir/" pushd "$temp_dir" GOARCH="$arch" CODER_VERSION="$version" nfpm package \ From e9c6b8eaf78270b42d585b3df162b5f818bf698f Mon Sep 17 00:00:00 2001 From: Dean Sheather Date: Mon, 1 May 2023 21:36:18 +0000 Subject: [PATCH 3/3] rename proxy service --- .../{coder-proxy.service => coder-workspace-proxy.service} | 0 scripts/package.sh | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename scripts/linux-pkg/{coder-proxy.service => coder-workspace-proxy.service} (100%) diff --git a/scripts/linux-pkg/coder-proxy.service b/scripts/linux-pkg/coder-workspace-proxy.service similarity index 100% rename from scripts/linux-pkg/coder-proxy.service rename to scripts/linux-pkg/coder-workspace-proxy.service diff --git a/scripts/package.sh b/scripts/package.sh index 59b5429ba805f..8afbf5d608ea9 100755 --- a/scripts/package.sh +++ b/scripts/package.sh @@ -84,7 +84,7 @@ cdroot temp_dir="$(TMPDIR="$(dirname "$input_file")" mktemp -d)" ln "$input_file" "$temp_dir/coder" ln "$(realpath coder.env)" "$temp_dir/" -ln "$(realpath scripts/linux-pkg/coder-proxy.service)" "$temp_dir/" +ln "$(realpath scripts/linux-pkg/coder-workspace-proxy.service)" "$temp_dir/" ln "$(realpath scripts/linux-pkg/coder.service)" "$temp_dir/" ln "$(realpath scripts/linux-pkg/nfpm.yaml)" "$temp_dir/" ln "$(realpath scripts/linux-pkg/preinstall.sh)" "$temp_dir/"