Release 1.23.0 (#585)

Author: Katie Horne

admin/organizations.md

@@ -0,0 +1,48 @@
+---
+title: Organizations
+description: Learn about Coder organizations.
+---
+
+Organizations are groups that tie together users, workspaces, and images. You
+must assign all of your images and workspaces to a specific organization. An
+end-user can only access images that are assigned to the same organization they
+are.
+
+> Be sure to familiarize yourself with the
+> [types of roles](../access-control/organizations.md) you can assign users
+> within an organization.
+
+## The default organization
+
+Coder automatically creates a default organization for you during the deployment
+process. You can then assign users and their workspaces to that organization.
+
+If you have multiple organizations, you can set one or more as the default; you
+can also change which organizations are defaults at any time.
+
+## Namespaces
+
+> **Deprecation notice**: The `namespaceWhitelist` field has been deprecated in
+> [Coder version 1.17](../../changelog/1.17.0.md).
+
+Coder's Helm chart previously included a `namespaceWhitelist` field that
+accepted a list of cluster namespaces and made them available to Coder. The
+[workspace provider feature](../workspace-providers/index.md) supersedes this
+field.
+
+You will not be able to make any changes _unless_ you are removing namespaces
+that no longer contain workspaces with Coder deployments v1.17.0 or later (if
+you remove namespaces from the `namespaceWhitelist` field, the workspaces in the
+namespaces are no longer accessible).
+
+For older Coder deployments, you can continue using existing workspaces in
+whitelisted namespaces, though you cannot create new workspaces in those
+namespaces.
+
+If you want to separate Coder workspaces by namespaces in a Kubernetes cluster,
+you can do so by
+[deploying a new workspace provider](../workspace-providers/deployment.md) to
+each additional namespace in the cluster. The workspace provider provisions
+workspaces to the namespace it has been deployed to, and you can control access
+to each workspace provider via an organization allowlist to replace the previous
+organization namespace behaviors.

admin/organizations/index.md

@@ -0,0 +1,71 @@
+---
+title: Org management
+description: Learn about managing organizations.
+---
+
+This article shows how you can create, view, edit, or delete an organization.
+
+## Create a new organization
+
+[Site admins and site managers](../access-control/user-roles.md) can create new
+organizations by going to **Manage** > **Organizations** > **New Organization**.
+
+![Create a new organization dialog](../../assets/admin/create-an-org.png)
+
+Provide a **name** and (optionally) a **description** for this organization. If
+you want this to become a **Default organization**, make sure to check the box
+for this.
+
+You can also control how Coder manages resources for workspaces in this
+organization. You can set the:
+
+- **CPU Provisioning Rate**: sets the ratio of virtual CPUs to physical CPUs; if
+  you set a higher ratio, you can schedule a larger number of workspaces per
+  node, though it will also lead to greater CPU contention
+- **Workspace Shutdown Behavior**: The number of hours a workspace may be idle
+  before Coder stops it automatically to help free up resources
+
+Finally, you can set **Resource Quotas**. These are limits on the number of
+**CPUs** and **GPUs**, as well as the amount of **memory** and **disk space**,
+each developer can request concurrently for running workspaces in this
+organization. The limits for what you can set are as follows:
+
+- **CPUs**: 128 CPU cores
+- **Memory**: 256 GBs
+- **Disk**: 8192 GB
+- **GPUs**: 20 GPUs
+
+When you've set your parameters, click **Create** to proceed.
+
+## Viewing an organization
+
+You can view information about an organization at any time by going to
+**Manage** > **Organizations** and selecting the org of interest.
+
+The **Members** tab displays users that belong to the org. The **Workspaces**
+tab displays the workspaces that belong to the org, as well as the resources
+they consume.
+
+![Org resources](../../assets/admin/org-resources.png)
+
+## Editing an organization
+
+You can edit an organization at any time by going to **Manage** >
+**Organizations**.
+
+![Edit an organization dialog](../../assets/admin/edit-an-org.png)
+
+Find the organization you want to edit, and click to open. In the top-right,
+click **Edit** to launch the **Edit Organizations** dialog.
+
+When you're finished making your changes, click **Update** to save.
+
+## Deleting an organization
+
+You can edit an organization at any time by going to **Manage** >
+**Organizations**. Find the organization that you want to delete, and click to
+open. In the top right, click **Delete**. Confirm that you would like to delete
+the org.
+
+> Deleting an organization does not delete users or workspaces. Coder reassigns
+> existing users and workspaces to a default org.

admin/organizations/manage.md

@@ -18,6 +18,7 @@ PATH:
 - Android Studio
 - CLion
 - DataGrip
+- DataSpell
 - GoLand
 - IntelliJ IDEA Community Edition
 - IntelliJ IDEA Ultimate

admin/workspace-management/installing-jetbrains.md

@@ -47,11 +47,15 @@ At this point, you can:
   > Organizations must not contain any workspaces in the workspace provider
   > before you remove them from a workspace provider's allowlist.
 
-- Change the features of the workspace provider. You can enable **end-to-end
-  encryption** for this provider, enable **external SSH connections** to the
-  provider's workspaces via the Coder CLI, or specify a **Kubernetes storage
-  class** to use when Coder provisions workspaces (this is useful for improving
-  disk performance).
+- Change the features of the workspace provider. You can:
+
+  - Enable **end-to-end encryption** for this provider
+  - Enable **external SSH connections** to the provider's workspaces via the
+    Coder CLI
+  - Specify a **Kubernetes storage class** to use when Coder provisions
+    workspaces (this is useful for improving disk performance)
+  - Specify the **Kubernetes service account** that Coder uses to provision
+    workspaces
 
   > If you enable **end-to-end encryption**, end-users using SSH need to rerun
   > `coder config-ssh`.

admin/workspace-providers/management.md

@@ -0,0 +1,24 @@
+---
+title: "1.21.4"
+description: "Released on 09/22/2021"
+---
+
+### Breaking changes ❗
+
+There are no breaking changes in 1.21.4.
+
+### Features ✨
+
+- infra: updated Helm service account and RBAC objects to be kept when
+  uninstalling Helm.
+
+### Bug fixes 🐛
+
+- web: fixed issue where users had to rebuild workspaces twice after
+  regenerating SSH keys.
+- infra: fixed race condition seen during the "starting networking agent" build
+  step leading to a "context deadline exceeded" error message.
+
+### Security updates 🔐
+
+There are no security updates in 1.21.4.

assets/admin/org-resources.png

@@ -0,0 +1,82 @@
+---
+title: "1.23.0"
+description: "Released on 09/22/2021"
+---
+
+### Breaking changes ❗
+
+There are no breaking changes in 1.23.0.
+
+### Features ✨
+
+- Doctor: [Doctor](https://github.com/cdr/coder-doctor) assesses a Kubernetes
+  cluster to determine its readiness for Coder installation; if there are
+  issues, Doctor provides information on why.
+- Terraform: Coder has released the first of a series of
+  [Terraform scripts](https://github.com/cdr/enterprise-terraform) to facilitate
+  one-click Coder deployment.
+- web: added support for
+  [workspace applications](../workspaces/applications.md); users can provide
+  images with custom applications, instead of only using applications that have
+  been built into the container image `PATH`.
+- web: added support for DataSpell.
+- web: improved input validation for dev URLs.
+- web: added ability to get access token returned by OIDC providers on login.
+- web: added usage statistics for individual workspaces to the Organizations
+  section of the UI.
+- web: renamed "decommissioned" state to "deleting" when referring to the
+  process of deleting a workspace and freeing up its resources.
+- web: added integrated live chat user so that hosted beta users can reach the
+  Coder support team.
+- web: added in-product changelog.
+- web: added dark mode for the Coder UI.
+- web: added ability to provide a shell command to be run when starting a
+  terminal in Coder.
+- web: updated default workspace resource allocation from 1 core and 1 GB of
+  memory to 4 cores and 4 GB of memory.
+- web: updated audit log to include information about workspace stop actions.
+- web: added ability to specify the Kubernetes service account name when editing
+  a workspace provider.
+- cli: added `run coder update` command; users can now update the Coder CLI
+  directly.
+- api: added ability to use the Coder API to create workspaces.
+- infra: updated logging so that Coder will send an error to `stdout` if unable
+  to write to the in-product audit log.
+- infra: add support for containerd for cached CVMs.
+- infra: updated Coder to use the latest stable version of JetBrains Projector.
+- infra: updated Next.js `10` to `11`.
+
+### Bug fixes 🐛
+
+- web: fixed inconsistent color scheming in UI.
+- web: fixed issues related to the rendering of UI components.
+- web: fixed issues in the UI with longer strings of text.
+- web: updated build log to show elapsed time for the final step.
+- web: fixed issue with Coder networking agent hanging when certificates are
+  missing.
+- web: fixed issue where STUN URI field in the admin panel could not be left
+  empty.
+- web: fixed issue with session cookies not persisting in Safari.
+- web: fixed issue preventing users from signing out of Coder.
+- web: fixed intermittent workspace build and build log errors when using cached
+  CVMs.
+- infra: fixed issue with SSH connections immediately closing when using cached
+  CVMs.
+- infra: fixed issue with cached CVMs not having internet connectivity when
+  network policies are enabled on GKE.
+- infra: fixed issue with cached CVMs not preserving environment variables
+  passed from the image.
+- infra: consolidated requests sent when to get dev URL status, lessening server
+  load.
+- infra: fixed issue with inability to delete workspace provider if its cluster
+  has been deleted.
+
+### Security updates 🔐
+
+- api: the admin-only authentication API no longer returns the OIDC client
+  secret.
+- infra: added `X-Content-Type-Options` to headers returned by Coder so that
+  browsers avoid automatically detecting MIME types based on content.
+- infra: added CSP `frame-ancestors` directive to prevent click-jacking.
+- infra: reduced session cookie expiration time from seven days to twenty-four
+  hours.

assets/workspaces/applications.png

@@ -34,8 +34,8 @@ the application (you can get a trial license for free
 [here](https://coder.com/trial)). Once logged in, you’ll be able to access the
 [administration management](./admin/index.md) menu to set up things such as
 [access controls](./admin/access-control/index.md) with OpenID Connect (OIDC),
-[create organizations](./admin/organizations.md), and create an OAuth app for
-your users to [connect to your Git provider](./admin/git.md).
+[create organizations](./admin/organizations/index.md), and create an OAuth app
+for your users to [connect to your Git provider](./admin/git.md).
 
 At a minimum, you’ll want to ensure you
 [add a container registry](./admin/registries/index.md) for your development
@@ -52,8 +52,8 @@ Connect (OIDC) with [Azure AD](./guides/admin/oidc-azuread.md) or
 [Okta](./guides/admin/oidc-okta.md). If you are using another Identity Provider
 (IdP), the process should be very similar. With OIDC configured, Coder will
 automatically create a user and add them to the
-[default organization](./admin/organizations.md) when a developer logs in for
-the first time.
+[default organization](./admin/organizations/index.md) when a developer logs in
+for the first time.
 
 ## Automate