Skip to content

Commit 0eea92f

Browse files
f0sself0ssel
committed
chore: add provisioner key crud apis
1 parent 6bf7e5a commit 0eea92f

22 files changed

+431
-0
lines changed

coderd/apidoc/docs.go

Lines changed: 2 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/apidoc/swagger.json

Lines changed: 2 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/dbauthz/dbauthz.go

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1074,6 +1074,13 @@ func (q *querier) DeleteOrganizationMember(ctx context.Context, arg database.Del
10741074
}, q.db.DeleteOrganizationMember)(ctx, arg)
10751075
}
10761076

1077+
func (q *querier) DeleteProvisionerKey(ctx context.Context, id uuid.UUID) error {
1078+
if err := q.authorizeContext(ctx, policy.ActionDelete, rbac.ResourceProvisionerKeys); err != nil {
1079+
return err
1080+
}
1081+
return q.db.DeleteProvisionerKey(ctx, id)
1082+
}
1083+
10771084
func (q *querier) DeleteReplicasUpdatedBefore(ctx context.Context, updatedAt time.Time) error {
10781085
if err := q.authorizeContext(ctx, policy.ActionDelete, rbac.ResourceSystem); err != nil {
10791086
return err
@@ -1666,6 +1673,13 @@ func (q *querier) GetProvisionerJobsCreatedAfter(ctx context.Context, createdAt
16661673
return q.db.GetProvisionerJobsCreatedAfter(ctx, createdAt)
16671674
}
16681675

1676+
func (q *querier) GetProvisionerKeyByName(ctx context.Context, name database.GetProvisionerKeyByNameParams) (database.ProvisionerKey, error) {
1677+
if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceProvisionerKeys); err != nil {
1678+
return database.ProvisionerKey{}, err
1679+
}
1680+
return q.db.GetProvisionerKeyByName(ctx, name)
1681+
}
1682+
16691683
func (q *querier) GetProvisionerLogsAfterID(ctx context.Context, arg database.GetProvisionerLogsAfterIDParams) ([]database.ProvisionerJobLog, error) {
16701684
// Authorized read on job lets the actor also read the logs.
16711685
_, err := q.GetProvisionerJobByID(ctx, arg.JobID)
@@ -2610,6 +2624,13 @@ func (q *querier) InsertProvisionerJobLogs(ctx context.Context, arg database.Ins
26102624
return q.db.InsertProvisionerJobLogs(ctx, arg)
26112625
}
26122626

2627+
func (q *querier) InsertProvisionerKey(ctx context.Context, arg database.InsertProvisionerKeyParams) (database.ProvisionerKey, error) {
2628+
if err := q.authorizeContext(ctx, policy.ActionCreate, rbac.ResourceProvisionerKeys); err != nil {
2629+
return database.ProvisionerKey{}, err
2630+
}
2631+
return q.db.InsertProvisionerKey(ctx, arg)
2632+
}
2633+
26132634
func (q *querier) InsertReplica(ctx context.Context, arg database.InsertReplicaParams) (database.Replica, error) {
26142635
if err := q.authorizeContext(ctx, policy.ActionCreate, rbac.ResourceSystem); err != nil {
26152636
return database.Replica{}, err
@@ -2838,6 +2859,13 @@ func (q *querier) InsertWorkspaceResourceMetadata(ctx context.Context, arg datab
28382859
return q.db.InsertWorkspaceResourceMetadata(ctx, arg)
28392860
}
28402861

2862+
func (q *querier) ListProvisionerKeysByOrganization(ctx context.Context, organizationID uuid.UUID) ([]database.ListProvisionerKeysByOrganizationRow, error) {
2863+
if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceProvisionerKeys); err != nil {
2864+
return nil, err
2865+
}
2866+
return q.db.ListProvisionerKeysByOrganization(ctx, organizationID)
2867+
}
2868+
28412869
func (q *querier) ListWorkspaceAgentPortShares(ctx context.Context, workspaceID uuid.UUID) ([]database.WorkspaceAgentPortShare, error) {
28422870
workspace, err := q.db.GetWorkspaceByID(ctx, workspaceID)
28432871
if err != nil {

coderd/database/dbmem/dbmem.go

Lines changed: 74 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -168,6 +168,7 @@ type data struct {
168168
provisionerDaemons []database.ProvisionerDaemon
169169
provisionerJobLogs []database.ProvisionerJobLog
170170
provisionerJobs []database.ProvisionerJob
171+
provisionerKeys []database.ProvisionerKey
171172
replicas []database.Replica
172173
templateVersions []database.TemplateVersionTable
173174
templateVersionParameters []database.TemplateVersionParameter
@@ -1726,6 +1727,20 @@ func (q *FakeQuerier) DeleteOrganizationMember(_ context.Context, arg database.D
17261727
return nil
17271728
}
17281729

1730+
func (q *FakeQuerier) DeleteProvisionerKey(_ context.Context, id uuid.UUID) error {
1731+
q.mutex.Lock()
1732+
defer q.mutex.Unlock()
1733+
1734+
for i, key := range q.provisionerKeys {
1735+
if key.ID == id {
1736+
q.provisionerKeys = append(q.provisionerKeys[:i], q.provisionerKeys[i+1:]...)
1737+
return nil
1738+
}
1739+
}
1740+
1741+
return sql.ErrNoRows
1742+
}
1743+
17291744
func (q *FakeQuerier) DeleteReplicasUpdatedBefore(_ context.Context, before time.Time) error {
17301745
q.mutex.Lock()
17311746
defer q.mutex.Unlock()
@@ -3165,6 +3180,19 @@ func (q *FakeQuerier) GetProvisionerJobsCreatedAfter(_ context.Context, after ti
31653180
return jobs, nil
31663181
}
31673182

3183+
func (q *FakeQuerier) GetProvisionerKeyByName(ctx context.Context, arg database.GetProvisionerKeyByNameParams) (database.ProvisionerKey, error) {
3184+
q.mutex.RLock()
3185+
defer q.mutex.RUnlock()
3186+
3187+
for _, key := range q.provisionerKeys {
3188+
if key.Name == arg.Name && key.OrganizationID == arg.OrganizationID {
3189+
return key, nil
3190+
}
3191+
}
3192+
3193+
return database.ProvisionerKey{}, sql.ErrNoRows
3194+
}
3195+
31683196
func (q *FakeQuerier) GetProvisionerLogsAfterID(_ context.Context, arg database.GetProvisionerLogsAfterIDParams) ([]database.ProvisionerJobLog, error) {
31693197
if err := validateDatabaseType(arg); err != nil {
31703198
return nil, err
@@ -6463,6 +6491,33 @@ func (q *FakeQuerier) InsertProvisionerJobLogs(_ context.Context, arg database.I
64636491
return logs, nil
64646492
}
64656493

6494+
func (q *FakeQuerier) InsertProvisionerKey(_ context.Context, arg database.InsertProvisionerKeyParams) (database.ProvisionerKey, error) {
6495+
err := validateDatabaseType(arg)
6496+
if err != nil {
6497+
return database.ProvisionerKey{}, err
6498+
}
6499+
6500+
q.mutex.Lock()
6501+
defer q.mutex.Unlock()
6502+
6503+
for _, key := range q.provisionerKeys {
6504+
if key.ID == arg.ID || (key.OrganizationID == arg.OrganizationID && key.Name == arg.Name) {
6505+
return database.ProvisionerKey{}, errUniqueConstraint
6506+
}
6507+
}
6508+
6509+
provisionerKey := database.ProvisionerKey{
6510+
ID: arg.ID,
6511+
CreatedAt: arg.CreatedAt,
6512+
OrganizationID: arg.OrganizationID,
6513+
Name: arg.Name,
6514+
HashedSecret: []byte(arg.Name),
6515+
}
6516+
q.provisionerKeys = append(q.provisionerKeys, provisionerKey)
6517+
6518+
return provisionerKey, nil
6519+
}
6520+
64666521
func (q *FakeQuerier) InsertReplica(_ context.Context, arg database.InsertReplicaParams) (database.Replica, error) {
64676522
if err := validateDatabaseType(arg); err != nil {
64686523
return database.Replica{}, err
@@ -7140,6 +7195,25 @@ func (q *FakeQuerier) InsertWorkspaceResourceMetadata(_ context.Context, arg dat
71407195
return metadata, nil
71417196
}
71427197

7198+
func (q *FakeQuerier) ListProvisionerKeysByOrganization(ctx context.Context, organizationID uuid.UUID) ([]database.ListProvisionerKeysByOrganizationRow, error) {
7199+
q.mutex.RLock()
7200+
defer q.mutex.RUnlock()
7201+
7202+
keys := make([]database.ListProvisionerKeysByOrganizationRow, 0)
7203+
for _, key := range q.provisionerKeys {
7204+
if key.OrganizationID == organizationID {
7205+
keys = append(keys, database.ListProvisionerKeysByOrganizationRow{
7206+
ID: key.ID,
7207+
CreatedAt: key.CreatedAt,
7208+
OrganizationID: key.OrganizationID,
7209+
Name: key.Name,
7210+
})
7211+
}
7212+
}
7213+
7214+
return keys, nil
7215+
}
7216+
71437217
func (q *FakeQuerier) ListWorkspaceAgentPortShares(_ context.Context, workspaceID uuid.UUID) ([]database.WorkspaceAgentPortShare, error) {
71447218
q.mutex.Lock()
71457219
defer q.mutex.Unlock()

coderd/database/dbmetrics/dbmetrics.go

Lines changed: 28 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/dbmock/dbmock.go

Lines changed: 59 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/dump.sql

Lines changed: 17 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/foreign_key_constraint.go

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/migrations/000223_provisioner_keys.down.sql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
DROP TABLE provisioner_keys;

coderd/database/migrations/000223_provisioner_keys.up.sql

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
CREATE TABLE provisioner_keys (
2+
id uuid PRIMARY KEY,
3+
created_at timestamptz NOT NULL,
4+
organization_id uuid NOT NULL REFERENCES organizations (id) ON DELETE CASCADE,
5+
name varchar(64) NOT NULL,
6+
hashed_secret bytea NOT NULL,
7+
UNIQUE (organization_id, name)
8+
);

0 commit comments

Comments
 (0)