feat: Add dry run for provisioners

[kylecarbs]

A provisioner can now detect resources that would be provisioned without creating them.

This will be used to enable a preview of resources for a project, and could eventually be used to estimate cost/hour per project.

[codecov]

Codecov Report

Merging #178 (0bc1390) into main (427fdc6) will increase coverage by 0.21%.
The diff coverage is 72.38%.

@@            Coverage Diff             @@
##             main     #178      +/-   ##
==========================================
+ Coverage   67.99%   68.21%   +0.21%     
==========================================
  Files         108      108              
  Lines        5631     5795     +164     
  Branches       68       68              
==========================================
+ Hits         3829     3953     +124     
- Misses       1439     1472      +33     
- Partials      363      370       +7     

Flag	Coverage Δ
unittest-go-macos-latest	66.11% <75.00%> (+0.54%)	⬆️
unittest-go-ubuntu-latest	67.55% <71.90%> (+0.34%)	⬆️
unittest-go-windows-latest	65.65% <75.80%> (+0.20%)	⬆️
unittest-js	64.66% <ø> (ø)

Impacted Files	Coverage Δ
coderd/projectparameter/projectparameter.go	68.42% <66.66%> (+0.97%)	⬆️
provisioner/terraform/provision.go	71.62% <67.44%> (-4.08%)	⬇️
provisionerd/provisionerd.go	69.09% <74.73%> (+1.38%)	⬆️
coderd/provisionerdaemons.go	52.18% <100.00%> (+1.19%)	⬆️
peer/conn.go	78.97% <0.00%> (-1.03%)	⬇️
peer/channel.go	87.19% <0.00%> (+2.43%)	⬆️
provisioner/echo/serve.go	50.52% <0.00%> (+3.15%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 427fdc6...0bc1390. Read the comment docs.

[jawnsy]

should this be wrapped?

I think there's a linter that can check for that too.

[jawnsy]

since ID is typed as a uuid.UUID, why is it that we can't do the same for ScopeID, to avoid the need to call .String?

[kylecarbs]

I wish! We're supporting v1 user and organization IDs, so we have to use string, unfortunately.

[jawnsy]

Would it be possible to do a one-time migration? Seems unfortunate that we have to support our past decisions indefinitely 😬

[kylecarbs]

I don't see why not. We could probably just add a UUID column to the users and organizations tables in v1, and use them in v2.

[jawnsy]

is it possible to use ON DELETE RESTRICT here? it's safer than cascade deletes IMO. cascade deletes can make queries take an unexpectedly long time to run, since it recursively deletes things

[kylecarbs]

Ahh interesting. I suppose that's kinda the best of all worlds. I'll update all of these!

[jawnsy]

I think if we add a constraint like this, we should also add an index, otherwise enforcing the constraint will likely require a full table scan

[kylecarbs]

Agreed!

[coadler]

I believe specifying UNIQUE here automatically creates a unique index. It's just a shorthand way to do so.

[coadler]

Sort of a drive-by comment, but I'm a bit confused on why we're using varchars everywhere. In Postgres they're pretty much just inferior to the text type.

[kylecarbs]

It's not for performance. Just to ensure a mistake doesn't end up with an attack where someone is inserting 2GB text columns everywhere.

[coadler]

I think this is better caught in the application layer, similar to how we currently require all fields to be validated in the monorepo. Database errors like this are really annoying to bubble up in a user-presentable way, and they require migrations + a full table lock if we ever want to update them.

https://wiki.postgresql.org/wiki/Don't_Do_This#Don.27t_use_varchar.28n.29_by_default

[kylecarbs]

Why not both?

[coadler]

Seems kinda like a footgun to me if we could have two (possibly different) arbitrary length limits for each field. If we really want to use the db as a last line of defense we can just have a check constraint for all text fields that limits them to a kib or something large.