NotificationsYou must be signed in to change notification settings
Fork928
Star10.1k

Commit6612e3c

authored

feat: Add config-ssh command (#735)

* feat: Add config-ssh commandCloses#254 and#499.* Fix Windows support

1 parent6ab1a68 commit6612e3cCopy full SHA for 6612e3c

File tree

29 files changed

+554

-115

lines changed

.vscode
- settings.json
agent
- agent.go
- conn.go
- usershell
  - usershell_other.go
cli
cmd/cliui
- main.go
coderd
- workspaceresources.go
examples
- gcp-linux
  - main.tf
- gcp-windows
  - main.tf
go.mod
go.sum
provisioner/terraform
- provision.go
- serve.go

29 files changed

+554

-115

lines changed

`‎.vscode/settings.json`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"cSpell.words": [`
	`3`	`+"cliflag",`
`3`	`4`	`"cliui",`
`4`	`5`	`"coderd",`
`5`	`6`	`"coderdtest",`

`‎agent/agent.go`

Lines changed: 41 additions & 50 deletions

Original file line number	Diff line number	Diff line change
`@@ -56,24 +56,24 @@ type agent struct {`
`56`	`56`	`sshServer*ssh.Server`
`57`	`57`	`}`
`58`	`58`
`59`		`-func (s*agent)run(ctx context.Context) {`
	`59`	`+func (a*agent)run(ctx context.Context) {`
`60`	`60`	`varpeerListener*peerbroker.Listener`
`61`	`61`	`varerrerror`
`62`	`62`	`// An exponential back-off occurs when the connection is failing to dial.`
`63`	`63`	`// This is to prevent server spam in case of a coderd outage.`
`64`	`64`	`forretrier:=retry.New(50time.Millisecond,10time.Second);retrier.Wait(ctx); {`
`65`		`-peerListener,err=s.clientDialer(ctx,s.options)`
	`65`	`+peerListener,err=a.clientDialer(ctx,a.options)`
`66`	`66`	`iferr!=nil {`
`67`	`67`	`iferrors.Is(err,context.Canceled) {`
`68`	`68`	`return`
`69`	`69`	`}`
`70`		`-ifs.isClosed() {`
	`70`	`+ifa.isClosed() {`
`71`	`71`	`return`
`72`	`72`	`}`
`73`		`-s.options.Logger.Warn(context.Background(),"failed to dial",slog.Error(err))`
	`73`	`+a.options.Logger.Warn(context.Background(),"failed to dial",slog.Error(err))`
`74`	`74`	`continue`
`75`	`75`	`}`
`76`		`-s.options.Logger.Info(context.Background(),"connected")`
	`76`	`+a.options.Logger.Info(context.Background(),"connected")`
`77`	`77`	`break`
`78`	`78`	`}`
`79`	`79`	`select {`
`@@ -85,48 +85,48 @@ func (s *agent) run(ctx context.Context) {`
`85`	`85`	`for {`
`86`	`86`	`conn,err:=peerListener.Accept()`
`87`	`87`	`iferr!=nil {`
`88`		`-ifs.isClosed() {`
	`88`	`+ifa.isClosed() {`
`89`	`89`	`return`
`90`	`90`	`}`
`91`		`-s.options.Logger.Debug(ctx,"peer listener accept exited; restarting connection",slog.Error(err))`
`92`		`-s.run(ctx)`
	`91`	`+a.options.Logger.Debug(ctx,"peer listener accept exited; restarting connection",slog.Error(err))`
	`92`	`+a.run(ctx)`
`93`	`93`	`return`
`94`	`94`	`}`
`95`		`-s.closeMutex.Lock()`
`96`		`-s.connCloseWait.Add(1)`
`97`		`-s.closeMutex.Unlock()`
`98`		`-gos.handlePeerConn(ctx,conn)`
	`95`	`+a.closeMutex.Lock()`
	`96`	`+a.connCloseWait.Add(1)`
	`97`	`+a.closeMutex.Unlock()`
	`98`	`+goa.handlePeerConn(ctx,conn)`
`99`	`99`	`}`
`100`	`100`	`}`
`101`	`101`
`102`		`-func (sagent)handlePeerConn(ctx context.Context,connpeer.Conn) {`
	`102`	`+func (aagent)handlePeerConn(ctx context.Context,connpeer.Conn) {`
`103`	`103`	`gofunc() {`
`104`	`104`	`<-conn.Closed()`
`105`		`-s.connCloseWait.Done()`
	`105`	`+a.connCloseWait.Done()`
`106`	`106`	`}()`
`107`	`107`	`for {`
`108`	`108`	`channel,err:=conn.Accept(ctx)`
`109`	`109`	`iferr!=nil {`
`110`		`-iferrors.Is(err,peer.ErrClosed)\|\|s.isClosed() {`
	`110`	`+iferrors.Is(err,peer.ErrClosed)\|\|a.isClosed() {`
`111`	`111`	`return`
`112`	`112`	`}`
`113`		`-s.options.Logger.Debug(ctx,"accept channel from peer connection",slog.Error(err))`
	`113`	`+a.options.Logger.Debug(ctx,"accept channel from peer connection",slog.Error(err))`
`114`	`114`	`return`
`115`	`115`	`}`
`116`	`116`
`117`	`117`	`switchchannel.Protocol() {`
`118`	`118`	`case"ssh":`
`119`		`-s.sshServer.HandleConn(channel.NetConn())`
	`119`	`+a.sshServer.HandleConn(channel.NetConn())`
`120`	`120`	`default:`
`121`		`-s.options.Logger.Warn(ctx,"unhandled protocol from channel",`
	`121`	`+a.options.Logger.Warn(ctx,"unhandled protocol from channel",`
`122`	`122`	`slog.F("protocol",channel.Protocol()),`
`123`	`123`	`slog.F("label",channel.Label()),`
`124`	`124`	`)`
`125`	`125`	`}`
`126`	`126`	`}`
`127`	`127`	`}`
`128`	`128`
`129`		`-func (s*agent)init(ctx context.Context) {`
	`129`	`+func (a*agent)init(ctx context.Context) {`
`130`	`130`	`// Clients' should ignore the host key when connecting.`
`131`	`131`	`// The agent needs to authenticate with coderd to SSH,`
`132`	`132`	`// so SSH authentication doesn't improve security.`
`@@ -138,17 +138,17 @@ func (s *agent) init(ctx context.Context) {`
`138`	`138`	`iferr!=nil {`
`139`	`139`	`panic(err)`
`140`	`140`	`}`
`141`		`-sshLogger:=s.options.Logger.Named("ssh-server")`
	`141`	`+sshLogger:=a.options.Logger.Named("ssh-server")`
`142`	`142`	`forwardHandler:=&ssh.ForwardedTCPHandler{}`
`143`		`-s.sshServer=&ssh.Server{`
	`143`	`+a.sshServer=&ssh.Server{`
`144`	`144`	`ChannelHandlers:ssh.DefaultChannelHandlers,`
`145`	`145`	`ConnectionFailedCallback:func(conn net.Conn,errerror) {`
`146`	`146`	`sshLogger.Info(ctx,"ssh connection ended",slog.Error(err))`
`147`	`147`	`},`
`148`	`148`	`Handler:func(session ssh.Session) {`
`149`		`-err:=s.handleSSHSession(session)`
	`149`	`+err:=a.handleSSHSession(session)`
`150`	`150`	`iferr!=nil {`
`151`		`-s.options.Logger.Debug(ctx,"ssh session failed",slog.Error(err))`
	`151`	`+a.options.Logger.Warn(ctx,"ssh session failed",slog.Error(err))`
`152`	`152`	`_=session.Exit(1)`
`153`	`153`	`return`
`154`	`154`	`}`
`@@ -177,35 +177,26 @@ func (s *agent) init(ctx context.Context) {`
`177`	`177`	`},`
`178`	`178`	`ServerConfigCallback:func(ctx ssh.Context)*gossh.ServerConfig {`
`179`	`179`	`return&gossh.ServerConfig{`
`180`		`-Config: gossh.Config{`
`181`		`-// "arcfour" is the fastest SSH cipher. We prioritize throughput`
`182`		`-// over encryption here, because the WebRTC connection is already`
`183`		`-// encrypted. If possible, we'd disable encryption entirely here.`
`184`		`-Ciphers: []string{"arcfour"},`
`185`		`-},`
`186`	`180`	`NoClientAuth:true,`
`187`	`181`	`}`
`188`	`182`	`},`
`189`	`183`	`}`
`190`	`184`
`191`		`-gos.run(ctx)`
	`185`	`+goa.run(ctx)`
`192`	`186`	`}`
`193`	`187`
`194`		`-func (*agent)handleSSHSession(session ssh.Session)error {`
	`188`	`+func (a*agent)handleSSHSession(session ssh.Session)error {`
`195`	`189`	`var (`
`196`	`190`	`commandstring`
`197`	`191`	`args= []string{}`
`198`	`192`	`errerror`
`199`	`193`	`)`
`200`	`194`
`201`		`-username:=session.User()`
`202`		`-ifusername=="" {`
`203`		`-currentUser,err:=user.Current()`
`204`		`-iferr!=nil {`
`205`		`-returnxerrors.Errorf("get current user: %w",err)`
`206`		`-}`
`207`		`-username=currentUser.Username`
	`195`	`+currentUser,err:=user.Current()`
	`196`	`+iferr!=nil {`
	`197`	`+returnxerrors.Errorf("get current user: %w",err)`
`208`	`198`	`}`
	`199`	`+username:=currentUser.Username`
`209`	`200`
`210`	`201`	`// gliderlabs/ssh returns a command slice of zero`
`211`	`202`	`// when a shell is requested.`
`@@ -249,9 +240,9 @@ func (*agent) handleSSHSession(session ssh.Session) error {`
`249`	`240`	`}`
`250`	`241`	`gofunc() {`
`251`	`242`	`forwin:=rangewindowSize {`
`252`		`-err:=ptty.Resize(uint16(win.Width),uint16(win.Height))`
	`243`	`+err=ptty.Resize(uint16(win.Width),uint16(win.Height))`
`253`	`244`	`iferr!=nil {`
`254`		`-panic(err)`
	`245`	`+a.options.Logger.Warn(context.Background(),"failed to resize tty",slog.Error(err))`
`255`	`246`	`}`
`256`	`247`	`}`
`257`	`248`	`}()`
`@@ -286,24 +277,24 @@ func (*agent) handleSSHSession(session ssh.Session) error {`
`286`	`277`	`}`
`287`	`278`
`288`	`279`	`// isClosed returns whether the API is closed or not.`
`289`		`-func (s*agent)isClosed()bool {`
	`280`	`+func (a*agent)isClosed()bool {`
`290`	`281`	`select {`
`291`		`-case<-s.closed:`
	`282`	`+case<-a.closed:`
`292`	`283`	`returntrue`
`293`	`284`	`default:`
`294`	`285`	`returnfalse`
`295`	`286`	`}`
`296`	`287`	`}`
`297`	`288`
`298`		`-func (s*agent)Close()error {`
`299`		`-s.closeMutex.Lock()`
`300`		`-defers.closeMutex.Unlock()`
`301`		`-ifs.isClosed() {`
	`289`	`+func (a*agent)Close()error {`
	`290`	`+a.closeMutex.Lock()`
	`291`	`+defera.closeMutex.Unlock()`
	`292`	`+ifa.isClosed() {`
`302`	`293`	`returnnil`
`303`	`294`	`}`
`304`		`-close(s.closed)`
`305`		`-s.closeCancel()`
`306`		`-_=s.sshServer.Close()`
`307`		`-s.connCloseWait.Wait()`
	`295`	`+close(a.closed)`
	`296`	`+a.closeCancel()`
	`297`	`+_=a.sshServer.Close()`
	`298`	`+a.connCloseWait.Wait()`
`308`	`299`	`returnnil`
`309`	`300`	`}`

`‎agent/conn.go`

Lines changed: 0 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -39,9 +39,6 @@ func (c Conn) SSHClient() (ssh.Client, error) {`
`39`	`39`	`returnnil,xerrors.Errorf("ssh: %w",err)`
`40`	`40`	`}`
`41`	`41`	`sshConn,channels,requests,err:=ssh.NewClientConn(netConn,"localhost:22",&ssh.ClientConfig{`
`42`		`-Config: ssh.Config{`
`43`		`-Ciphers: []string{"arcfour"},`
`44`		`-},`
`45`	`42`	`// SSH host validation isn't helpful, because obtaining a peer`
`46`	`43`	`// connection already signifies user-intent to dial a workspace.`
`47`	`44`	`// #nosec`

`‎agent/usershell/usershell_other.go`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -27,5 +27,5 @@ func Get(username string) (string, error) {`
`27`	`27`	`}`
`28`	`28`	`returnparts[6],nil`
`29`	`29`	`}`
`30`		`-return"",xerrors.New("user not found in /etc/passwd and $SHELL not set")`
	`30`	`+return"",xerrors.Errorf("user%qnot found in /etc/passwd",username)`
`31`	`31`	`}`

`‎cli/cliui/agent.go`

Lines changed: 11 additions & 10 deletions

Original file line number	Diff line number	Diff line change
`@@ -3,11 +3,11 @@ package cliui`
`3`	`3`	`import (`
`4`	`4`	`"context"`
`5`	`5`	`"fmt"`
	`6`	`+"io"`
`6`	`7`	`"sync"`
`7`	`8`	`"time"`
`8`	`9`
`9`	`10`	`"github.com/briandowns/spinner"`
`10`		`-"github.com/spf13/cobra"`
`11`	`11`	`"golang.org/x/xerrors"`
`12`	`12`
`13`	`13`	`"github.com/coder/coder/codersdk"`
`@@ -21,15 +21,15 @@ type AgentOptions struct {`
`21`	`21`	`}`
`22`	`22`
`23`	`23`	`// Agent displays a spinning indicator that waits for a workspace agent to connect.`
`24`		`-funcAgent(cmd*cobra.Command,optsAgentOptions)error {`
	`24`	`+funcAgent(ctx context.Context,writer io.Writer,optsAgentOptions)error {`
`25`	`25`	`ifopts.FetchInterval==0 {`
`26`	`26`	`opts.FetchInterval=500*time.Millisecond`
`27`	`27`	`}`
`28`	`28`	`ifopts.WarnInterval==0 {`
`29`	`29`	`opts.WarnInterval=30*time.Second`
`30`	`30`	`}`
`31`	`31`	`varresourceMutex sync.Mutex`
`32`		`-resource,err:=opts.Fetch(cmd.Context())`
	`32`	`+resource,err:=opts.Fetch(ctx)`
`33`	`33`	`iferr!=nil {`
`34`	`34`	`returnxerrors.Errorf("fetch: %w",err)`
`35`	`35`	`}`
`@@ -40,7 +40,8 @@ func Agent(cmd *cobra.Command, opts AgentOptions) error {`
`40`	`40`	`opts.WarnInterval=0`
`41`	`41`	`}`
`42`	`42`	`spin:=spinner.New(spinner.CharSets[78],100*time.Millisecond,spinner.WithColor("fgHiGreen"))`
`43`		`-spin.Writer=cmd.OutOrStdout()`
	`43`	`+spin.Writer=writer`
	`44`	`+spin.ForceOutput=true`
`44`	`45`	`spin.Suffix=" Waiting for connection from "+Styles.Field.Render(resource.Type+"."+resource.Name)+"..."`
`45`	`46`	`spin.Start()`
`46`	`47`	`deferspin.Stop()`
`@@ -51,7 +52,7 @@ func Agent(cmd *cobra.Command, opts AgentOptions) error {`
`51`	`52`	`defertimer.Stop()`
`52`	`53`	`gofunc() {`
`53`	`54`	`select {`
`54`		`-case<-cmd.Context().Done():`
	`55`	`+case<-ctx.Done():`
`55`	`56`	`return`
`56`	`57`	`case<-timer.C:`
`57`	`58`	`}`
`@@ -63,17 +64,17 @@ func Agent(cmd *cobra.Command, opts AgentOptions) error {`
`63`	`64`	`}`
`64`	`65`	`// This saves the cursor position, then defers clearing from the cursor`
`65`	`66`	`// position to the end of the screen.`
`66`		`-_,_=fmt.Fprintf(cmd.OutOrStdout(),"\033[s\r\033[2K%s\n\n",Styles.Paragraph.Render(Styles.Prompt.String()+message))`
`67`		`-deferfmt.Fprintf(cmd.OutOrStdout(),"\033[u\033[J")`
	`67`	`+_,_=fmt.Fprintf(writer,"\033[s\r\033[2K%s\n\n",Styles.Paragraph.Render(Styles.Prompt.String()+message))`
	`68`	`+deferfmt.Fprintf(writer,"\033[u\033[J")`
`68`	`69`	`}()`
`69`	`70`	`for {`
`70`	`71`	`select {`
`71`		`-case<-cmd.Context().Done():`
`72`		`-returncmd.Context().Err()`
	`72`	`+case<-ctx.Done():`
	`73`	`+returnctx.Err()`
`73`	`74`	`case<-ticker.C:`
`74`	`75`	`}`
`75`	`76`	`resourceMutex.Lock()`
`76`		`-resource,err=opts.Fetch(cmd.Context())`
	`77`	`+resource,err=opts.Fetch(ctx)`
`77`	`78`	`iferr!=nil {`
`78`	`79`	`returnxerrors.Errorf("fetch: %w",err)`
`79`	`80`	`}`

`‎cli/cliui/agent_test.go`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,7 @@ func TestAgent(t *testing.T) {`
`20`	`20`	`ptty:=ptytest.New(t)`
`21`	`21`	`cmd:=&cobra.Command{`
`22`	`22`	`RunE:func(cmd*cobra.Command,args []string)error {`
`23`		`-err:=cliui.Agent(cmd, cliui.AgentOptions{`
	`23`	`+err:=cliui.Agent(cmd.Context(),cmd.OutOrStdout(), cliui.AgentOptions{`
`24`	`24`	`WorkspaceName:"example",`
`25`	`25`	`Fetch:func(ctx context.Context) (codersdk.WorkspaceResource,error) {`
`26`	`26`	`resource:= codersdk.WorkspaceResource{`

`‎cli/cliui/log.go`

Lines changed: 38 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,38 @@`
	`1`	`+package cliui`
	`2`	`+`
	`3`	`+import (`
	`4`	`+"fmt"`
	`5`	`+"io"`
	`6`	`+"strings"`
	`7`	`+`
	`8`	`+"github.com/charmbracelet/lipgloss"`
	`9`	`+)`
	`10`	`+`
	`11`	`+// cliMessage provides a human-readable message for CLI errors and messages.`
	`12`	`+typecliMessagestruct {`
	`13`	`+Levelstring`
	`14`	`+Style lipgloss.Style`
	`15`	`+Headerstring`
	`16`	`+Lines []string`
	`17`	`+}`
	`18`	`+`
	`19`	`+// String formats the CLI message for consumption by a human.`
	`20`	`+func (mcliMessage)String()string {`
	`21`	`+varstr strings.Builder`
	`22`	`+_,_=fmt.Fprintf(&str,"%s\r\n",`
	`23`	`+Styles.Bold.Render(m.Header))`
	`24`	`+for_,line:=rangem.Lines {`
	`25`	`+_,_=fmt.Fprintf(&str," %s %s\r\n",m.Style.Render("\|"),line)`
	`26`	`+}`
	`27`	`+returnstr.String()`
	`28`	`+}`
	`29`	`+`
	`30`	`+// Warn writes a log to the writer provided.`
	`31`	`+funcWarn(wtr io.Writer,headerstring,lines...string) {`
	`32`	`+_,_=fmt.Fprint(wtr,cliMessage{`
	`33`	`+Level:"warning",`
	`34`	`+Style:Styles.Warn,`
	`35`	`+Header:header,`
	`36`	`+Lines:lines,`
	`37`	`+}.String())`
	`38`	`+}`

`‎cli/cliui/prompt.go`

Lines changed: 6 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -2,6 +2,7 @@ package cliui`
`2`	`2`
`3`	`3`	`import (`
`4`	`4`	`"bufio"`
	`5`	`+"bytes"`
`5`	`6`	`"encoding/json"`
`6`	`7`	`"fmt"`
`7`	`8`	`"io"`
`@@ -62,7 +63,11 @@ func Prompt(cmd *cobra.Command, opts PromptOptions) (string, error) {`
`62`	`63`	`varrawMessage json.RawMessage`
`63`	`64`	`err:=json.NewDecoder(pipeReader).Decode(&rawMessage)`
`64`	`65`	`iferr==nil {`
`65`		`-line=string(rawMessage)`
	`66`	`+varbuf bytes.Buffer`
	`67`	`+err=json.Compact(&buf,rawMessage)`
	`68`	`+iferr==nil {`
	`69`	`+line=buf.String()`
	`70`	`+}`
`66`	`71`	`}`
`67`	`72`	`}`
`68`	`73`	`}`

`‎cli/cliui/prompt_test.go`

Lines changed: 1 addition & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -93,9 +93,7 @@ func TestPrompt(t *testing.T) {`
`93`	`93`	ptty.WriteLine(`{
`94`	`94`	`"test": "wow"`
`95`	`95`	}`)
`96`		-require.Equal(t,`{
`97`		`-"test": "wow"`
`98`		-}`,<-doneChan)
	`96`	+require.Equal(t,`{"test":"wow"}`,<-doneChan)
`99`	`97`	`})`
`100`	`98`	`}`
`101`	`99`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit6612e3c

File tree

29 files changed

29 files changed

`‎.vscode/settings.json`

`‎agent/agent.go`

`‎agent/conn.go`

`‎agent/usershell/usershell_other.go`

`‎cli/cliui/agent.go`

`‎cli/cliui/agent_test.go`

`‎cli/cliui/log.go`

`‎cli/cliui/prompt.go`

`‎cli/cliui/prompt_test.go`

0 commit comments