feat(agent): populate subagent ID for terraform-defined devcontainers#21942
feat(agent): populate subagent ID for terraform-defined devcontainers#21942DanielleMaywood merged 17 commits intomainfrom
Conversation
DanielleMaywood
force-pushed
the
danielle/devcontainer-resources/agent
branch
4 times, most recently
from
db0350c to
c128b81
Compare
Update the manifest API in coderd to populate the subagent_id field for devcontainers, enabling the agent to receive devcontainer resource definitions with pre-assigned IDs and use them when creating sub-agents. This allows Terraform-defined devcontainers to: - Have stable subagent IDs across workspace rebuilds - Prevent accidental deletion/recreation of managed subagents - Prevent UI-initiated rebuilds of terraform-managed containers
DanielleMaywood
force-pushed
the
danielle/devcontainer-resources/agent
branch
from
c128b81 to
bca517e
Compare
DanielleMaywood
requested review from
johnstcn and
mafredri
and removed request for
mafredri
Documentation CheckUpdates Needed
DetailsThis PR introduces an important new capability for the What should be documented:
Suggested location: Add a new section in Example content structure: ## Terraform-Managed Dev Containers
Dev Containers defined using the `coder_devcontainer` resource are managed by Terraform
and have stable subagent IDs that persist across workspace rebuilds...
### Benefits
- Stable subagent IDs prevent disruption during workspace updates
- Resources attached to subagents remain consistent
- Template changes are the single source of truth
### UI Behavior
Terraform-managed dev containers cannot be rebuilt from the Coder UI. Users will see a
disabled rebuild button with a tooltip...Automated review via Coder Tasks |
johnstcn
left a comment
johnstcn
left a comment
There was a problem hiding this comment.
Partial review, will post more comments later.
johnstcn
left a comment
johnstcn
left a comment
There was a problem hiding this comment.
Nice work! I don't need to review again.
| }) | ||
| } | ||
|
|
||
| func TestSubAgent_EqualConfig(t *testing.T) { |
There was a problem hiding this comment.
It feels unfortunate to need to define two separate equality methods for two very similar structs.
agent/agentcontainers/api.go
Outdated
| api.mu.Unlock() | ||
| httpapi.Write(ctx, w, http.StatusConflict, codersdk.Response{ | ||
| Message: "Cannot rebuild Terraform-defined devcontainer", | ||
| Detail: fmt.Sprintf("Devcontainer %q has resources defined in Terraform and cannot be rebuilt from the UI. Update the workspace template to modify this devcontainer.", dc.Name), |
There was a problem hiding this comment.
Why do we want to block recreation of a devcontainer (docker container) here? Perhaps it's justified but it could use an explanation.
Ultimately the agent will just be restarted, unmodified. (Or perhaps display apps updated.)
There was a problem hiding this comment.
Oh that's a good point, silly me 🤦♀️
I'll get a test added to ensure rebuilding works as we expect then (restart unmodified other than picking up the new container).
- Allow re-building terraform managed dev containers - Add a test to confirm we upsert, not delete & create - Update the frontend to reflect this change - Update the frontend to indicate a dev container is terraform managed
Documentation CheckPrevious FeedbackPartially addressed - The implementation has been refined (terraform-managed devcontainers can now be rebuilt via upsert), but documentation is still needed. Updates Needed
DetailsThe latest commits refined the implementation:
Documentation should cover:
Suggested location: Add a new section in Automated review via Coder Tasks |
mafredri
left a comment
mafredri
left a comment
There was a problem hiding this comment.
A few more minor things, and checking whether or not display apps should be updated on re-create. I think they should, since we support updating, but reading the code/tests it doesn't seem like we do?
Documentation CheckUpdates Needed
DetailsThis PR introduces an important new capability for the What should be documented:
Suggested location: Add a new section in Terraform-Managed Dev Containers with Stable IDsExample content structure: ## Terraform-Managed Dev Containers with Stable IDs
Dev Containers defined using the `coder_devcontainer` resource have stable subagent IDs
that persist across workspace rebuilds. This differs from dynamically discovered Dev Containers,
which may receive new IDs when rebuilt.
### Benefits
- **Attach Terraform resources**: Stable IDs allow you to attach `coder_app`, `coder_script`,
and other Terraform resources directly to devcontainer subagents
- **Predictable behavior**: Subagent IDs never change during workspace rebuilds or template updates
- **Config updates without disruption**: Changes to apps and display settings update the existing
agent without deletion
### Usage
The subagent ID is automatically assigned and managed by Terraform when you create a
`coder_devcontainer` resource. You can reference it in other resources...
Note: This addresses the limitation mentioned in lines 150-162 of the current documentation, where it states that Terraform resources cannot be attached to dev container sub-agents because they're "created dynamically after workspace provisioning." With this PR, Terraform-managed devcontainers now have stable IDs that CAN have resources attached. Automated review via Coder Tasks |
|
@DanielleMaywood, any plan to put this in dogfood? It would help to capture any unforeseen issues before the release. |
4 participants
Closes coder/internal#1243
Completes the final piece of the puzzle. Support the pre-creation flow from the agent side.