feat: Add workspace application support #1773
Conversation
This adds apps as a property to a workspace agent. The resource is added to the Terraform provider here: coder/terraform-provider-coder#17 Apps will be opened in the dashboard or via the CLI with `coder open <name>`. If `command` is specified, a terminal will appear locally and in the web. If `target` is specified, the browser will open to an exposed instance of that target.
Abstracting coderd into an interface added misdirection because the interface was never intended to be fulfilled outside of a single implementation. This lifts the abstraction, and attaches all handlers to a root struct named `*coderd.API`.
| CREATE TABLE workspace_apps ( | ||
| id uuid NOT NULL, | ||
| created_at timestamp with time zone NOT NULL, | ||
| agent_id uuid NOT NULL REFERENCES workspace_agents (id) ON DELETE CASCADE, |
There was a problem hiding this comment.
I am unfamiliar with the schemas around agents, builds, templates, etc. I would expect this to be in lifecycle with the template version I think. Why is it related to the agent?
There was a problem hiding this comment.
Workspace agents are attached to a template version too.
A workspace build can contain different agents than a template version based on variables. This introduces complexity for us, but is something we unfortunately need to account for.
This is such an intermittent race it's difficult to track, but regardless this is an improvement to the code.
This is such an intermittent race it's difficult to track, but regardless this is an improvement to the code.
This is such an intermittent race it's difficult to track, but regardless this is an improvement to the code.
This is such an intermittent race it's difficult to track, but regardless this is an improvement to the code.
| oneof auth { | ||
| string token = 8; | ||
| string instance_id = 9; | ||
| string token = 9; |
There was a problem hiding this comment.
generally a no-no to change field indexes. Any reason it's particularly important here?
There was a problem hiding this comment.
It's nicer structurally from my perspective.
| message App { | ||
| string name = 1; | ||
| string command = 2; | ||
| string url = 3; |
There was a problem hiding this comment.
in the terraform provider docs you say command or url but not both can be set. Should these be in a oneof?
|
At a high level, I also find it a bit strange that we're having coderd negotiate a WebRTC connection to the agent, when the agent is already connected to coderd via the channel that the ICE negotiation is happening over. |
|
Also missing from this (Ok if being tracked in other issues)
|
| // %40 is the encoded character of the @ symbol. VS Code Web does | ||
| // not handle character encoding properly, so it's safe to assume | ||
| // other applications might not as well. | ||
| r.Route("/%40{user}/{workspacename}/apps/{workspaceapp}", apps) |
There was a problem hiding this comment.
Does this mean the FE should use encodeURIComponent ?
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent
so like
async (username: string, workspaceName: string, app: string) => {
encoderURIComponent(`/api/v0/@{username}/{workspaceName}/apps/{app}`)
}
There was a problem hiding this comment.
Nah, we should always use @ if possible. This is an edge-case for where certain client-side applications don't handle the @ properly.
| // metadata in error pages. | ||
| func WithAPIResponse(ctx context.Context, apiResponse APIResponse) context.Context { | ||
| return context.WithValue(ctx, apiResponseContextKey{}, apiResponse) | ||
| } |
There was a problem hiding this comment.
Is this dev url specific or is it related to the error message discussion from yesterday?
There was a problem hiding this comment.
Specific to this. The content can be changed trivially too, I intentionally kept it pretty loose while we hash that out.
| export interface WorkspaceApp { | ||
| readonly id: string | ||
| readonly name: string | ||
| readonly command?: string |
There was a problem hiding this comment.
It will open a command inside of a terminal. I'll be opening a subsequent PR to add this in. An issue to track it is here: #2023
| @@ -51,7 +51,7 @@ This can be represented by the following truth table, where Y represents *positi | |||
|
|
|||
| ## Example Permissions | |||
|
|
|||
| - `+site.*.*.read`: allowed to perform the `read` action against all objects of type `devurl` in a given Coder deployment. | |||
site/src/api/typesGenerated.ts
Outdated
| readonly name: string | ||
| readonly command?: string | ||
| readonly access_url?: string | ||
| readonly icon: string |
There was a problem hiding this comment.
Is icon required? I think we should have some fallback on the frontend and make it optional in terraform if it isn't already.
* feat: Add app support This adds apps as a property to a workspace agent. The resource is added to the Terraform provider here: coder/terraform-provider-coder#17 Apps will be opened in the dashboard or via the CLI with `coder open <name>`. If `command` is specified, a terminal will appear locally and in the web. If `target` is specified, the browser will open to an exposed instance of that target. * Compare fields in apps test * Update Terraform provider to use relative path * Add some basic structure for routing * chore: Remove interface from coderd and lift API surface Abstracting coderd into an interface added misdirection because the interface was never intended to be fulfilled outside of a single implementation. This lifts the abstraction, and attaches all handlers to a root struct named `*coderd.API`. * Add basic proxy logic * Add proxying based on path * Add app proxying for wildcards * Add wsconncache * fix: Race when writing to a closed pipe This is such an intermittent race it's difficult to track, but regardless this is an improvement to the code. * fix: Race when writing to a closed pipe This is such an intermittent race it's difficult to track, but regardless this is an improvement to the code. * fix: Race when writing to a closed pipe This is such an intermittent race it's difficult to track, but regardless this is an improvement to the code. * fix: Race when writing to a closed pipe This is such an intermittent race it's difficult to track, but regardless this is an improvement to the code. * Add workspace route proxying endpoint - Makes the workspace conn cache concurrency-safe - Reduces unnecessary open checks in `peer.Channel` - Fixes the use of a temporary context when dialing a workspace agent * Add embed errors * chore: Refactor site to improve testing It was difficult to develop this package due to the embed build tag being mandatory on the tests. The logic to test doesn't require any embedded files. * Add test for error handler * Remove unused access url * Add RBAC tests * Fix dial agent syntax * Fix linting errors * Fix gen * Fix icon required * Adjust migration number * Fix proxy error status code * Fix empty db lookup
This adds applications as a property to a workspace agent.
The resource is added to the Terraform provider here:
coder/terraform-provider-coder#17
Apps will be opened in the dashboard or via the CLI
with
coder open <name>. Ifcommandis specified, aterminal will appear locally and on the web. If
targetis specified, the browser will open to an exposed instance
of that target.