coderdtest

package
v2.22.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 15, 2025 License: AGPL-3.0 Imports: 96 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var FirstUserParams = codersdk.CreateFirstUserRequest{
	Email:    "testuser@coder.com",
	Username: "testuser",
	Password: "SomeSecurePassword!",
	Name:     "Test User",
}
View Source 
var TrialUserParams = codersdk.CreateFirstUserTrialInfo{
	FirstName:   "John",
	LastName:    "Doe",
	PhoneNumber: "9999999999",
	JobTitle:    "Engineer",
	CompanyName: "Acme Inc",
	Country:     "United States",
	Developers:  "10-50",
}

Functions

func AccessControlStorePointer added in v2.5.1 

func AccessControlStorePointer() *atomic.Pointer[dbauthz.AccessControlStore]

func AgentsNotReady added in v2.22.0 

func AgentsNotReady(agent codersdk.WorkspaceAgent) bool

AgentsNotReady checks that the latest lifecycle state of an agent is anything except "Ready".

func AgentsReady added in v2.22.0 

func AgentsReady(agent codersdk.WorkspaceAgent) bool

AgentsReady checks that the latest lifecycle state of an agent is "Ready".

func AuthzUserSubject added in v2.5.0 

func AuthzUserSubject(user codersdk.User, orgID uuid.UUID) rbac.Subject

AuthzUserSubject does not include the user's groups.

func AwaitTemplateVersionJobCompleted added in v2.2.1 

func AwaitTemplateVersionJobCompleted(t testing.TB, client *codersdk.Client, version uuid.UUID) codersdk.TemplateVersion

AwaitTemplateVersionJobCompleted waits for the build to be completed. This may result from cancelation, an error, or from completing successfully.

func AwaitTemplateVersionJobRunning added in v2.3.0 

func AwaitTemplateVersionJobRunning(t testing.TB, client *codersdk.Client, version uuid.UUID) codersdk.TemplateVersion

AwaitTemplateVersionJobRunning waits for the build to be picked up by a provisioner.

func AwaitWorkspaceAgents deprecated 

func AwaitWorkspaceAgents(t testing.TB, client *codersdk.Client, workspaceID uuid.UUID, agentNames ...string) []codersdk.WorkspaceResource

AwaitWorkspaceAgents waits for all resources with agents to be connected. If specific agents are provided, it will wait for those agents to be connected but will not fail if other agents are not connected.

Deprecated: Use NewWorkspaceAgentWaiter

func AwaitWorkspaceBuildJobCompleted added in v2.2.1 

func AwaitWorkspaceBuildJobCompleted(t testing.TB, client *codersdk.Client, build uuid.UUID) codersdk.WorkspaceBuild

AwaitWorkspaceBuildJobCompleted waits for a workspace provision job to reach completed status.

func CreateAnotherUser 

func CreateAnotherUser(t testing.TB, client *codersdk.Client, organizationID uuid.UUID, roles ...rbac.RoleIdentifier) (*codersdk.Client, codersdk.User)

CreateAnotherUser creates and authenticates a new user. Roles can include org scoped roles with 'roleName:<organization_id>'

func CreateAnotherUserMutators 

func CreateAnotherUserMutators(t testing.TB, client *codersdk.Client, organizationID uuid.UUID, roles []rbac.RoleIdentifier, mutators ...func(r *codersdk.CreateUserRequestWithOrgs)) (*codersdk.Client, codersdk.User)

func CreateFirstUser 

func CreateFirstUser(t testing.TB, client *codersdk.Client) codersdk.CreateFirstUserResponse

CreateFirstUser creates a user with preset credentials and authenticates with the passed in codersdk client.

func CreateGroup added in v2.4.0 

func CreateGroup(t testing.TB, client *codersdk.Client, organizationID uuid.UUID, name string, members ...codersdk.User) codersdk.Group

CreateGroup creates a group with the given name and members.

func CreateTemplate 

func CreateTemplate(t testing.TB, client *codersdk.Client, organization uuid.UUID, version uuid.UUID, mutators ...func(*codersdk.CreateTemplateRequest)) codersdk.Template

CreateTemplate creates a template with the "echo" provisioner for compatibility with testing. The name assigned is randomly generated.

func CreateTemplateVersion 

func CreateTemplateVersion(t testing.TB, client *codersdk.Client, organizationID uuid.UUID, res *echo.Responses, mutators ...func(*codersdk.CreateTemplateVersionRequest)) codersdk.TemplateVersion

CreateTemplateVersion creates a template import provisioner job with the responses provided. It uses the "echo" provisioner for compatibility with testing.

func CreateWorkspace 

func CreateWorkspace(t testing.TB, client *codersdk.Client, templateID uuid.UUID, mutators ...func(*codersdk.CreateWorkspaceRequest)) codersdk.Workspace

CreateWorkspace creates a workspace for the user and template provided. A random name is generated for it. To customize the defaults, pass a mutator func.

func CreateWorkspaceBuild 

func CreateWorkspaceBuild(
	t *testing.T,
	client *codersdk.Client,
	workspace codersdk.Workspace,
	transition database.WorkspaceTransition,
	mutators ...func(*codersdk.CreateWorkspaceBuildRequest),
) codersdk.WorkspaceBuild

CreateWorkspaceBuild creates a workspace build for the given workspace and transition.

func DeploymentValues 

func DeploymentValues(t testing.TB, mut ...func(*codersdk.DeploymentValues)) *codersdk.DeploymentValues

func MustTransitionWorkspace 

func MustTransitionWorkspace(t testing.TB, client *codersdk.Client, workspaceID uuid.UUID, from, to database.WorkspaceTransition, muts ...func(req *codersdk.CreateWorkspaceBuildRequest)) codersdk.Workspace

TransitionWorkspace is a convenience method for transitioning a workspace from one state to another.

func MustWorkspace 

func MustWorkspace(t testing.TB, client *codersdk.Client, workspaceID uuid.UUID) codersdk.Workspace

MustWorkspace is a convenience method for fetching a workspace that should exist.

func New 

func New(t testing.TB, options *Options) *codersdk.Client

New constructs a codersdk client connected to an in-memory API instance.

func NewAWSInstanceIdentity 

func NewAWSInstanceIdentity(t testing.TB, instanceID string) (awsidentity.Certificates, *http.Client)

NewAWSInstanceIdentity returns a metadata client and ID token validator for faking instance authentication for AWS.

func NewAzureInstanceIdentity 

func NewAzureInstanceIdentity(t testing.TB, instanceID string) (x509.VerifyOptions, *http.Client)

NewAzureInstanceIdentity returns a metadata client and ID token validator for faking instance authentication for Azure.

func NewGoogleInstanceIdentity 

func NewGoogleInstanceIdentity(t testing.TB, instanceID string, expired bool) (*idtoken.Validator, *metadata.Client)

NewGoogleInstanceIdentity returns a metadata client and ID token validator for faking instance authentication for Google Cloud. nolint:revive

func NewOptions 

func NewOptions(t testing.TB, options *Options) (func(http.Handler), context.CancelFunc, *url.URL, *coderd.Options)

func NewProvisionerDaemon 

func NewProvisionerDaemon(t testing.TB, coderAPI *coderd.API) io.Closer

NewProvisionerDaemon launches a provisionerd instance configured to work well with coderd testing. It registers the "echo" provisioner for quick testing.

func NewTaggedProvisionerDaemon added in v2.13.0 

func NewTaggedProvisionerDaemon(t testing.TB, coderAPI *coderd.API, name string, provisionerTags map[string]string) io.Closer

func NewWithAPI 

func NewWithAPI(t testing.TB, options *Options) (*codersdk.Client, io.Closer, *coderd.API)

NewWithAPI constructs an in-memory API instance and returns a client to talk to it. Most tests never need a reference to the API, but AuthorizationTest in this module uses it. Do not expose the API or wrath shall descend upon thee.

func NewWithDatabase added in v2.4.0 

func NewWithDatabase(t testing.TB, options *Options) (*codersdk.Client, database.Store)

NewWithDatabase constructs a codersdk client connected to an in-memory API instance. The database is returned to provide direct data manipulation for tests.

func NewWithProvisionerCloser 

func NewWithProvisionerCloser(t testing.TB, options *Options) (*codersdk.Client, io.Closer)

NewWithProvisionerCloser returns a client as well as a handle to close the provisioner. This is a temporary function while work is done to standardize how provisioners are registered with coderd. The option to include a provisioner is set to true for convenience.

func RandomName added in v2.13.0 

func RandomName(t testing.TB) string

func RandomRBACAction 

func RandomRBACAction() policy.Action

func RandomRBACObject 

func RandomRBACObject() rbac.Object

func RandomRBACSubject 

func RandomRBACSubject() rbac.Subject

func RandomUsername added in v2.3.2 

func RandomUsername(t testing.TB) string

func RequestExternalAuthCallback added in v2.2.1 

func RequestExternalAuthCallback(t testing.TB, providerID string, client *codersdk.Client, opts ...func(*http.Request)) *http.Response

RequestExternalAuthCallback makes a request with the proper OAuth2 state cookie to the external auth callback endpoint.

func SDKError 

func SDKError(t testing.TB, err error) *codersdk.Error

SDKError coerces err into an SDK error.

func UpdateActiveTemplateVersion added in v2.3.0 

func UpdateActiveTemplateVersion(t testing.TB, client *codersdk.Client, templateID, versionID uuid.UUID)

func UpdateTemplateMeta added in v2.4.0 

func UpdateTemplateMeta(t testing.TB, client *codersdk.Client, templateID uuid.UUID, meta codersdk.UpdateTemplateMeta) codersdk.Template

UpdateTemplateMeta updates the template meta for the given template.

func UpdateTemplateVersion 

func UpdateTemplateVersion(t testing.TB, client *codersdk.Client, organizationID uuid.UUID, res *echo.Responses, templateID uuid.UUID) codersdk.TemplateVersion

UpdateTemplateVersion creates a new template version with the "echo" provisioner and associates it with the given templateID.

func VerifySwaggerDefinitions 

func VerifySwaggerDefinitions(t *testing.T, router chi.Router, swaggerComments []SwaggerComment)

Types

type ActionObjectPair 

type ActionObjectPair struct {
	Action policy.Action
	Object rbac.Object
}

type AuthCall 

type AuthCall struct {
	rbac.AuthCall
	Err error
	// contains filtered or unexported fields
}

type AuthCalls added in v2.21.1 

type AuthCalls []AuthCall

type DeterministicUUIDGenerator added in v2.16.0 

type DeterministicUUIDGenerator struct {
	Named map[string]uuid.UUID
}

DeterministicUUIDGenerator allows "naming" uuids for unit tests. An example of where this is useful, is when a tabled test references a UUID that is not yet known. An alternative to this would be to hard code some UUID strings, but these strings are not human friendly.

func NewDeterministicUUIDGenerator added in v2.16.0 

func NewDeterministicUUIDGenerator() *DeterministicUUIDGenerator

func (*DeterministicUUIDGenerator) ID added in v2.16.0 

func (d *DeterministicUUIDGenerator) ID(name string) uuid.UUID

type FakeAccessControlStore added in v2.5.1 

type FakeAccessControlStore struct{}

func (FakeAccessControlStore) GetTemplateAccessControl added in v2.5.1 

func (FakeAccessControlStore) GetTemplateAccessControl(t database.Template) dbauthz.TemplateAccessControl

func (FakeAccessControlStore) SetTemplateAccessControl added in v2.5.1 

func (FakeAccessControlStore) SetTemplateAccessControl(context.Context, database.Store, uuid.UUID, dbauthz.TemplateAccessControl) error

type FakeAuthorizer 

type FakeAuthorizer struct {
	ConditionalReturn func(context.Context, rbac.Subject, policy.Action, rbac.Object) error
	// contains filtered or unexported fields
}

FakeAuthorizer is an Authorizer that will return an error based on the "ConditionalReturn" function. By default, **no error** is returned. Meaning 'FakeAuthorizer' by default will never return "unauthorized".

func (*FakeAuthorizer) AlwaysReturn 

func (d *FakeAuthorizer) AlwaysReturn(err error) *FakeAuthorizer

AlwaysReturn is the error that will be returned by Authorize.

func (*FakeAuthorizer) Authorize 

func (d *FakeAuthorizer) Authorize(ctx context.Context, subject rbac.Subject, action policy.Action, object rbac.Object) error

func (*FakeAuthorizer) OverrideSQLFilter added in v2.19.0 

func (d *FakeAuthorizer) OverrideSQLFilter(filter string) *FakeAuthorizer

OverrideSQLFilter sets the SQL filter that will always be returned by CompileToSQL.

func (*FakeAuthorizer) Prepare 

func (d *FakeAuthorizer) Prepare(_ context.Context, subject rbac.Subject, action policy.Action, _ string) (rbac.PreparedAuthorized, error)

type Options 

type Options struct {
	// AccessURL denotes a custom access URL. By default we use the httptest
	// server's URL. Setting this may result in unexpected behavior (especially
	// with running agents).
	AccessURL                      *url.URL
	AppHostname                    string
	AWSCertificates                awsidentity.Certificates
	Authorizer                     rbac.Authorizer
	AzureCertificates              x509.VerifyOptions
	GithubOAuth2Config             *coderd.GithubOAuth2Config
	RealIPConfig                   *httpmw.RealIPConfig
	OIDCConfig                     *coderd.OIDCConfig
	GoogleTokenValidator           *idtoken.Validator
	SSHKeygenAlgorithm             gitsshkey.Algorithm
	AutobuildTicker                <-chan time.Time
	AutobuildStats                 chan<- autobuild.Stats
	Auditor                        audit.Auditor
	TLSCertificates                []tls.Certificate
	ExternalAuthConfigs            []*externalauth.Config
	TrialGenerator                 func(ctx context.Context, body codersdk.LicensorTrialRequest) error
	RefreshEntitlements            func(ctx context.Context) error
	TemplateScheduleStore          schedule.TemplateScheduleStore
	Coordinator                    tailnet.Coordinator
	CoordinatorResumeTokenProvider tailnet.ResumeTokenProvider

	HealthcheckFunc    func(ctx context.Context, apiKey string) *healthsdk.HealthcheckReport
	HealthcheckTimeout time.Duration
	HealthcheckRefresh time.Duration

	// All rate limits default to -1 (unlimited) in tests if not set.
	APIRateLimit   int
	LoginRateLimit int
	FilesRateLimit int

	// OneTimePasscodeValidityPeriod specifies how long a one time passcode should be valid for.
	OneTimePasscodeValidityPeriod time.Duration

	// IncludeProvisionerDaemon when true means to start an in-memory provisionerD
	IncludeProvisionerDaemon    bool
	ProvisionerDaemonTags       map[string]string
	MetricsCacheRefreshInterval time.Duration
	AgentStatsRefreshInterval   time.Duration
	DeploymentValues            *codersdk.DeploymentValues

	// Set update check options to enable update check.
	UpdateCheckOptions *updatecheck.Options

	// Overriding the database is heavily discouraged.
	// It should only be used in cases where multiple Coder
	// test instances are running against the same database.
	Database database.Store
	Pubsub   pubsub.Pubsub

	// APIMiddleware inserts middleware before api.RootHandler, this can be
	// useful in certain tests where you want to intercept requests before
	// passing them on to the API, e.g. for synchronization of execution.
	APIMiddleware func(http.Handler) http.Handler

	ConfigSSH codersdk.SSHConfigResponse

	SwaggerEndpoint bool
	// Logger should only be overridden if you expect errors
	// as part of your test.
	Logger       *slog.Logger
	StatsBatcher workspacestats.Batcher

	WebpushDispatcher                  webpush.Dispatcher
	WorkspaceAppsStatsCollectorOptions workspaceapps.StatsCollectorOptions
	AllowWorkspaceRenames              bool
	NewTicker                          func(duration time.Duration) (<-chan time.Time, func())
	DatabaseRolluper                   *dbrollup.Rolluper
	WorkspaceUsageTrackerFlush         chan int
	WorkspaceUsageTrackerTick          chan time.Time
	NotificationsEnqueuer              notifications.Enqueuer
	APIKeyEncryptionCache              cryptokeys.EncryptionKeycache
	OIDCConvertKeyCache                cryptokeys.SigningKeycache
	Clock                              quartz.Clock
	TelemetryReporter                  telemetry.Reporter
}

type PreparedRecorder 

type PreparedRecorder struct {
	// contains filtered or unexported fields
}

PreparedRecorder is the prepared version of the RecordingAuthorizer. It records the Authorize() calls to the original recorder. If the caller uses CompileToSQL, all recording stops. This is to support parity between memory and SQL backed dbs.

func (*PreparedRecorder) Authorize 

func (s *PreparedRecorder) Authorize(ctx context.Context, object rbac.Object) error

func (*PreparedRecorder) CompileToSQL 

func (s *PreparedRecorder) CompileToSQL(ctx context.Context, cfg regosql.ConvertConfig) (string, error)

type ProvisionerdCloser added in v2.14.0 

type ProvisionerdCloser struct {
	// contains filtered or unexported fields
}

ProvisionerdCloser wraps a provisioner daemon as an io.Closer that can be called multiple times

func NewProvisionerDaemonCloser added in v2.14.0 

func NewProvisionerDaemonCloser(d *provisionerd.Server) *ProvisionerdCloser

func (*ProvisionerdCloser) Close added in v2.14.0 

func (c *ProvisionerdCloser) Close() error

type RBACAsserter 

type RBACAsserter struct {
	Subject rbac.Subject

	Recorder *RecordingAuthorizer
}

RBACAsserter is a helper for asserting that the correct RBAC checks are performed. This struct is tied to a given user, and only authorizes calls for this user are checked.

func AssertRBAC 

func AssertRBAC(t *testing.T, api *coderd.API, client *codersdk.Client) RBACAsserter

AssertRBAC returns an RBACAsserter for the given user. This asserter will allow asserting that the correct RBAC checks are performed for the given user. All checks that are not run against this user will be ignored.

func (RBACAsserter) AllCalls 

func (a RBACAsserter) AllCalls() AuthCalls

AllCalls is for debugging. If you are not sure where calls are coming from, call this and use a debugger or print them. They have small callstacks on them to help locate the 'Authorize' call. Only calls to Authorize by the given subject will be returned. Note that duplicate rbac calls are handled by the rbac.Cacher(), but will be recorded twice. So AllCalls() returns calls regardless if they were returned from the cached or not.

func (RBACAsserter) AssertChecked 

func (a RBACAsserter) AssertChecked(t *testing.T, action policy.Action, objects ...interface{})

AssertChecked will assert a given rbac check was performed. It does not care about order of checks, or any other checks. This is useful when you do not care about asserting every check that was performed.

func (RBACAsserter) AssertInOrder 

func (a RBACAsserter) AssertInOrder(t *testing.T, action policy.Action, objects ...interface{})

AssertInOrder must be called in the correct order of authz checks. If the objects or actions are not in the correct order, the test will fail.

func (RBACAsserter) Reset 

func (a RBACAsserter) Reset() RBACAsserter

Reset will clear all previously recorded authz calls. This is helpful when wanting to ignore checks run in test setup.

type RecordingAuthorizer 

type RecordingAuthorizer struct {
	sync.RWMutex
	Called  []AuthCall
	Wrapped rbac.Authorizer
}

RecordingAuthorizer wraps any rbac.Authorizer and records all Authorize() calls made. This is useful for testing as these calls can later be asserted.

func (*RecordingAuthorizer) AllAsserted 

func (r *RecordingAuthorizer) AllAsserted() error

AllAsserted returns an error if all calls to Authorize() have not been asserted and checked. This is useful for testing to ensure that all Authorize() calls are checked in the unit test.

func (*RecordingAuthorizer) AllCalls 

func (r *RecordingAuthorizer) AllCalls(actor *rbac.Subject) []AuthCall

AllCalls is useful for debugging.

func (*RecordingAuthorizer) AssertActor 

func (r *RecordingAuthorizer) AssertActor(t *testing.T, actor rbac.Subject, did ...ActionObjectPair)

AssertActor asserts in order. If the order of authz calls does not match, this will fail.

func (*RecordingAuthorizer) AssertOutOfOrder 

func (r *RecordingAuthorizer) AssertOutOfOrder(t *testing.T, actor rbac.Subject, did ...ActionObjectPair)

AssertOutOfOrder asserts that the given actor performed the given action on the given objects. It does not care about the order of the calls. When marking authz calls as asserted, it will mark the first matching calls first.

func (*RecordingAuthorizer) Authorize 

func (r *RecordingAuthorizer) Authorize(ctx context.Context, subject rbac.Subject, action policy.Action, object rbac.Object) error

func (*RecordingAuthorizer) Pair 

func (*RecordingAuthorizer) Pair(action policy.Action, object rbac.Objecter) ActionObjectPair

Pair is on the RecordingAuthorizer to be easy to find and keep the pkg interface smaller.

func (*RecordingAuthorizer) Prepare 

func (r *RecordingAuthorizer) Prepare(ctx context.Context, subject rbac.Subject, action policy.Action, objectType string) (rbac.PreparedAuthorized, error)

func (*RecordingAuthorizer) Reset 

func (r *RecordingAuthorizer) Reset()

Reset clears the recorded Authorize() calls.

type SwaggerComment 

type SwaggerComment struct {
	// contains filtered or unexported fields
}

func ParseSwaggerComments 

func ParseSwaggerComments(dirs ...string) ([]SwaggerComment, error)

type WaitForAgentFn added in v2.22.0 

type WaitForAgentFn func(agent codersdk.WorkspaceAgent) bool

WaitForAgentFn represents a boolean assertion to be made against each agent that a given WorkspaceAgentWaited knows about. Each WaitForAgentFn should apply the check to a single agent, but it should be named for plural, because `func (w WorkspaceAgentWaiter) WaitFor` applies the check to all agents that it is aware of. This ensures that the public API of the waiter reads correctly. For example:

waiter := coderdtest.NewWorkspaceAgentWaiter(t, client, r.Workspace.ID) waiter.WaitFor(coderdtest.AgentsReady)

type WorkspaceAgentWaiter added in v2.8.0 

type WorkspaceAgentWaiter struct {
	// contains filtered or unexported fields
}

WorkspaceAgentWaiter waits for all resources with agents to be connected. If specific agents are provided using AgentNames(), it will wait for those agents to be connected but will not fail if other agents are not connected.

func NewWorkspaceAgentWaiter added in v2.8.0 

func NewWorkspaceAgentWaiter(t testing.TB, client *codersdk.Client, workspaceID uuid.UUID) WorkspaceAgentWaiter

NewWorkspaceAgentWaiter returns an object that waits for agents to connect when you call Wait() on it.

func (WorkspaceAgentWaiter) AgentNames added in v2.8.0 

func (w WorkspaceAgentWaiter) AgentNames(names []string) WorkspaceAgentWaiter

AgentNames instructs the waiter to wait for the given, named agents to be connected and will return even if other agents are not connected.

func (WorkspaceAgentWaiter) MatchResources added in v2.8.0 

func (w WorkspaceAgentWaiter) MatchResources(m func([]codersdk.WorkspaceResource) bool) WorkspaceAgentWaiter

MatchResources instructs the waiter to wait until the workspace has resources that cause the provided matcher function to return true.

func (WorkspaceAgentWaiter) Wait added in v2.8.0 

func (w WorkspaceAgentWaiter) Wait() []codersdk.WorkspaceResource

Wait waits for the agent(s) to connect and fails the test if they do not within testutil.WaitLong

func (WorkspaceAgentWaiter) WaitFor added in v2.22.0 

func (w WorkspaceAgentWaiter) WaitFor(criteria ...WaitForAgentFn)

Source Files

View all Source files

Directories

Path Synopsis
Package promhelp provides helper functions for asserting Prometheus metric values in unit tests.
 Package promhelp provides helper functions for asserting Prometheus metric values in unit tests.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.