Fixes#6155
One question we get with almost each new customer is "if I enable sync,
won't that count towards my bill?". This PR aims to answer that question
right when they create the provider.
I will also make sure to update Enterprise accounts in Stripe with
`monthly_active_users_acount` so that they can view this metric on the
Billing page.
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Viewing a Resource created by an API client was crashing the view due to
the function creating the link to the actor not accounting for the API
client case.
Closes#6267
Fixes the flaky time condition unit test by always using midnight as the
end time range so that the `flow.expires_at` is never calculated across
a day boundary into the future.
Supersedes #6244
If a new resource is created that will use format not supported by
previous client versions we temporarily show a warning:
<img width="683" alt="Screenshot 2024-08-07 at 2 28 57 PM"
src="https://github.com/user-attachments/assets/bbfdfc96-0c4b-4226-93c5-bc2b5fdb9d30">
It will also be excluded from `resources` list for older clients (below
1.2).
---------
Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
Why:
* The Swagger UI is currently served from the API application. This
means that the Web application does not have access to the external URL
in the API configuration during/after compilation. Without the API
external URL, we cannot generate a proper link in the portal to the
Swagger UI. This commit refactors how the API external URL is set from
the environment variables and allows the Web app to have access to the
value of the API URL.
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
- Adds `http_test_server_image` to inputs so that it gets set properly
for CI (`debug`) and CD (`perf`)
- Updates `dev` -> `debug` in docker-compose.yml to fix pulls
- Fixes issue with seeds and relevant docs from #6205
`foo@bar` was a valid domain, while it's technically possible that
somebody owns a TLD with MX records Stripe will not accept that, so we
have to adopt this validation and make sure sign ups don't results in
HTTP 500s.
We were generating fake tokens when identity was not found but those had
empty ids so the code crashed. Now we fake the entire token and make
sure it's length is stable.
Without masquerading, packets sent by the gateway through the TUN
interface use the wrong source address (the TUN device's address)
instead of the gateway's actual network interface.
We set this env variable in all our uses of the gateway, thus we might
as well remove it and always perform unconditionally.
---------
Signed-off-by: Thomas Eizinger <thomas@eizinger.io>
Co-authored-by: Reactor Scram <ReactorScram@users.noreply.github.com>
This temporarily reverts commit
d1703d2849.
The long term fix will be to have the API URL be set by environment
variables, but in the interest of time it will be hardcoded for now.
---------
Signed-off-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Why:
* Before the REST API is release to all Firezone users a closed beta
program will be run. Rather than blurring out the API Clients page for
users that are not apart of the closed beta program, a 'beta' page will
be shown that will allow users to request access to the closed beta.
Once the REST API is released to all accounts, all of this can be
removed.
Closes: #5920
### Screenshot
<img width="1445" alt="Screenshot 2024-07-24 at 6 55 36 PM"
src="https://github.com/user-attachments/assets/a09591bc-190c-4bd4-9716-9a74a0f09e0a">
When a user copy-pastes an address into the `address` field that
contains a leading or trailing whitespace, it's not apparent why the
address is invalid. This is common when copy-pasting DNS names from
cloud consoles that have poor UIs, such as Azure.
Fixes#6059
Fixes a UX issue somewhat introduced by
https://github.com/firezone/firezone/pull/5870 where we changed behavior
to make the redirect consistent with other CRUD operations.
The behavior we had prior to
https://github.com/firezone/firezone/pull/5870 was to redirect to
Resource show, but feedback from customer (which makes sense) is that
you almost _always_ create a Policy after creating a Resource, so this
PR streamlines the hot path flow there.
This has occurred to a couple users in Discord as well, so by taking
them directly to policies/new it hopefully make clear the user needs to
create a Policy after creating a Resource.
This papercut occurred while customer was demo'ing Firezone to another
potential customer.
Fixes#5929
cc @jameswinegar
(External contribution)
Hi, first thanks to @bmanifold for his awesome work! I've not yet tested
the API but here is a first PR fixing various small mistakes in the
generated openapi spec:
Schema names cannot contain spaces
Add missing path parameters in the spec
Remove duplicated endpoint for creating an identity (not sure about
that, I'll let you check)
If you want to validate the generated spec you can paste it here:
https://editor.swagger.io/ (or at the bottow of your swagger ui)
Please review commit by commit
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
Co-authored-by: Antoine Labarussias <antoinelabarussias@gmail.com>
Why:
* In order to manage a large number of Firezone Sites, Resources,
Policies, etc... a REST API is needed as clicking through the UI is too
time consuming, as well as prone to error. By providing a REST API
Firezone customers will be able to manage things within their Firezone
accounts with code.
In the Clients, we need to prioritize DNS Resource traffic before CIDR
traffic in order to ensure DNS resources take priority over full-route
ones.
Because of this, any CIDR Resources defined within our reserved DNS
range will never be routable. This PR updates the portal validations to
reflect that.
refs #5840
refs #2667
