Skip to content

Commit ada6342

Browse files
nxf5025nxf5025
committed
feat(provisioner): add support for workspace_owner_rbac_roles
1 parent e37b7fc commit ada6342

File tree

7 files changed

+226
-154
lines changed

7 files changed

+226
-154
lines changed

coderd/provisionerdserver/provisionerdserver.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -594,6 +594,11 @@ func (s *server) acquireProtoJob(ctx context.Context, job database.ProvisionerJo
594594
})
595595
}
596596

597+
ownerRbacRoles := []string{}
598+
for _, role := range owner.RBACRoles {
599+
ownerRbacRoles = append(ownerRbacRoles, role)
600+
}
601+
597602
protoJob.Type = &proto.AcquiredJob_WorkspaceBuild_{
598603
WorkspaceBuild: &proto.AcquiredJob_WorkspaceBuild{
599604
WorkspaceBuildId: workspaceBuild.ID.String(),
@@ -621,6 +626,7 @@ func (s *server) acquireProtoJob(ctx context.Context, job database.ProvisionerJo
621626
WorkspaceOwnerSshPrivateKey: ownerSSHPrivateKey,
622627
WorkspaceBuildId: workspaceBuild.ID.String(),
623628
WorkspaceOwnerLoginType: string(owner.LoginType),
629+
WorkspaceOwnerRbacRoles: ownerRbacRoles,
624630
},
625631
LogLevel: input.LogLevel,
626632
},

coderd/provisionerdserver/provisionerdserver_test.go

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -187,7 +187,9 @@ func TestAcquireJob(t *testing.T) {
187187
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitShort)
188188
defer cancel()
189189

190-
user := dbgen.User(t, db, database.User{})
190+
user := dbgen.User(t, db, database.User{
191+
RBACRoles: []string{"member"},
192+
})
191193
group1 := dbgen.Group(t, db, database.Group{
192194
Name: "group1",
193195
OrganizationID: pd.OrganizationID,
@@ -376,6 +378,7 @@ func TestAcquireJob(t *testing.T) {
376378
WorkspaceOwnerSshPrivateKey: sshKey.PrivateKey,
377379
WorkspaceBuildId: build.ID.String(),
378380
WorkspaceOwnerLoginType: string(user.LoginType),
381+
WorkspaceOwnerRbacRoles: []string{user.RBACRoles[0]},
379382
},
380383
},
381384
})

provisioner/terraform/provision.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -242,6 +242,11 @@ func provisionEnv(
242242
return nil, xerrors.Errorf("marshal owner groups: %w", err)
243243
}
244244

245+
ownerRbacRoles, err := json.Marshal(metadata.GetWorkspaceOwnerRbacRoles())
246+
if err != nil {
247+
return nil, xerrors.Errorf("marshal owner rbac roles: %w", err)
248+
}
249+
245250
env = append(env,
246251
"CODER_AGENT_URL="+metadata.GetCoderUrl(),
247252
"CODER_WORKSPACE_TRANSITION="+strings.ToLower(metadata.GetWorkspaceTransition().String()),
@@ -254,6 +259,7 @@ func provisionEnv(
254259
"CODER_WORKSPACE_OWNER_SSH_PUBLIC_KEY="+metadata.GetWorkspaceOwnerSshPublicKey(),
255260
"CODER_WORKSPACE_OWNER_SSH_PRIVATE_KEY="+metadata.GetWorkspaceOwnerSshPrivateKey(),
256261
"CODER_WORKSPACE_OWNER_LOGIN_TYPE="+metadata.GetWorkspaceOwnerLoginType(),
262+
"CODER_WORKSPACE_OWNER_RBAC_ROLES="+string(ownerRbacRoles),
257263
"CODER_WORKSPACE_ID="+metadata.GetWorkspaceId(),
258264
"CODER_WORKSPACE_OWNER_ID="+metadata.GetWorkspaceOwnerId(),
259265
"CODER_WORKSPACE_OWNER_SESSION_TOKEN="+metadata.GetWorkspaceOwnerSessionToken(),

provisioner/terraform/provision_test.go

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -764,6 +764,46 @@ func TestProvision(t *testing.T) {
764764
}},
765765
},
766766
},
767+
{
768+
Name: "workspace-owner-rbac-roles",
769+
SkipReason: "field will be added in provider version 2.2.0",
770+
Files: map[string]string{
771+
"main.tf": `terraform {
772+
required_providers {
773+
coder = {
774+
source = "coder/coder"
775+
version = "2.2.0"
776+
}
777+
}
778+
}
779+
780+
resource "null_resource" "example" {}
781+
data "coder_workspace_owner" "me" {}
782+
resource "coder_metadata" "example" {
783+
resource_id = null_resource.example.id
784+
item {
785+
key = "rbac_roles"
786+
value = data.coder_workspace_owner.me.rbac_roles[0]
787+
}
788+
}
789+
`,
790+
},
791+
Request: &proto.PlanRequest{
792+
Metadata: &proto.Metadata{
793+
WorkspaceOwnerRbacRoles: []string{"member"},
794+
},
795+
},
796+
Response: &proto.PlanComplete{
797+
Resources: []*proto.Resource{{
798+
Name: "example",
799+
Type: "null_resource",
800+
Metadata: []*proto.Resource_Metadata{{
801+
Key: "rbac_roles",
802+
Value: "member",
803+
}},
804+
}},
805+
},
806+
},
767807
}
768808

769809
for _, testCase := range testCases {

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy