Skip to content

Commit 0695441

Browse files
ammarioammario
committed
Simplify orphan logic
1 parent 0ba1819 commit 0695441

File tree

4 files changed

+45
-124
lines changed

4 files changed

+45
-124
lines changed

coderd/workspacebuilds.go

Lines changed: 44 additions & 48 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,6 @@ import (
1919
"github.com/coder/coder/coderd/httpmw"
2020
"github.com/coder/coder/coderd/rbac"
2121
"github.com/coder/coder/codersdk"
22-
"github.com/coder/coder/provisionersdk"
2322
)
2423

2524
func (api *API) workspaceBuild(rw http.ResponseWriter, r *http.Request) {
@@ -319,6 +318,7 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) {
319318
}
320319
createBuild.TemplateVersionID = latestBuild.TemplateVersionID
321320
}
321+
322322
templateVersion, err := api.Database.GetTemplateVersionByID(r.Context(), createBuild.TemplateVersionID)
323323
if errors.Is(err, sql.ErrNoRows) {
324324
httpapi.Write(rw, http.StatusBadRequest, codersdk.Response{
@@ -337,6 +337,47 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) {
337337
})
338338
return
339339
}
340+
341+
template, err := api.Database.GetTemplateByID(r.Context(), templateVersion.TemplateID.UUID)
342+
if err != nil {
343+
httpapi.Write(rw, http.StatusInternalServerError, codersdk.Response{
344+
Message: "Failed to get template",
345+
Detail: err.Error(),
346+
})
347+
return
348+
}
349+
350+
var state []byte
351+
// If custom state, deny request since user could be corrupting or leaking
352+
// cloud state.
353+
if createBuild.ProvisionerState != nil || createBuild.Orphan {
354+
if !api.Authorize(r, rbac.ActionUpdate, template.RBACObject()) {
355+
httpapi.Write(rw, http.StatusForbidden, codersdk.Response{
356+
Message: "Only template managers may provide custom state",
357+
})
358+
return
359+
}
360+
state = createBuild.ProvisionerState
361+
}
362+
363+
if createBuild.Orphan {
364+
if createBuild.Transition != codersdk.WorkspaceTransitionDelete {
365+
httpapi.Write(rw, http.StatusBadRequest, codersdk.Response{
366+
Message: "Orphan is only permitted when deleting a workspace.",
367+
Detail: err.Error(),
368+
})
369+
return
370+
}
371+
372+
if createBuild.ProvisionerState != nil && createBuild.Orphan {
373+
httpapi.Write(rw, http.StatusBadRequest, codersdk.Response{
374+
Message: "ProvisionerState cannot be set alongside Orphan since state intent is unclear.",
375+
})
376+
return
377+
}
378+
state = []byte{}
379+
}
380+
340381
templateVersionJob, err := api.Database.GetProvisionerJobByID(r.Context(), templateVersion.JobID)
341382
if err != nil {
342383
httpapi.Write(rw, http.StatusInternalServerError, codersdk.Response{
@@ -364,15 +405,6 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) {
364405
return
365406
}
366407

367-
template, err := api.Database.GetTemplateByID(r.Context(), templateVersion.TemplateID.UUID)
368-
if err != nil {
369-
httpapi.Write(rw, http.StatusInternalServerError, codersdk.Response{
370-
Message: "Internal error fetching template job.",
371-
Detail: err.Error(),
372-
})
373-
return
374-
}
375-
376408
// Store prior build number to compute new build number
377409
var priorBuildNum int32
378410
priorHistory, err := api.Database.GetLatestWorkspaceBuildByWorkspaceID(r.Context(), workspace.ID)
@@ -394,40 +426,8 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) {
394426
return
395427
}
396428

397-
if createBuild.Orphan {
398-
if createBuild.Transition != codersdk.WorkspaceTransitionDelete {
399-
httpapi.Write(rw, http.StatusBadRequest, codersdk.Response{
400-
Message: "Orphan is only permitted when deleting a workspace.",
401-
Detail: err.Error(),
402-
})
403-
return
404-
}
405-
if createBuild.ProvisionerState != nil && createBuild.Orphan {
406-
httpapi.Write(rw, http.StatusBadRequest, codersdk.Response{
407-
Message: "ProvisionerState cannot be set alongside Orphan since state intent is unclear.",
408-
})
409-
return
410-
}
411-
412-
createBuild.ProvisionerState, err = provisionersdk.OrphanState(priorHistory.ProvisionerState)
413-
if err != nil {
414-
httpapi.Write(rw, http.StatusInternalServerError, codersdk.Response{
415-
Message: "Failed to manipulate state.",
416-
Detail: err.Error(),
417-
})
418-
return
419-
}
420-
}
421-
422-
// If custom state, deny request since user could be orphaning their
423-
// cloud resources.
424-
if createBuild.ProvisionerState != nil {
425-
if !api.Authorize(r, rbac.ActionUpdate, template.RBACObject()) {
426-
httpapi.Write(rw, http.StatusForbidden, codersdk.Response{
427-
Message: "Only template managers may provide custom state",
428-
})
429-
return
430-
}
429+
if state == nil {
430+
state = priorHistory.ProvisionerState
431431
}
432432

433433
var workspaceBuild database.WorkspaceBuild
@@ -494,10 +494,6 @@ func (api *API) postWorkspaceBuilds(rw http.ResponseWriter, r *http.Request) {
494494
if err != nil {
495495
return xerrors.Errorf("insert provisioner job: %w", err)
496496
}
497-
state := createBuild.ProvisionerState
498-
if len(state) == 0 {
499-
state = priorHistory.ProvisionerState
500-
}
501497

502498
workspaceBuild, err = db.InsertWorkspaceBuild(r.Context(), database.InsertWorkspaceBuildParams{
503499
ID: workspaceBuildID,

coderd/workspacebuilds_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -231,7 +231,7 @@ func TestWorkspaceBuilds(t *testing.T) {
231231
})
232232
}
233233

234-
func TestWorkspaceBuilds_State(t *testing.T) {
234+
func TestWorkspaceBuildsProvisionerState(t *testing.T) {
235235
t.Parallel()
236236

237237
t.Run("Permissions", func(t *testing.T) {

provisionersdk/orphan.go

Lines changed: 0 additions & 34 deletions
This file was deleted.

provisionersdk/orphan_test.go

Lines changed: 0 additions & 41 deletions
This file was deleted.

0 commit comments

Comments
 (0)