Commitd97b113

authored

Merge branch 'main' into dependabot/gradle/main/com.squareup.moshi-moshi-1.15.2

2 parentsda7b728 +aab5916 commitd97b113Copy full SHA for d97b113

File tree

65 files changed

+3583

-1163

lines changed

.github/workflows
- build.yml
- release.yml
.gitignore
CHANGELOG.md
CONTRIBUTING.md
README.md
build.gradle.kts
gradle.properties
gradlew.bat
gradlew
gradle/wrapper
- gradle-wrapper.jar
- gradle-wrapper.properties
src
- main
  - kotlin/com/coder/gateway
    - CoderGatewayConstants.kt
    - CoderRemoteConnectionHandle.kt
    - CoderSettingsConfigurable.kt
    - CoderSetupCommandException.kt
    - cli
      - CoderCLIManager.kt
      - downloader
        CoderDownloadApi.kt
        CoderDownloadService.kt
        DownloadResult.kt
      - ex
        Exceptions.kt
      - gpg
        GPGVerifier.kt
        VerificationResult.kt
    - help
      - CoderWebHelp.kt
    - icons
      - CoderIcons.kt
    - models
    - sdk
      - CoderRestClient.kt
      - convertors
        InstantConverter.kt
      - v2
        CoderV2RestFacade.kt
        models
        CreateWorkspaceBuildRequest.kt
        WorkspaceBuildReason.kt
    - settings
      - CoderSettings.kt
    - util
    - views
      - CoderGatewayRecentWorkspaceConnectionsView.kt
      - steps
        CoderWorkspaceProjectIDEStepView.kt
        CoderWorkspacesStepView.kt
  - resources
    - META-INF
      - pluginIcon.svg
      - pluginIcon_dark.svg
      - trusted-keys
        pgp-public.key
    - logo
    - messages
      - CoderGatewayBundle.properties
- test
  - fixtures
    - inputs
      - wildcard.conf
    - outputs
      - wildcard.conf
  - kotlin/com/coder/gateway

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

65 files changed

+3583

-1163

lines changed

`‎.github/workflows/build.yml‎`

Lines changed: 7 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -23,9 +23,9 @@ jobs:`
`23`	`23`	`-windows-latest`
`24`	`24`	`runs-on:${{ matrix.platform }}`
`25`	`25`	`steps:`
`26`		`- -uses:actions/checkout@v4.2.2`
	`26`	`+ -uses:actions/checkout@v5.0.0`
`27`	`27`
`28`		`- -uses:actions/setup-java@v4`
	`28`	`+ -uses:actions/setup-java@v5`
`29`	`29`	`with:`
`30`	`30`	`distribution:zulu`
`31`	`31`	`java-version:17`
`@@ -56,11 +56,11 @@ jobs:`
`56`	`56`	`steps:`
`57`	`57`	`# Check out current repository`
`58`	`58`	`-name:Fetch Sources`
`59`		`-uses:actions/checkout@v4.2.2`
	`59`	`+uses:actions/checkout@v5.0.0`
`60`	`60`
`61`	`61`	`# Setup Java 11 environment for the next steps`
`62`	`62`	`-name:Setup Java`
`63`		`-uses:actions/setup-java@v4`
	`63`	`+uses:actions/setup-java@v5`
`64`	`64`	`with:`
`65`	`65`	`distribution:zulu`
`66`	`66`	`java-version:17`
`@@ -82,7 +82,8 @@ jobs:`
`82`	`82`	`echo "::set-output name=name::$NAME"`
`83`	`83`	`echo "::set-output name=changelog::$CHANGELOG"`
`84`	`84`	`echo "::set-output name=pluginVerifierHomeDir::~/.pluginVerifier"`
`85`		`- ./gradlew listProductsReleases # prepare list of IDEs for Plugin Verifier`
	`85`	`+ # prepare list of IDEs for Plugin Verifier`
	`86`	`+ ./gradlew printProductsReleases`
`86`	`87`
`87`	`88`	`# Run plugin build`
`88`	`89`	`-name:Run Build`
`@@ -140,7 +141,7 @@ jobs:`
`140`	`141`
`141`	`142`	`# Check out current repository`
`142`	`143`	`-name:Fetch Sources`
`143`		`-uses:actions/checkout@v4.2.2`
	`144`	`+uses:actions/checkout@v5.0.0`
`144`	`145`
`145`	`146`	`# Remove old release drafts by using the curl request for the available releases with draft flag`
`146`	`147`	`-name:Remove Old Release Drafts`

`‎.github/workflows/release.yml‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -15,13 +15,13 @@ jobs:`
`15`	`15`
`16`	`16`	`# Check out current repository`
`17`	`17`	`-name:Fetch Sources`
`18`		`-uses:actions/checkout@v4.2.2`
	`18`	`+uses:actions/checkout@v5.0.0`
`19`	`19`	`with:`
`20`	`20`	`ref:${{ github.event.release.tag_name }}`
`21`	`21`
`22`	`22`	`# Setup Java 17 environment for the next steps`
`23`	`23`	`-name:Setup Java`
`24`		`-uses:actions/setup-java@v4`
	`24`	`+uses:actions/setup-java@v5`
`25`	`25`	`with:`
`26`	`26`	`distribution:zulu`
`27`	`27`	`java-version:17`

`‎.gitignore‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,7 @@`
`14`	`14`	`## Gradle`
`15`	`15`	`.gradle`
`16`	`16`	`build`
	`17`	`+jvm/`
`17`	`18`
`18`	`19`	`## Qodana`
`19`	`20`	`.qodana`

`‎CHANGELOG.md‎`

Lines changed: 103 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -6,6 +6,109 @@`
`6`	`6`
`7`	`7`	`###Added`
`8`	`8`
	`9`	`+- support for disabling SSH wildcard config.`
	`10`	`+`
	`11`	`+##2.22.3 - 2025-09-19`
	`12`	`+`
	`13`	`+###Fixed`
	`14`	`+`
	`15`	`+- relaxed SNI hostname resolution`
	`16`	`+`
	`17`	`+##2.22.2 - 2025-09-08`
	`18`	`+`
	`19`	`+###Fixed`
	`20`	`+`
	`21`	`+- api keys are no longer created each time workspaces are polled`
	`22`	`+`
	`23`	`+##2.22.1 - 2025-07-30`
	`24`	`+`
	`25`	`+###Added`
	`26`	`+`
	`27`	`+- support for skipping CLI signature verification`
	`28`	`+`
	`29`	`+##2.22.0 - 2025-07-25`
	`30`	`+`
	`31`	`+###Added`
	`32`	`+`
	`33`	`+- support for checking if CLI is signed`
	`34`	`+- improved progress reporting while downloading the CLI`
	`35`	`+- URL validation is stricter in the connection screen and URI protocol handler`
	`36`	`+`
	`37`	`+##2.21.1 - 2025-06-26`
	`38`	`+`
	`39`	`+###Fixed`
	`40`	`+`
	`41`	`+- marketplace logo`
	`42`	`+`
	`43`	`+##2.21.0 - 2025-06-25`
	`44`	`+`
	`45`	`+###Changed`
	`46`	`+`
	`47`	`+- the logos and icons now match the new branding`
	`48`	`+- the plugin is functionally the same but built with the new plugin system`
	`49`	`+`
	`50`	`+##2.20.1 - 2025-05-20`
	`51`	`+`
	`52`	`+###Changed`
	`53`	`+`
	`54`	`+- Retrieve workspace directly in link handler when using wildcardSSH feature`
	`55`	`+`
	`56`	`+###Fixed`
	`57`	`+`
	`58`	`+- installed EAP, RC, NIGHTLY and PREVIEW IDEs are no longer displayed if there is a higher released version available for download.`
	`59`	+- project path is prefilled with the`folder` URI parameter when the IDE&Project dialog opens for URI handling.
	`60`	`+`
	`61`	`+##2.19.0 - 2025-02-21`
	`62`	`+`
	`63`	`+###Added`
	`64`	`+`
	`65`	`+- Added functionality to show setup script error message to the end user.`
	`66`	`+`
	`67`	`+###Fixed`
	`68`	`+`
	`69`	`+- Fix bug where wildcard configs would not be written under certain conditions.`
	`70`	`+`
	`71`	`+##2.18.1 - 2025-02-14`
	`72`	`+`
	`73`	`+###Changed`
	`74`	`+`
	`75`	+- Update the`pluginUntilBuild` to latest EAP
	`76`	`+`
	`77`	`+##2.18.0 - 2025-02-04`
	`78`	`+`
	`79`	`+###Changed`
	`80`	`+`
	`81`	`+- Simplifies the written SSH config and avoids the need to make an API request for every workspace the filter returns.`
	`82`	`+`
	`83`	`+##2.17.0 - 2025-01-27`
	`84`	`+`
	`85`	`+###Added`
	`86`	`+`
	`87`	`+- Added setting "Check for IDE updates" which controls whether the plugin`
	`88`	`+ checks and prompts for available IDE backend updates.`
	`89`	`+`
	`90`	`+##2.16.0 - 2025-01-17`
	`91`	`+`
	`92`	`+###Added`
	`93`	`+`
	`94`	`+- Added setting "Default IDE Selection" which will look for a matching IDE`
	`95`	`+ code/version/build number to set as the preselected IDE in the select`
	`96`	`+ component.`
	`97`	`+`
	`98`	`+##2.15.2 - 2025-01-06`
	`99`	`+`
	`100`	`+###Changed`
	`101`	`+`
	`102`	`+- When starting a workspace, shell out to the Coder binary instead of making an`
	`103`	`+ API call. This reduces drift between what the plugin does and the CLI does.`
	`104`	`+- Increase workspace polling to one second on the workspace list view, to pick`
	`105`	`+ up changes made via the CLI faster. The recent connections view remains`
	`106`	`+ unchanged at five seconds.`
	`107`	`+`
	`108`	`+##2.15.1 - 2024-10-04`
	`109`	`+`
	`110`	`+###Added`
	`111`	`+`
`9`	`112`	`- Support an "owner" parameter when launching an IDE from the dashboard. This`
`10`	`113`	`makes it possible to reliably connect to the right workspace in the case where`
`11`	`114`	`multiple users are using the same workspace name and the workspace filter is`

`‎CONTRIBUTING.md‎`

Lines changed: 64 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -16,6 +16,70 @@ There are three ways to get into a workspace:`
`16`	`16`
`17`	`17`	`Currently the first two will configure SSH but the third does not yet.`
`18`	`18`
	`19`	`+##GPG Signature Verification`
	`20`	`+`
	`21`	`+The Coder Gateway plugin starting with version2.22.0 implements a comprehensive GPG signature verification system to`
	`22`	`+ensure the authenticity and integrity of downloaded Coder CLI binaries. This security feature helps protect users from`
	`23`	`+running potentially malicious or tampered binaries.`
	`24`	`+`
	`25`	`+###How It Works`
	`26`	`+`
	`27`	`+1.Binary Download: When connecting to a Coder deployment, the plugin downloads the appropriate Coder CLI binary for`
	`28`	+ the user's operating system and architecture from the deployment's`/bin/` endpoint.
	`29`	`+`
	`30`	+2.Signature Download: After downloading the binary, the plugin attempts to download the corresponding`.asc`
	`31`	`+ signature file from the same location. The signature file is named according to the binary (e.g.,`
	`32`	+`coder-linux-amd64.asc` for`coder-linux-amd64`).
	`33`	`+`
	`34`	`+3.Fallback Signature Sources: If the signature is not available from the deployment, the plugin can optionally fall`
	`35`	+ back to downloading signatures from`releases.coder.com`. This is controlled by the`fallbackOnCoderForSignatures`
	`36`	`+ setting.`
	`37`	`+`
	`38`	`+4.GPG Verification: The plugin uses the BouncyCastle library shipped with Gateway app to verify the detached GPG`
	`39`	`+ signature against the downloaded binary using Coder's trusted public key.`
	`40`	`+`
	`41`	`+5.User Interaction: If signature verification fails or signatures are unavailable, the plugin presents security`
	`42`	`+ warnings`
	`43`	`+ to users, allowing them to accept the risk and continue or abort the operation.`
	`44`	`+`
	`45`	`+###Verification Process`
	`46`	`+`
	`47`	`+The verification process involves several components:`
	`48`	`+`
	`49`	+-`GPGVerifier`: Handles the core GPG signature verification logic using BouncyCastle
	`50`	+-`VerificationResult`: Represents the outcome of verification (Valid, Invalid, Failed, SignatureNotFound)
	`51`	+-`CoderDownloadService`: Manages downloading both binaries and their signatures
	`52`	+-`CoderCLIManager`: Orchestrates the download and verification workflow
	`53`	`+`
	`54`	`+###Configuration Options`
	`55`	`+`
	`56`	`+Users can control signature verification behavior through plugin settings:`
	`57`	`+`
	`58`	+-`disableSignatureVerification`: When enabled, skips all signature verification. This is useful for clients running
	`59`	`+ custom CLI builds, or`
	`60`	+ customers with old deployment versions that don't have a signature published on`releases.coder.com`.
	`61`	+-`fallbackOnCoderForSignatures`: When enabled, allows downloading signatures from`releases.coder.com` if not
	`62`	`+ available from the deployment`
	`63`	`+`
	`64`	`+###Security Considerations`
	`65`	`+`
	`66`	`+- The plugin embeds Coder's trusted public key in the plugin resources`
	`67`	`+- Verification uses detached signatures, which are more secure than attached signatures`
	`68`	`+- Users are warned about security risks when verification fails`
	`69`	`+- The system gracefully handles cases where signatures are unavailable`
	`70`	`+- All verification failures are logged for debugging purposes`
	`71`	`+`
	`72`	`+###Error Handling`
	`73`	`+`
	`74`	`+The system handles various failure scenarios:`
	`75`	`+`
	`76`	`+-Missing signatures: Prompts user to accept risk or abort`
	`77`	`+-Invalid signatures: Warns user about potential tampering and prompts user to accept risk or abort`
	`78`	`+-Verification failures: Prompts user to accept risk or abort`
	`79`	`+`
	`80`	`+This signature verification system ensures that users can trust the Coder CLI binaries they download through the plugin,`
	`81`	`+protecting against supply chain attacks and ensuring binary integrity.`
	`82`	`+`
`19`	`83`	`##Development`
`20`	`84`
`21`	`85`	`To manually install a local build:`

`‎README.md‎`

Lines changed: 4 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -10,6 +10,10 @@ Follow](https://img.shields.io/twitter/follow/CoderHQ?label=%40CoderHQ&style=soc`
`10`	`10`	`The Coder Gateway plugin lets you open[Coder](https://github.com/coder/coder)`
`11`	`11`	`workspaces in your JetBrains IDEs with a single click.`
`12`	`12`
	`13`	`+>[!NOTE]`
	`14`	`+>We recommend using the[Coder Toolbox plugin](https://github.com/coder/coder-jetbrains-toolbox), which offers significant stability and connectivity benefits over Gateway. Future updates of the Coder plugin on Jetbrains will be made to the Toolbox plugin. Reference our[documentation](https://coder.com/docs/user-guides/workspace-access/jetbrains/toolbox) for more information.`
	`15`	`+`
	`16`	`+`
`13`	`17`	`Manage less`
`14`	`18`
`15`	`19`	`- Ensure your entire team is using the same tools and resources`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commitd97b113

File tree

65 files changed

Some content is hidden

65 files changed

`‎.github/workflows/build.yml‎`

`‎.github/workflows/release.yml‎`

`‎.gitignore‎`

`‎CHANGELOG.md‎`

`‎CONTRIBUTING.md‎`

`‎README.md‎`

0 commit comments