helm/coder-v2/coder 2.17.0

v2.17.0

on Artifact Hub

Changelog

Features

• Allow Owners to create a token on behalf of another user in the cli (#14813, ba90bb0) (@joobisb)

  Extends coder tokens create with the --user flag to describe the owner of the created token.

• Add CoderVPN protocol definition & implementation (#14855, f7ddbb7) (@spikecurtis)

  This is a component of the ongoing implementation of CoderVPN, aka Coder Desktop. To learn about the project use cases, provide feedback, and track progress, see our public proposal in Github.

• Add cache abstraction for fetching signing keys (#14777, 21b92ef) (@sreya)
• Show user-auth grouped provisioners in the dashboard (#14883, 533d655) (@f0ssel)

  

• Expose Markdown fields in webhook payload for notification parsing (#14931, 0aa84b1) (@mtojek)
• Remove dark blue theme (#14890, d0a8424) (@zxt-tzx)

  Any users on this removed theme will automatically move to the latest default. We have no intentions to change the default theme or add new native themes in the near future.

• Add jwtutils JWT package for standardization (#14928, 68ec532) (@sreya)
• Include Coder service prefix on agents to enable desktop-native VPN connections (#14944, 8785a51) (@spikecurtis)
• Allow for different docker socket path in docker-based templates to resolve #15035 (#15049, 79d24d2) (@phorcys420)
• Add wsproxy implementation for key fetching (#14917, 384873a) (@sreya)
• Notify users on template deprecation (#15195, 095c979) (@DanielleMaywood)
• Enable automatic key rotation (#15066, cd890aa) (@sreya)

  Implements a new key rotation system to improve our security posture on a few authentication payloads that previously leveraged pre-shared keys. Some users may encounter one-off errors when in the middle of an authentication flow only during the upgrade process. For more info, read our 2.17 release blog.

• Use hashicorp/cloud-init provider in AWS devcontainer template (#15050, 91c337a) (@phorcys420)
• Use hashicorp/cloud-init provider for AWS-linux example (#15240, c8f68cb) (@phorcys420)
• Expose premium trial form via CLI (#15054, 7982ad7) (@joobisb)
• Add Prometheus metric for tracking user statuses (#15281, 3de98c2) (@coadler)

  Allows admins to track total users on the deployment by status using the coderd_api_total_user_count metric.

• Add audit logs for dormancy events (#15298, 088f219) (@coadler)
• CLI: Extend duration to longer units (#15040, ccbb687) (@defelmnq)
• CLI: Allow passing template version while creating workspaces in the CLI (#14880, 1914490) (@joobisb)
• CLI: Allow promoting an existing template version to active from CLI (#15051, 5ebc748) (@joobisb)
• Server: Return agent script timings (#14923, 9c8ecb8) (@BrunoQuaresma)
• Server: Add company logo when available for email notifications (#14935, 297089e) (@defelmnq)

  Allows SMTP notifications to be customized with your company logo and name from the deployment appearance settings.

• Server: Improve notification format consistency (#14967, 9d02269) (@SasSwart)
• Enterprise: Support bearer tokens in SCIM authentication (#15233, 487b37b) (@coadler)
• Helm: Add setting to disable service account creation (#14817, cd92220) (@MaxTNielsen)
• Helm: Add topologySpreadConstraints value (#15168, b62f3e6) (@ericpaulsen)
• Helm: Add support for provisioner keys, add note re psk (#15122, 413928b) (@johnstcn)
• Implement api for "forgot password?" flow (#14915, 4369f2b) (@DanielleMaywood)
• Log when attempted password resets fail (#15267, 78ff375) (@DanielleMaywood)
• Dashboard: Add forgot password link (#15108, aaa1223) (@BrunoQuaresma)

  Adds a new "Forgot Password" email flow for users with simple authentication to autonomously reset their passwords. Note that this feature requires SMTP notifcations to be configured on your deployment.
  
  

• Dashboard: Add workspace timings (#15068, d89eceb) (@BrunoQuaresma)

  Adds a breakdown of startup timing (provisioning and agent startup) in the workpsace UI. Additionally available per workspace via the API endpoint.
  

• Dashboard: Refactor DAU chart to avoid seat consumption focus (#15307, 4849b4d) (@BrunoQuaresma)

  Some customers noted that the "Active Users" graph in the main deployment settings seems to measure license usage. This graph is exclusively for understanding daily user activity in the deployment and is entirely unrelated to seat consumption. Seat usage can be evaluated in the license settings of your deployment. We've removed any mention of licenses in this graph for clarity.
  

Bug fixes

• Always show upload and scratch in create template gallery (#14327, e70ad2b) (@aslilac)

  Fixes a leftover issue from the Organizations UI migration.

• Sort provisioner key tags in cli output (#14875, d6766f7) (@spikecurtis)
• Display workspace avatars correctly when URLs fail to load (#14814, 680e28b) (@Parkreiner)
• Fix bug with trailing version info not being properly stripped (#14963, 20bfd1f) (@bcpeinhardt)

  Fixes some broken documentation links in the dashboard due to version picker incompatibility.

• Replace double-negative in message when trying to update a workspace that is already up-to-date (#14975, 0ef5340) (@defelmnq)
• Fix error handling to prevent spam in process priority management (#15071, 7da231b) (@sreya)
• Correct default wsproxy table columns to resolve broken CLI command coder wsproxy edit (#15124, c81fd1d) (@ethanndickson)
• Correct connection_median_latency_ms in query to prevent incorrectly reported latency under template insights (#15086, 5f640eb) (@f0ssel)
• Order provisioner keys by creation date when returned from the API (#15125, b54950c) (@f0ssel)
• Include custom agent headers in tailnet to support DERP connections (#15145, c5a4095) (@ethanndickson)
• Urlencode email in reset password link (#15167, 23f61c6) (@DanielleMaywood)
• Show audit logs for forgot password flow (#15181, 5076161) (@DanielleMaywood)
• Wait for server tailnet background routines to exit on Close (#15183, 32d5875) (@spikecurtis)
• Fix build in security workflow (#15209, bcd68ee) (@sreya)
• Close server PTY connections on client disconnect (#15201, 81e99be) (@f0ssel)
• Stop logging errors on cancel in notifier (#15186, d9f1aaf) (@spikecurtis)
• Stop incrementing activity on empty agent stats (#15204, 0dd942e) (@f0ssel)
• Stop activity bump if no tracked sessions (#15237, d83f4eb) (@f0ssel)

  Blocked behind the workspace-usage experiment, which will be shipped in a future release. #15204 and #14237 fix a bug that caused user activity to be reported by the agent when no active session is present, extending the workspace autostop.

• Ensure user admins can always see users table (#15226, 1d925ab) (@Parkreiner)

  Resolves an issue on main that prevented user admins from seeing the users table in the dashboard and some user-related API routes.

• Workspaces query to correctly user username from users table (#15305, 9d03e04) (@Emyrk)

  Resolves a bug preventing users from querying workspaces by owner name.

• CLI: Fix potential panic in traceError if unwrapped err is nil (#15166, 212aeff) (@johnstcn)
• Server: Exclude unset fields from notifications (#15110, dfb6bfa) (@SasSwart)

  Fixes an issue where some fields would appear as asterisks when missing from a notification.

• Documentation: Fix a typo in the devcontainer documentation (#15102, 75b5d71) (@SasSwart)
• Helm: Set serviceAccount.disableCreate=false by default, add tests (#15197, fed70bd) (@johnstcn)
• Helm: Fail if psk and key are both set (#15157, c42f487) (@johnstcn)
• Dashboard: Fix build logs scrolling not on safari (#14884, 52f03db) (@BrunoQuaresma)
• Dashboard: Fix validation server error on change password form (#15170, 76bfa9b) (@BrunoQuaresma)
• Dashboard: Sanitize login redirect (#15208, 69c1d98) (@coadler)

  Resolves an issue which allows attackers to craft a Coder URL that when clicked by a logged in user, could redirect them to a website the attacker controls, e.g. google.com. For details on resolution see this advisory on Github.

• Dashboard: Update workspace timings to use theme colors (#15269, 3c7808c) (@BrunoQuaresma)
• Dashboard: Add static filebrowser icon to remove external dependency (#15367, dc29b81) (@johnstcn)

Documentation

• Overhaul content hierarchy of the documentation (#14421, 419eba5) (@matifali)

  As you may have already seen, we've fully overhauled our documentation. We believe this massively improves the navigability of our content and opens a clear path for future contribution from our community and team. Please share your feedback in GitHub discussions with the docs label.

• Add statement about minimum network quality (#14745, 3d87f78) (@spikecurtis)

  We've had some reports about difficulty connecting to workspaces under very challenging networking conditions. This adds minimum networking requirements for a healthy deployment to our documentation.

• Explain --rich-parameter-file format (#14941, 26df33a) (@joobisb)
• Reorganize and edit docs README (aka the About page) (#14706, 88c6a75) (@EdwardAngert)
• Add primary to wsproxy ls output in Networking docs (#15185, d7baa49) (@EdwardAngert)
• Re-add custom roles documentation (#15280, 2573838) (@stirby)

  During the documentation restructure, these were lost. You can now see how to add and manage custom roles, as well as some example roles to get started.

• Add new best practices guide to speed up templates and workspaces (#15296, 18ef954) (@EdwardAngert)
• Add notes regarding provisioner tags and untagged jobs (#15081, 29763b1) (@johnstcn)
• Update external provisioners helm docs (#15155, 84f0cf2) (@johnstcn)
• Remove workspace proxy map (#15070, 20a9e9b) (@EdwardAngert)
• Add Quickstart guide to tutorials (#14744, ed5da65) (@EdwardAngert)
• Add documentation on new workspace build timings to workspace lifecycle and template troubleshooting (#15310, 399c830) (@stirby)

Chores

• Remove notifications experiment (#14869, 11f7b1b) (@dannykopping)

  Notifications has been out of experimental (in Beta) since 2.16.0. This is simply a cleanup that does not impact functionality.

• Join owner, template, and org in new workspace view (#15116, 343f8ec) (@Emyrk)

  Improves RBAC codebase management on these resources in the organization scope.

• Fix concurrent CommitQuota transactions for unrelated users/orgs (#15261, 854044e) (@Emyrk)
• Update Go to 1.22.8 (#15255, 516ba9e) (@coadler)
• Update Terraform to 1.9.8 (#15256, 074faec) (@coadler)
• Examples: Add missing devcontainer templates to examples.go (#15080, 06a4018) (@johnstcn)
• README: add openssf best practices badge (#14938, 61a4102) (@matifali)

Reverts

• "chore: bump @types/lodash from 4.14.196 to 4.17.9 in /offlinedocs" (#14922, 302b7fa) (@bcpeinhardt)

Compare: v2.16.1...v2.17.0

Container image

• docker pull ghcr.io/coder/coder:v2.17.0

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.