Changelog
Note
This is a mainline Coder release. We advise enterprise customers without a staging environment to install our latest stable release while we refine this version. Learn more about our Release Schedule.
BREAKING CHANGES
- Enforce agent names be case-insensitive-unique per-workspace (#16614, 3fddfef) (@ethanndickson)
- Enforce regex for agent names (#16641, 9469b78) (@deansheather)
Underscores and trailing, leading and double hyphens are now blocked in agent names.
Features
Organizations have reached general availability and Workspace Presets are available in beta. Read more about how to get started with these features in our monthly changelog.
- Orgs IDP sync - add combobox to select claim field value when sync field is set (#16335, 7f44189) (@jaaydenh)
Improves UX of entering IDP sync claims via the dashboard.
- Show warning on unrecognized idp org mapping claims (#16478, bcfeb72) (@aslilac)
- Show warning on unrecognized idp group and role mapping claims (#16485, 323559b) (@aslilac)
- Add combobox for selecting claim field value for group/role idp sync (#16459, 7076c4e) (@jaaydenh)
Automatically detects IDP claims once a provider is configured for entry in the dashboard.
- Improve resources_monitoring for OOM & OOD monitoring (#16241, 7cbd77f) (@defelmnq)
- Integrate agentAPI with resources monitoring logic (#16438, bc609d0) (@defelmnq)
Adds "resource alerts" as a native notification. Set thresholds on memory, disk to alert users when their workspaces are running low on resources.
- Add agentapi endpoint to report connections for audit (#16507, b07b33e) (@mafredri)
- Add workspace agent connect and app open audit types (#16493, b5329ae) (@mafredri)
Administrators and Auditors may now see agent connections and app opens in the audit log.
- Add notifications troubleshooting tab (#16650, e8a7b7e) (@mtojek)
- Add CLI tool to send a test notification (#16611, d2419c8) (@DanielleMaywood)
- Support the OAuth2 device flow with GitHub for signing in (#16585, 8c5e700) (@hugodutka)
- Show dialog with a redirect if permissions are required (#16661, 39f42bc) (@brettkolodny)
- Enable soft delete for organizations (#16584, 546a549) (@jaaydenh)
Previously, administrators could not delete organizations, even if all contained resources were removed or deleted. This resolves that issue and allows administrators to clean up organizations.
- Implement sign up with GitHub for the first user (#16629, 67d89bb) (@hugodutka)
- Enable GitHub OAuth2 login by default on new deployments (#16662, d3a56ae) (@hugodutka)
Users may now sign up with Github on a fresh deployment of Coder.
- Extend
OverrideVSCodeConfigsto support additional VS Code IDEs (#16654, 763921b) (@matifali) - Add provisioner tags field on template creation (#16656, 38ad8d1) (@BrunoQuaresma)
- Include winres metadata in Windows binaries (#16742, 36186bb)
- Implement WorkspaceCreationBan organization role (#16786, 4633658) (@Emyrk)
Allows administrators to assign the native "Workspace creation ban" to users and prevent them from creating workspaces.
- Agent: Add container list handler (#16346, 31b1ff7) (@johnstcn)
This PR adds an API endpoint to coderd
/api/v2/workspaceagents/:id/containersthat allows listing containers visible to the agent. Optional filtering by labels is supported. - Agent: Add
CODER_AGENT_DEVCONTAINERS_ENABLEoption (#16525, 3590102) (@johnstcn) - Agent: Add second SSH listener on port 22 (#16763, 735dc5d)
- CLI: Add display of open ports in
coder show(#16464, 695d552) (@johnstcn) - CLI: Display devcontainers in
coder showcommand (#16515, 4867cbe) (@johnstcn) - CLI: Support deleting tokens by id (#16341, 5ec385b) (@ethanndickson)
- CLI: Add local and UTC time options to
pingcmd (#16648, 4c438bd) (@dannykopping) - CLI: Allow the use of public OIDC clients (#16489, 6a67e2e) (@ThomasK33)
- Server: Add support for presets to the coder API (#16526, 71cbf73) (@SasSwart)
- Server: Add support for provisioner job id and tag filter (#16556, e38bd27) (@mafredri)
- Server: Add filters and fix template for provisioner daemons (#16558, 77306f3) (@mafredri)
- Database: Add support for presets (#16509, 34b46f9) (@SasSwart)
- Provisioner: Add support for presets to coder provisioners (#16574, 46e04c6) (@SasSwart)
- Dashboard: Add Keycloak icon (#16569, b1d53b0) (@matifali)
- Dashboard: Add support for presets to the create workspace page (#16567, a17cf03) (@SasSwart)
Workspace presets allow admins to provide a set of preselected parameters to new users on a workspace.
Bug fixes
- Show user-auth provisioners for all organizations (#16350, 6ea5c6f) (@aslilac)
- Log unsuccessful webhook response body as a string (#16439, c8ef7eb) (@aaronlehmann)
- Display SVG emojis in the picker (#16492, de70ff3) (@BrunoQuaresma)
- Escape special characters in postgres password (#16510, 72f6257) (@mtojek)
- Handle urls with multiple slashes (#16527, b396408) (@mtojek)
- Display error on deleted workspace build (#16536, d7614a4) (@mtojek)
- Display the correct response for
coder list(#16547, 981cf8c) (@evgeniy-scherbina) - Change resource icon colors in the delete modal based on the set theme (#16550, b23e3f9) (@brettkolodny)
- Include origin in support link (#16572, 1c5a042) (@mtojek)
- Stop text from overflowing on delete org button (#16549, 1ce4dfe) (@brettkolodny)
- Explicitly set encoding to UTF8 on embedded postgres (#16604, 5e96fb5) (@hugodutka)
- Open link with search parameters in the web terminal (#16617, 22fa71d) (@mtojek)
- Sort orgs alphabetically in organizations dropdown (#16583, 2c6df5a) (@Kira-Pilot)
- Show an error when a user doesn't have permission to view the health page (#16580, 4732f08) (@brettkolodny)
- Fix loading states and permissions checks in organization settings (#16465, deadac0) (@aslilac)
- Force lowercase DNS hostnames for VPN (#16613, 92870f0) (@ethanndickson)
- Change validation error for workspace name (#16643, f670559) (@mtojek)
- Show an error banner if the user does not have permission to view the audit page (#16637, 54b09d9) (@brettkolodny)
- Block vpn tailnet endpoint when
--browser-onlyis set (#16647, d50e846) (@ethanndickson) - Include a link and more useful error details for 403 response codes (#16644, a376e8d) (@brettkolodny)
- Redirect users lacking create permissions to /workspaces (#16659, ce49ce4) (@brettkolodny)
- Display dashboard notification on schedule update (#16672, ab5c9f7) (@mtojek)
- Hide app icon if not found (#16684, a2d4b99) (@mtojek)
- Display banner when no matching templates found (#16696, b419b36) (@mtojek)
- Require permissions to view pages related to organization roles (#16688, 33c9aa0) (@brettkolodny)
- Update create template button styling (#16701, b5ff9fa) (@jaaydenh)
- Handle undefined job while updating build progress (@mtojek) (#16740, 114cf57)
- Allow orgs with default Github provider (@hugodutka) (#16784, 6da3c9d)
- Add org role read perm to site template admins and auditors (@jaaydenh) (#16787, a5eb06e)
- Agent: Use deterministic host key for SSH server (#16626, 6607464) (@ThomasK33)
- Server: Set default provisionerjobs limit to 50 (#16450, a546a85) (@mafredri)
- Server: Add strict org ID joins for provisioner job metadata (#16588, 5ba7ba6) (@mafredri)
- Server: Add stricter authorization for provisioners endpoint (#16587, 7f061b9) (@mafredri)
- Server: Avoid fetching extra parameters for a preset (#16642, dedc32f) (@SasSwart)
- Database: Remove linux build tags from db package (#16633, 98dfc70) (@evgeniy-scherbina)
- Helm: Ensure coder can be deployed in a non-default namespace (#16579, 420855d) (@ThomasK33)
Documentation
- Add markdown fields in notification webhook payloads (#16542, ade0a53) (@EdwardAngert)
- Add mention of CLI command to create token on behalf of another user (#15138, a69961b) (@bpmct)
- Add doc on how to try a coder-preview build (#16314, a5643b6) (@EdwardAngert)
- Update the quickstart page (#16666, 6acc3a9) (@hugodutka)
- Document default GitHub OAuth2 configuration and device flow (2.20) (#16782, fc0db40)
- Add PlatformX integration guide (#16378, dd6d57e) (@bpmct)
- Documentation: Indicate that custom roles are premium only (#16434, cf96455) (@ericpaulsen)
Chores
- Clean up groups page (#16259, f3916a6) (@aslilac)
- Add 'email' field to notifications (#16336, f651ab9) (@DanielleMaywood)
- Upgrade terraform-provider-coder to v2 (#16586, a845370) (@SasSwart)
- Upgrade terraform to 1.10.5 (#16519, a777c26) (@coadler)
Resolves a known CVE in Terraform.
- Clean up built-in role permissions (#16645, a85a220) (@aslilac)
- Show server install.sh on cli version mismatch (#16668, 6bdddd5) (@ethanndickson)
Compare: v2.19.0...v2.20.0
Container image
docker pull ghcr.io/coder/coder:v2.20.0
Install/upgrade
Refer to our docs to install or upgrade Coder, or use a release asset below.