feat: add Amazon DCV Windows module

- Introduce Amazon DCV for remote desktop on Windows workspaces.
- Script to install and configure DCV components.
- Terraform setup for configuring resources like coder_app.
- Ensure secure management with sensitive variable handling.

chore: add health check badge (#341)

chore: integrate Instatus in check script (#342)

.github/scripts/check.sh

@@ -1,24 +1,85 @@
 #!/usr/bin/env bash
 set -o pipefail
-REGISTRY_BASE_URL="${REGISTRY_BASE_URL:-https://registry.coder.com}"
 set -u
 
-if [[ -n "${VERBOSE:-}" ]]; then
-    set -x
-fi
+# List of required environment variables
+required_vars=(
+    "INSTATUS_API_KEY"
+    "INSTATUS_PAGE_ID"
+    "INSTATUS_COMPONENT_ID"
+)
+
+# Check if each required variable is set
+for var in "${required_vars[@]}"; do
+    if [[ -z "${!var:-}" ]]; then
+        echo "Error: Environment variable '$var' is not set."
+        exit 1
+    fi
+done
+
+REGISTRY_BASE_URL="${REGISTRY_BASE_URL:-https://registry.coder.com}"
 
 status=0
 declare -a modules=()
 declare -a failures=()
+
+# Collect all module directories containing a main.tf file
 for path in $(find . -not -path '*/.*' -type f -name main.tf -maxdepth 2 | cut -d '/' -f 2 | sort -u); do
     modules+=("${path}")
 done
+
 echo "Checking modules: ${modules[*]}"
+
+# Function to update the component status on Instatus
+update_component_status() {
+    local component_status=$1
+    # see https://instatus.com/help/api/components
+    (curl -X PUT "https://api.instatus.com/v1/$INSTATUS_PAGE_ID/components/$INSTATUS_COMPONENT_ID" \
+        -H "Authorization: Bearer $INSTATUS_API_KEY" \
+        -H "Content-Type: application/json" \
+        -d "{\"status\": \"$component_status\"}")
+}
+
+# Function to create an incident
+create_incident() {
+    local incident_name="Testing Instatus"
+    local message="The following modules are experiencing issues:\n"
+    for i in "${!failures[@]}"; do
+        message+="$(($i + 1)). ${failures[$i]}\n"
+    done
+
+    component_status="PARTIALOUTAGE"
+    if (( ${#failures[@]} == ${#modules[@]} )); then
+        component_status="MAJOROUTAGE"
+    fi
+    # see https://instatus.com/help/api/incidents
+    response=$(curl -s -X POST "https://api.instatus.com/v1/$INSTATUS_PAGE_ID/incidents" \
+        -H "Authorization: Bearer $INSTATUS_API_KEY" \
+        -H "Content-Type: application/json" \
+        -d "{
+            \"name\": \"$incident_name\",
+            \"message\": \"$message\",
+            \"components\": [\"$INSTATUS_COMPONENT_ID\"],
+            \"status\": \"INVESTIGATING\",
+            \"notify\": true,
+            \"statuses\": [
+                {
+                    \"id\": \"$INSTATUS_COMPONENT_ID\",
+                    \"status\": \"PARTIALOUTAGE\"
+                }
+            ]
+        }")
+
+    incident_id=$(echo "$response" | jq -r '.id')
+    echo "$incident_id"
+}
+
+# Check each module's accessibility
 for module in "${modules[@]}"; do
     # Trim leading/trailing whitespace from module name
     module=$(echo "${module}" | xargs)
     url="${REGISTRY_BASE_URL}/modules/${module}"
-    printf "=== Check module %s at %s\n" "${module}" "${url}"
+    printf "=== Checking module %s at %s\n" "${module}" "${url}"
     status_code=$(curl --output /dev/null --head --silent --fail --location "${url}" --retry 3 --write-out "%{http_code}")
     # shellcheck disable=SC2181
     if (( status_code != 200 )); then
@@ -30,7 +91,23 @@ for module in "${modules[@]}"; do
     fi
 done
 
-if (( status != 0 )); then
-    echo "The following modules appear to have issues: ${failures[*]}"
+# Determine overall status and update Instatus component
+if (( status == 0 )); then
+    echo "All modules are operational."
+    # set to 
+    update_component_status "OPERATIONAL"
+else
+    echo "The following modules have issues: ${failures[*]}"
+    # check if all modules are down 
+    if (( ${#failures[@]} == ${#modules[@]} )); then
+        update_component_status "MAJOROUTAGE"
+    else
+        update_component_status "PARTIALOUTAGE"
+    fi
+
+    # Create a new incident
+    incident_id=$(create_incident)
+    echo "Created incident with ID: $incident_id"
 fi
+
 exit "${status}"

.github/workflows/check.yaml

@@ -1,5 +1,5 @@
-name: Check modules on registry.coder.com
-
+name: Health
+# Check modules health on registry.coder.com
 on:
   schedule:
     - cron: "*/13 * * * *" # Runs every 13th minute
@@ -11,8 +11,12 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Run check.sh
         run: |
           ./.github/scripts/check.sh
+        env:
+          INSTATUS_API_KEY: ${{ secrets.INSTATUS_API_KEY }}
+          INSTATUS_PAGE_ID: ${{ secrets.INSTATUS_PAGE_ID }}
+          INSTATUS_COMPONENT_ID: ${{ secrets.INSTATUS_COMPONENT_ID }}

.icons/dcv.svg

@@ -0,0 +1 @@
+<svg width="82" height="80" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" xml:space="preserve" overflow="hidden"><g transform="translate(-550 -124)"><g><g><g><g><path d="M551 124 631 124 631 204 551 204Z" fill="#ED7100" fill-rule="evenodd" fill-opacity="1"/><path d="M612.069 162.386C607.327 165.345 600.717 168.353 593.46 170.855 588.339 172.62 583.33 173.978 578.865 174.838 582.727 184.68 589.944 191.037 596.977 189.853 603.514 188.75 608.387 181.093 609.1 170.801L611.096 170.939C610.304 182.347 604.893 190.545 597.309 191.825 596.648 191.937 595.984 191.991 595.323 191.991 587.945 191.991 580.718 185.209 576.871 175.194 575.733 175.38 574.625 175.542 573.584 175.653 572.173 175.803 570.901 175.879 569.769 175.879 565.95 175.879 563.726 175.025 563.141 173.328 562.414 171.218 564.496 168.566 569.328 165.445L570.414 167.125C565.704 170.167 564.814 172.046 565.032 172.677 565.263 173.348 567.279 174.313 573.372 173.665 574.267 173.57 575.216 173.433 576.187 173.28 575.537 171.297 575.014 169.205 574.647 167.028 573.406 159.673 574.056 152.438 576.48 146.654 578.969 140.715 583.031 136.99 587.917 136.166 593.803 135.171 600.075 138.691 604.679 145.579L603.017 146.69C598.862 140.476 593.349 137.28 588.249 138.138 584.063 138.844 580.539 142.143 578.325 147.427 576.046 152.866 575.44 159.709 576.62 166.695 576.988 168.876 577.515 170.966 578.173 172.937 582.618 172.1 587.651 170.742 592.807 168.965 599.927 166.51 606.392 163.572 611.01 160.689 616.207 157.447 617.201 155.444 616.969 154.772 616.769 154.189 615.095 153.299 610.097 153.653L609.957 151.657C615.171 151.289 618.171 152.116 618.86 154.12 619.619 156.32 617.334 159.101 612.069 162.386" fill="#FFFFFF" fill-rule="evenodd" fill-opacity="1"/></g></g></g></g></g></svg>

README.md

@@ -7,6 +7,7 @@
 
 [![discord](https://img.shields.io/discord/747933592273027093?label=discord)](https://discord.gg/coder)
 [![license](https://img.shields.io/github/license/coder/modules)](./LICENSE)
+[![Health](https://github.com/coder/modules/actions/workflows/check.yaml/badge.svg)](https://github.com/coder/modules/actions/workflows/check.yaml)
 
 </div>
 

amazon-dcv-windows/README.md

@@ -0,0 +1,48 @@
+---
+display_name: Amazon DCV Windows
+description: Amazon DCV Server and Web Client for Windows
+icon: ../.icons/dcv.svg
+maintainer_github: coder
+partner_github: aws
+verified: true
+tags: [windows, dcv, web, desktop]
+---
+
+# Amazon DCV Windows
+
+Amazon DCV is high performance remote display protocol that provides a secure way to deliver remote desktop and application streaming from any cloud or data center to any device, over varying network conditions.
+
+Enable DCV Server and Web Client on Windows workspaces.
+
+```tf
+module "dcv" {
+  count          = data.coder_workspace.me.start_count
+  source         = "registry.coder.com/modules/amazon-dcv-windows/coder"
+  version        = "1.0.24"
+  agent_id       = resource.coder_agent.main.id
+}
+
+
+resource "coder_metadata" "dcv" {
+  count       = data.coder_workspace.me.start_count
+  resource_id = aws_instance.dev.id # id of the instance resource
+
+  item {
+    key   = "DCV client instructions"
+    value = "Run `coder port-forward ${data.coder_workspace.me.name} -p ${module.dcv[count.index].port}` and connect to **localhost:${module.dcv[count.index].port}${module.dcv[count.index].web_url_path}**"
+  }
+  item {
+    key   = "username"
+    value = module.dcv[count.index].username
+  }
+  item {
+    key       = "password"
+    value     = module.dcv[count.index].password
+    sensitive = true
+  }
+}
+```
+
+## License
+
+Amazon DCV is free to use on AWS EC2 instances but requires a license for other cloud providers. Please see the instructions [here](https://docs.aws.amazon.com/dcv/latest/adminguide/setting-up-license.html#setting-up-license-ec2) for more information.

amazon-dcv-windows/install-dcv.ps1

@@ -0,0 +1,173 @@
+# Terraform variables
+$adminPassword = "${admin_password}"
+$port = "${port}"
+$webURLPath = "${web_url_path}"
+
+function Set-LocalAdminUser {
+    Write-Output "[INFO] Starting Set-LocalAdminUser function"
+    $securePassword = ConvertTo-SecureString $adminPassword -AsPlainText -Force
+    Write-Output "[DEBUG] Secure password created"
+    Get-LocalUser -Name Administrator | Set-LocalUser -Password $securePassword
+    Write-Output "[INFO] Administrator password set"
+    Get-LocalUser -Name Administrator | Enable-LocalUser
+    Write-Output "[INFO] User Administrator enabled successfully"
+    Read-Host "[DEBUG] Press Enter to proceed to the next step"
+}
+
+function Get-VirtualDisplayDriverRequired {
+    Write-Output "[INFO] Starting Get-VirtualDisplayDriverRequired function"
+    $token = Invoke-RestMethod -Headers @{'X-aws-ec2-metadata-token-ttl-seconds' = '21600'} -Method PUT -Uri http://169.254.169.254/latest/api/token
+    Write-Output "[DEBUG] Token acquired: $token"
+    $instanceType = Invoke-RestMethod -Headers @{'X-aws-ec2-metadata-token' = $token} -Method GET -Uri http://169.254.169.254/latest/meta-data/instance-type
+    Write-Output "[DEBUG] Instance type: $instanceType"
+    $OSVersion = ((Get-ItemProperty -Path "Microsoft.PowerShell.Core\Registry::\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion" -Name ProductName).ProductName) -replace "[^0-9]", ''
+    Write-Output "[DEBUG] OS version: $OSVersion"
+
+    # Force boolean result
+    $result = (($OSVersion -ne "2019") -and ($OSVersion -ne "2022")) -and (($instanceType[0] -ne 'g') -and ($instanceType[0] -ne 'p'))
+    Write-Output "[INFO] VirtualDisplayDriverRequired result: $result"
+    Read-Host "[DEBUG] Press Enter to proceed to the next step"
+    return [bool]$result
+}
+
+function Download-DCV {
+    param (
+        [bool]$VirtualDisplayDriverRequired
+    )
+    Write-Output "[INFO] Starting Download-DCV function"
+
+    $downloads = @(
+        @{
+            Name = "DCV Display Driver"
+            Required = $VirtualDisplayDriverRequired
+            Path = "C:\Windows\Temp\DCVDisplayDriver.msi"
+            Uri = "https://d1uj6qtbmh3dt5.cloudfront.net/nice-dcv-virtual-display-x64-Release.msi"
+        },
+        @{
+            Name = "DCV Server"
+            Required = $true
+            Path = "C:\Windows\Temp\DCVServer.msi"
+            Uri = "https://d1uj6qtbmh3dt5.cloudfront.net/nice-dcv-server-x64-Release.msi"
+        }
+    )
+
+    foreach ($download in $downloads) {
+        if ($download.Required -and -not (Test-Path $download.Path)) {
+            try {
+                Write-Output "[INFO] Downloading $($download.Name)"
+
+                # Display progress manually (no events)
+                $progressActivity = "Downloading $($download.Name)"
+                $progressStatus = "Starting download..."
+                Write-Progress -Activity $progressActivity -Status $progressStatus -PercentComplete 0
+
+                # Synchronously download the file
+                $webClient = New-Object System.Net.WebClient
+                $webClient.DownloadFile($download.Uri, $download.Path)
+
+                # Update progress
+                Write-Progress -Activity $progressActivity -Status "Completed" -PercentComplete 100
+
+                Write-Output "[INFO] $($download.Name) downloaded successfully."
+            } catch {
+                Write-Output "[ERROR] Failed to download $($download.Name): $_"
+                throw
+            }
+        } else {
+            Write-Output "[INFO] $($download.Name) already exists. Skipping download."
+        }
+    }
+
+    Write-Output "[INFO] All downloads completed"
+    Read-Host "[DEBUG] Press Enter to proceed to the next step"
+}
+
+function Install-DCV {
+    param (
+        [bool]$VirtualDisplayDriverRequired
+    )
+    Write-Output "[INFO] Starting Install-DCV function"
+
+    if (-not (Get-Service -Name "dcvserver" -ErrorAction SilentlyContinue)) {
+        if ($VirtualDisplayDriverRequired) {
+            Write-Output "[INFO] Installing DCV Display Driver"
+            Start-Process "C:\Windows\System32\msiexec.exe" -ArgumentList "/I C:\Windows\Temp\DCVDisplayDriver.msi /quiet /norestart" -Wait
+        } else {
+            Write-Output "[INFO] DCV Display Driver installation skipped (not required)."
+        }
+        Write-Output "[INFO] Installing DCV Server"
+        Start-Process "C:\Windows\System32\msiexec.exe" -ArgumentList "/I C:\Windows\Temp\DCVServer.msi ADDLOCAL=ALL /quiet /norestart /l*v C:\Windows\Temp\dcv_install_msi.log" -Wait
+    } else {
+        Write-Output "[INFO] DCV Server already installed, skipping installation."
+    }
+
+    # Wait for the service to appear with a timeout
+    $timeout = 10  # seconds
+    $elapsed = 0
+    while (-not (Get-Service -Name "dcvserver" -ErrorAction SilentlyContinue) -and ($elapsed -lt $timeout)) {
+        Start-Sleep -Seconds 1
+        $elapsed++
+    }
+
+    if ($elapsed -ge $timeout) {
+        Write-Output "[WARNING] Timeout waiting for dcvserver service. A restart is required to complete installation."
+        Restart-SystemForDCV
+    } else {
+        Write-Output "[INFO] dcvserver service detected successfully."
+    }
+}
+
+function Restart-SystemForDCV {
+    Write-Output "[INFO] The system will restart in 10 seconds to finalize DCV installation."
+    Start-Sleep -Seconds 10
+
+    # Initiate restart
+    Restart-Computer -Force
+
+    # Exit the script after initiating restart
+    Write-Output "[INFO] Please wait for the system to restart..."
+
+    Exit 1
+}
+
+
+function Configure-DCV {
+    Write-Output "[INFO] Starting Configure-DCV function"
+    $dcvPath = "Microsoft.PowerShell.Core\Registry::\HKEY_USERS\S-1-5-18\Software\GSettings\com\nicesoftware\dcv"
+    
+    # Create the required paths
+    @("$dcvPath\connectivity", "$dcvPath\session-management", "$dcvPath\session-management\automatic-console-session", "$dcvPath\display") | ForEach-Object {
+        if (-not (Test-Path $_)) {
+            New-Item -Path $_ -Force | Out-Null
+        }
+    }
+    
+    # Set registry keys
+    New-ItemProperty -Path "$dcvPath\connectivity" -Name enable-quic-frontend -PropertyType DWORD -Value 1 -Force
+    New-ItemProperty -Path "$dcvPath\session-management" -Name create-session -PropertyType DWORD -Value 1 -Force
+    New-ItemProperty -Path "$dcvPath\session-management\automatic-console-session" -Name owner -Value Administrator -Force
+    New-ItemProperty -Path "$dcvPath\display" -Name target-fps -PropertyType DWORD -Value 60 -Force
+    New-ItemProperty -Path "$dcvPath\connectivity" -Name enable-datagrams-display -Value "always-off" -Force
+    New-ItemProperty -Path "$dcvPath\connectivity" -Name quic-port -PropertyType DWORD -Value $port -Force
+    New-ItemProperty -Path "$dcvPath\connectivity" -Name web-port -PropertyType DWORD -Value $port -Force
+    New-ItemProperty -Path "$dcvPath\connectivity" -Name web-url-path -PropertyType String -Value $webURLPath -Force
+
+    # Attempt to restart service
+    if (Get-Service -Name "dcvserver" -ErrorAction SilentlyContinue) {
+        Restart-Service -Name "dcvserver"
+    } else {
+        Write-Output "[WARNING] dcvserver service not found. Ensure the system was restarted properly."
+    }
+
+    Write-Output "[INFO] DCV configuration completed"
+    Read-Host "[DEBUG] Press Enter to proceed to the next step"
+}
+
+# Main Script Execution
+Write-Output "[INFO] Starting script"
+$VirtualDisplayDriverRequired = [bool](Get-VirtualDisplayDriverRequired)
+Set-LocalAdminUser
+Download-DCV -VirtualDisplayDriverRequired $VirtualDisplayDriverRequired
+Install-DCV -VirtualDisplayDriverRequired $VirtualDisplayDriverRequired
+Configure-DCV
+Write-Output "[INFO] Script completed"

amazon-dcv-windows/main.tf

@@ -0,0 +1,85 @@
+terraform {
+  required_version = ">= 1.0"
+
+  required_providers {
+    coder = {
+      source  = "coder/coder"
+      version = ">= 0.17"
+    }
+  }
+}
+
+variable "agent_id" {
+  type        = string
+  description = "The ID of a Coder agent."
+}
+
+variable "admin_password" {
+  type      = string
+  default   = "coderDCV!"
+  sensitive = true
+}
+
+variable "port" {
+  type        = number
+  description = "The port number for the DCV server."
+  default     = 8443
+}
+
+variable "subdomain" {
+  type        = bool
+  description = "Whether to use a subdomain for the DCV server."
+  default     = true
+}
+
+variable "slug" {
+  type        = string
+  description = "The slug of the web-dcv coder_app resource."
+  default     = "web-dcv"
+}
+
+resource "coder_app" "web-dcv" {
+  agent_id     = var.agent_id
+  slug         = var.slug
+  display_name = "Web DCV"
+  url          = "https://localhost:${var.port}${local.web_url_path}?username=${local.admin_username}&password=${var.admin_password}"
+  icon         = "/icon/desktop.svg"
+  subdomain    = var.subdomain
+}
+
+resource "coder_script" "install-dcv" {
+  agent_id     = var.agent_id
+  display_name = "Install DCV"
+  icon         = "/icon/dcv.svg"
+  run_on_start = true
+  script = templatefile("${path.module}/install-dcv.ps1", {
+    admin_password : var.admin_password,
+    port : var.port,
+    web_url_path : local.web_url_path
+  })
+}
+
+data "coder_workspace" "me" {}
+data "coder_workspace_owner" "me" {}
+
+locals {
+  web_url_path   = var.subdomain ? "/" : format("/@%s/%s/apps/%s", data.coder_workspace_owner.me.name, data.coder_workspace.me.name, var.slug)
+  admin_username = "Administrator"
+}
+
+output "web_url_path" {
+  value = local.web_url_path
+}
+
+output "username" {
+  value = local.admin_username
+}
+
+output "password" {
+  value     = var.admin_password
+  sensitive = true
+}
+
+output "port" {
+  value = var.port
+}