PR tidy up

loft-sh · Dec 18, 2024 · b3810f1 · b3810f1
1 parent 990cb47
commit b3810f1
Show file tree

Hide file tree

Showing 9 changed files with 37 additions and 33 deletions.
diff --git a/cmd/agent/workspace/up.go b/cmd/agent/workspace/up.go
@@ -99,7 +99,6 @@ func (cmd *UpCmd) Run(ctx context.Context) error {
 }
 
 func (cmd *UpCmd) up(ctx context.Context, workspaceInfo *provider2.AgentWorkspaceInfo, tunnelClient tunnel.TunnelClient, logger log.Logger) error {
-
 	// create devcontainer
 	result, err := cmd.devPodUp(ctx, workspaceInfo, logger)
 	if err != nil {

diff --git a/cmd/helper/ssh_server.go b/cmd/helper/ssh_server.go
@@ -22,12 +22,12 @@ import (
 type SSHServerCmd struct {
 	*flags.GlobalFlags
 
-	Token         string
-	Address       string
-	Stdio         bool
-	TrackActivity bool
-	ReuseAuthSock string
-	Workdir       string
+	Token            string
+	Address          string
+	Stdio            bool
+	TrackActivity    bool
+	ReuseSSHAuthSock string
+	Workdir          string
 }
 
 // NewSSHServerCmd creates a new ssh command
@@ -45,8 +45,8 @@ func NewSSHServerCmd(flags *flags.GlobalFlags) *cobra.Command {
 	sshCmd.Flags().StringVar(&cmd.Address, "address", fmt.Sprintf("0.0.0.0:%d", helperssh.DefaultPort), "Address to listen to")
 	sshCmd.Flags().BoolVar(&cmd.Stdio, "stdio", false, "Will listen on stdout and stdin instead of an address")
 	sshCmd.Flags().BoolVar(&cmd.TrackActivity, "track-activity", false, "If enabled will write the last activity time to a file")
-	sshCmd.Flags().StringVar(&cmd.ReuseAuthSock, "reuse-sock", "", "If set, the SSH_AUTH_SOCK is expected to already be available in the workspace (under /tmp using the key provided) and the connection reuses this instead of creating a new one")
-	_ = sshCmd.Flags().MarkHidden("reuse-sock")
+	sshCmd.Flags().StringVar(&cmd.ReuseSSHAuthSock, "reuse-ssh-auth-sock", "", "If set, the SSH_AUTH_SOCK is expected to already be available in the workspace (under /tmp using the key provided) and the connection reuses this instead of creating a new one")
+	_ = sshCmd.Flags().MarkHidden("reuse-ssh-auth-sock")
 	sshCmd.Flags().StringVar(&cmd.Token, "token", "", "Base64 encoded token to use")
 	sshCmd.Flags().StringVar(&cmd.Workdir, "workdir", "", "Directory where commands will run on the host")
 	return sshCmd
@@ -92,7 +92,7 @@ func (cmd *SSHServerCmd) Run(_ *cobra.Command, _ []string) error {
 	}
 
 	// start the server
-	server, err := helperssh.NewServer(cmd.Address, hostKey, keys, cmd.Workdir, cmd.ReuseAuthSock, log.Default.ErrorStreamOnly())
+	server, err := helperssh.NewServer(cmd.Address, hostKey, keys, cmd.Workdir, cmd.ReuseSSHAuthSock, log.Default.ErrorStreamOnly())
 	if err != nil {
 		return err
 	}

diff --git a/cmd/ssh.go b/cmd/ssh.go
@@ -52,7 +52,7 @@ type SSHCmd struct {
 
 	Stdio                     bool
 	JumpContainer             bool
-	ReuseAuthSock             string
+	ReuseSSHAuthSock          string
 	AgentForwarding           bool
 	GPGAgentForwarding        bool
 	GitSSHSignatureForwarding bool
@@ -111,8 +111,8 @@ func NewSSHCmd(f *flags.GlobalFlags) *cobra.Command {
 	sshCmd.Flags().StringVar(&cmd.WorkDir, "workdir", "", "The working directory in the container")
 	sshCmd.Flags().BoolVar(&cmd.Proxy, "proxy", false, "If true will act as intermediate proxy for a proxy provider")
 	sshCmd.Flags().BoolVar(&cmd.AgentForwarding, "agent-forwarding", true, "If true forward the local ssh keys to the remote machine")
-	sshCmd.Flags().StringVar(&cmd.ReuseAuthSock, "reuse-sock", "", "If set, the SSH_AUTH_SOCK is expected to already be available in the workspace (under /tmp using the key provided) and the connection reuses this instead of creating a new one")
-	_ = sshCmd.Flags().MarkHidden("reuse-sock")
+	sshCmd.Flags().StringVar(&cmd.ReuseSSHAuthSock, "reuse-ssh-auth-sock", "", "If set, the SSH_AUTH_SOCK is expected to already be available in the workspace (under /tmp using the key provided) and the connection reuses this instead of creating a new one")
+	_ = sshCmd.Flags().MarkHidden("reuse-ssh-auth-sock")
 	sshCmd.Flags().BoolVar(&cmd.GPGAgentForwarding, "gpg-agent-forwarding", false, "If true forward the local gpg-agent to the remote machine")
 	sshCmd.Flags().BoolVar(&cmd.Stdio, "stdio", false, "If true will tunnel connection through stdout and stdin")
 	sshCmd.Flags().BoolVar(&cmd.StartServices, "start-services", true, "If false will not start any port-forwarding or git / docker credentials helper")
@@ -433,9 +433,9 @@ func (cmd *SSHCmd) startTunnel(ctx context.Context, devPodConfig *config.Config,
 
 	log.Debugf("Run outer container tunnel")
 	command := fmt.Sprintf("'%s' helper ssh-server --track-activity --stdio --workdir '%s'", agent.ContainerDevPodHelperLocation, workdir)
-	if cmd.ReuseAuthSock != "" {
+	if cmd.ReuseSSHAuthSock != "" {
 		log.Info("Reusing SSH_AUTH_SOCK")
-		command += fmt.Sprintf(" --reuse-sock=%s", cmd.ReuseAuthSock)
+		command += fmt.Sprintf(" --reuse-ssh-auth-sock=%s", cmd.ReuseSSHAuthSock)
 	}
 	if cmd.Debug {
 		command += " --debug"

diff --git a/cmd/up.go b/cmd/up.go
@@ -5,7 +5,6 @@ import (
 	"context"
 	"fmt"
 	"io"
-	"math/rand"
 	"net"
 	"os"
 	"os/exec"
@@ -39,6 +38,7 @@ import (
 	provider2 "github.com/loft-sh/devpod/pkg/provider"
 	devssh "github.com/loft-sh/devpod/pkg/ssh"
 	"github.com/loft-sh/devpod/pkg/tunnel"
+	"github.com/loft-sh/devpod/pkg/util"
 	"github.com/loft-sh/devpod/pkg/version"
 	workspace2 "github.com/loft-sh/devpod/pkg/workspace"
 	"github.com/loft-sh/log"
@@ -141,16 +141,6 @@ func NewUpCmd(f *flags.GlobalFlags) *cobra.Command {
 	return upCmd
 }
 
-const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
-
-func RandStringBytes(n int) string {
-	b := make([]byte, n)
-	for i := range b {
-		b[i] = letterBytes[rand.Intn(len(letterBytes))]
-	}
-	return string(b)
-}
-
 // Run runs the command logic
 func (cmd *UpCmd) Run(
 	ctx context.Context,
@@ -170,7 +160,7 @@ func (cmd *UpCmd) Run(
 		targetIDE = cmd.IDE
 	}
 	if !cmd.Proxy && ide.ReusesAuthSock(targetIDE) {
-		cmd.SSHAuthSockID = RandStringBytes(10)
+		cmd.SSHAuthSockID = util.RandStringBytes(10)
 		log.Debug("Reusing SSH_AUTH_SOCK", cmd.SSHAuthSockID)
 	} else if cmd.Proxy && ide.ReusesAuthSock(targetIDE) {
 		log.Info("Reusing SSH_AUTH_SOCK is not supported with proxy mode, consider launching the IDE from the platform UI")
@@ -897,7 +887,7 @@ func setupBackhaul(client client2.BaseWorkspaceClient, authSockId string, log lo
 		execPath,
 		"ssh",
 		"--agent-forwarding=true",
-		fmt.Sprintf("--reuse-sock=%s", authSockId),
+		fmt.Sprintf("--reuse-ssh-auth-sock=%s", authSockId),
 		"--start-services=false",
 		"--user",
 		remoteUser,
@@ -955,7 +945,7 @@ func startBrowserTunnel(
 
 			cmd, err := createSSHCommand(ctx, client, logger, []string{
 				"--log-output=raw",
-				fmt.Sprintf("--reuse-sock=%s", authSockID),
+				fmt.Sprintf("--reuse-ssh-auth-sock=%s", authSockID),
 				"--stdio",
 			})
 			if err != nil {

diff --git a/docs/uml/up_sequence.puml b/docs/uml/up_sequence.puml
@@ -64,7 +64,7 @@ Agent --> DevPod:
 deactivate Agent
 
 alt if using browser based IDE (openvscode, marimo, jupyter)
-DevPod -> ContainerAgent: devpod ssh --reuse-sock
+DevPod -> ContainerAgent: devpod ssh --reuse-ssh-auth-sock
 end
 
 DevPod -> IDE: Start

diff --git a/pkg/devcontainer/setup.go b/pkg/devcontainer/setup.go
@@ -99,7 +99,7 @@ func (r *runner) setupContainer(
 	// ssh tunnel
 	sshTunnelCmd := fmt.Sprintf("'%s' helper ssh-server --stdio", agent.ContainerDevPodHelperLocation)
 	if ide.ReusesAuthSock(r.WorkspaceConfig.Workspace.IDE.Name) {
-		sshTunnelCmd += fmt.Sprintf(" --reuse-sock=%s", r.WorkspaceConfig.CLIOptions.SSHAuthSockID)
+		sshTunnelCmd += fmt.Sprintf(" --reuse-ssh-auth-sock=%s", r.WorkspaceConfig.CLIOptions.SSHAuthSockID)
 	}
 	if r.Log.GetLevel() == logrus.DebugLevel {
 		sshTunnelCmd += " --debug"

diff --git a/pkg/ide/types.go b/pkg/ide/types.go
@@ -38,7 +38,7 @@ func (o Options) GetValue(values map[string]config.OptionValue, key string) stri
 	return ""
 }
 
-// ReusesAuthSock determines if the --reuse-sock flag should be passed to the ssh server helper based on the IDE.
+// ReusesAuthSock determines if the --reuse-ssh-auth-sock flag should be passed to the ssh server helper based on the IDE.
 // Browser based IDEs use a browser tunnel to communicate with the remote server instead of an independent ssh connection
 func ReusesAuthSock(ide string) bool {
 	return ide == "openvscode" || ide == "marimo" || ide == "jupyternotebook" || ide == "jlab"

diff --git a/pkg/ssh/server/ssh.go b/pkg/ssh/server/ssh.go
@@ -133,7 +133,7 @@ func (s *Server) handler(sess ssh.Session) {
 		// used for browser tunnels such as openvscode, since the IDE itself doesn't create an SSH connection it uses a "backhaul" connection and uses the existing socket
 		dir := ""
 		if s.reuseSock != "" {
-			dir = filepath.Join(os.TempDir(), s.reuseSock)
+			dir = filepath.Join(os.TempDir(), fmt.Sprintf("auth-agent-%s", s.reuseSock))
 			err = os.MkdirAll(dir, 0777)
 			if err != nil {
 				s.exitWithError(sess, perrors.Wrap(err, "creating SSH_AUTH_SOCK dir in /tmp"))

diff --git a/pkg/util/rand.go b/pkg/util/rand.go
@@ -0,0 +1,15 @@
+package util
+
+import (
+	"math/rand"
+)
+
+const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+
+func RandStringBytes(n int) string {
+	b := make([]byte, n)
+	for i := range b {
+		b[i] = letterBytes[rand.Intn(len(letterBytes))]
+	}
+	return string(b)
+}