* [dev] Bump grpc/grpc-js 1.10.8 -> 1.12.6 and authzed/authzed-node 0.15.0 -> 1.2.2
Tool: gitpod/catfood.gitpod.cloud
* [server] Streamline spicedb gRPC client usage and creation options
- instead of doing retries on two levels, rely on the gRPC-level retries
- to mitigate the loss of insights, introduce createDebugLogInterceptor
- client options: use sane defaults derived from the documentation instead of the excessive ones we had in place before
- use "waitForReady" option: it should a) make our calls for responsive on re-connects, while b) - because we keep re-trying on DEADLINE_EXCEEDED - should be as reliable as before
Tool: gitpod/catfood.gitpod.cloud
* [protocol] Centralize grpc.isConnectionAlive
Tool: gitpod/catfood.gitpod.cloud
* [server] SpiceDB client: retry with new client on "Waiting for LB pick" error
Tool: gitpod/catfood.gitpod.cloud
* [docker-up] Minor fixes and add tests
Tool: gitpod/catfood.gitpod.cloud
* [image-builder-bob] Tests&fixes from an experimental PR
Tool: gitpod/catfood.gitpod.cloud
* [supervisor, ws-manager] Write docker credentials into client config file if passed into workspace
Tool: gitpod/catfood.gitpod.cloud
* [server] Introduce project.settings.enableDockerdAuthentication and expose it on the API
Tool: gitpod/catfood.gitpod.cloud
* [dashboard] Add "Docker registry authentication" toggle under projects/env vars
Tool: gitpod/catfood.gitpod.cloud
* [server] Guard project.settings.enableDockerdAuthentication by org write_settings permission
Tool: gitpod/catfood.gitpod.cloud
* review comments with cleanup + small fixes
Tool: gitpod/catfood.gitpod.cloud
* [supervisor] Add Gitpod commit annotation
* server and API changes
* [dashboard] add org setting for commit annotation
* Fix things
* Fix label for annotation switch
* Revert accidental rename
* minor docs fixes
* Add a feature flag for the setting: `commit_annotation_setting_enabled`
* Register hook in the cloned repo instead of under /etc/
* don't override existing hooks
* `gp git-commit-message-helper` to use `git interpret-trailers`
* Test it!
* 🧹 indeed
* Update timestamp of DB migration
* Introduce `max_parallel_running_workspaces` for orgs
* Add migration
* Add UI and org settings server changes
* Rough edges
* Number inputs (:trollface:)
* Move LazyOrganizationService to UBP entitlement service to get rid of circ. dep. errs
* Fix tests
* Update components/gitpod-db/src/typeorm/entity/db-team-settings.ts
Co-authored-by: Gero Posmyk-Leinemann <gero@gitpod.io>
* Rename `isPaidPlan` to `isPaidOrDedicated` and get rid of `update_max_parallel_running_workspaces`
* Update components/server/src/workspace/workspace-service.ts
Co-authored-by: Gero Posmyk-Leinemann <gero@gitpod.io>
* Deduplicate instance counting logic
---------
Co-authored-by: Gero Posmyk-Leinemann <gero@gitpod.io>
* [server config] Introduce isDedicatedInstallation, and use it to replace isSIngleOrgInstallation
incl. further cleanup around getConfiguration and server config
* [server, dashboard] Remove enableDedicatedOnboardingFlow feature flag and replace is with getInstallationConfiguration.IsDedicatedInstallation
* [dashboard, server] Remove "sinlgeOrgMode"
* [server] OrganizationService: block createTeam consistently for org-owned users
* [server, dashboard] Introduce "enable_multi_org" feature flag to allow admin-user to create organizations
* [dashboard] introduce "/?orgSlug=", which allows to pre-select an org in a "create workspace" URL (e.g. "/?orgSlug=org1#github.com/my/repo")
* [db] Auto-delete container "test-mysql" if it's already present
* fix tests
* [dashboard] Check if localStorage is available before using it
* [dashboard] SSOLogin: fix orgSlug source precedence to: path/search/localStorage
* [server] Deny "joinOrganization" for org-owned users
* Gpl/970-multi-org-tests (#20436)
* fix tests for real
* [server] Create OrgService.createOrgOwnedUser, and use that across tests to fix the "can't join org" permission issues
* Update components/server/src/orgs/organization-service.ts
Co-authored-by: Filip Troníček <filip@gitpod.io>
---------
Co-authored-by: Filip Troníček <filip@gitpod.io>
---------
Co-authored-by: Filip Troníček <filip@gitpod.io>
* Add WS image metrics to workspace instances
* Update tests
* fix ws-manager-api field description
* Prefer existing DB values for metrics
* Copy proto comments over to protocol type
* [context parser] Check current ref for Docker image existence
* Better builder bob errors from supervisor
* Gently soft-fail when the Dockerfile isn't found
* Add warning to ws metadata when starting workspace
* Introduce a magic constant instead of empty strings
* Improve supervisor failed reading bob log error
* Fixup cloning our special SHA
* idk what happened
* let workspaces start even on invalid docker refs
* add proto
* codegen
* impl
* WIP UI
* make it work
* Make it work
* Empty state
* Update copies (thx Fernando!)
* Fix tip flexbox
* fix newline for role restriction empty state
* When arbitrary repos are restricted, don't suggest them
* proto update
Co-authored-by: Filip Troníček <filip@gitpod.io>
Co-authored-by: Gero Posmyk-Leinemann <32448529+geropl@users.noreply.github.com>
* dashboard + server
---------
Co-authored-by: Filip Troníček <filip@gitpod.io>
Co-authored-by: Gero Posmyk-Leinemann <32448529+geropl@users.noreply.github.com>
* [PAPI] Retry steams upon not receiving data for 10 seconds
* [PAPI] Retry steams upon not receiving data for 10 seconds (#20176)
* debug message
* Do not listen for ws updates globally and do not timeout for those calls
* Timeout signal as a getter
* use ff for disablement
* accesor fn => getter
* send empty initial data in papi for global ws watch requests
---------
Co-authored-by: Gero Posmyk-Leinemann <gero@gitpod.io>
* Organization timeout defaults proto
* Generated code
* Implement TimeoutSettings on the API layer
* Add timeout setting UI
* Actually change default workspace timeout based on org settings
workspace starter fixes
* Add alert for free plans
* denyUserTimeouts
* [dashboard] Fix check for "timeout config eligibility" by using BillingMode
* [server] Drop FF "disable_set_timeout"
* fix
* Move to team policies
* don't include `timeoutSettings` if not set
* [dashboard] TeamPolicies: Disable "save" if workspace timeouts are disabled
---------
Co-authored-by: Gero Posmyk-Leinemann <gero@gitpod.io>
* [json-rpc] Fix encoding of watchImageBuildLogs data to number[]
Because json-rpc can't handle complex objects like UInt8Array properly.
Conversion is done using "Array.from(UInt8Array)" and "new UInt8Array(data)"
* [dashboard] Fix "workspaceId is required" errors
* Review suggestions
Co-authored-by: Filip Troníček <filip@gitpod.io>
---------
Co-authored-by: Filip Troníček <filip@gitpod.io>
* [supervisor] Make sure we read the last chunk of message when task is closed
* [server, dashboard] Prebuild logs: stream as UInt8Array instead of string, and make sure we send the last chunk before closing the response
* Make log buffer more efficient
Merging done with `TypedArray.prototype.set()` as suggested here:
https://stackoverflow.com/a/73074813/10199319
* [dashboard] PrebuildTaskTab: use hash(err.message) as toastId
* [server] prebuild logs: Only call res.end after a timeout, so clients can continue reading from the stream
* [dashboard] prebuild logs emitter: If we receive code "200", forward prefixChunk, and stop streaming
* fixup! [dashboard] PrebuildTaskTab: use hash(err.message) as toastId
---------
Co-authored-by: Filip Troníček <filip@gitpod.io>
* Start prebuilds on started workspaces
* Fix circl dep
* move out to workspace creation
* Do it in the workspace service
* remove webhook tests
* remove webhook handling code
* Revert "remove webhook handling code"
This reverts commit d7c4550ec6b16091344607bfeee234b1f0e5705b.
* Anotate new setups with an `activity-based` activation strategy
* Update tests
* Alert banner
* add correct changelog path
* fix tests
* Remove code for registering prebuilds
* Still pass prebuild preconditions in order to run
* Re-add link to prebuild history of a repo
* Rename to trigger strategy and change project activity indicator
* redirect in the offline case
* [public-api] generate noise
* [server] Refactor Prebuild resolution to happen in a single place
* [dashboard, api] Show Prebuild details
* fixup! [server] Refactor Prebuild resolution to happen in a single place
* [bridge] Revive Prebuild QUEUED state: it's everything before running
* [server] Fix dead-end for streaming logs when starting too early
* [dashboard] Adds SHA + duration, fix re-rendering when prebuildId changes, and uses the new/old streaming logic
WIP because still has the "duplicate (sometimes triple!) logs" react re-rendering issue
* Prevent unnecessary re-renders of task output
* remove double-comment
* Duration display improvements
* Properly dismiss toasts and render durations
* Remove SHA from prebuild list
* Clean up and implement the `reset` event for workspace logs
* fix comment
* Tiny cleanup
---------
Co-authored-by: Filip Troníček <filip@gitpod.io>
* Use `__Host-` prefix for cookie
* Fix tests
* Remove domain from cookie
* Fix logout
* remove unused fn
* fix user logout properly
* [server] Make domain-only cookie work for GitHub oauth login
... by adding additional step so we can set the cookie for the base domain only
* test: fix by redirecting before callbacl/authorize
* [server] SessionHandler: Allow to login with both primary and secondary cookies
* [server] Clear 2ndary cookie on logout
* Fix filtering cookie values when primary cookie is empty
* Fix logouts
* Fix tests
---------
Co-authored-by: Gero Posmyk-Leinemann <gero@gitpod.io>
* [JetBrains] add more integration tests
* Add deps
* Add in workspace JetBrains integration test
* Support papi
* fixup
* Test succeed
* remove unnecessary code
* Fixup
* Remove warmup TODO item
* Add doc for sh file
* Increase timeout and make it run in parallel
* Use empty
* fixup
* Sleep
* db wait
* speed up
* [yarn] Bump @grpc/grpc-js to 1.10.8 and @authzed/authzed-node to 0.15.0
* [server] SpiceDB: explicit re-try on UNAVAILABLE
We tried to configured this inside the SpiceDBClientProvider already, but somehow it still surfaced.
* [server, bridge] Configure "grpc.dns_min_time_between_resolutions_ms" to be 2s instead of 30s
