Skip to content

Automatically authenticate user with Coder in a workspace #2840

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Tracked by #3042
, #3182
...
sharkymark opened this issue Jul 6, 2022 · 8 comments
Closed
Tracked by #3042
, #3182
...

Automatically authenticate user with Coder in a workspace #2840

sharkymark opened this issue Jul 6, 2022 · 8 comments
Labels
stale This issue is like stale bread.

Comments

@sharkymark
Copy link
Contributor

sharkymark commented Jul 6, 2022
edited by bpmct
Loading

Problem

coder CLI in workspace requires login
image

Definition of Done

Like v1, user should not have to authenticate to the CLI in the workspace

Steps to reproduce

  1. Create a docker workspace
  2. Open terminal in workspace
  3. Run coder ls
  4. Note that you need to log in to Coder to see a list of workspaces
@ketang
Copy link
Contributor

ketang commented Jul 6, 2022

Hmm... I just tried to replicate this on our internal instance and was unable to.

Do you have these environment variables set?

CODER_AGENT_AUTH=token
CODER_AGENT_TOKEN=aaaaaaaa-aaaa-aaaa-aaaa-68241f8a4bde

@enbyted
Copy link

enbyted commented Jul 9, 2022
edited
Loading

Hi, it seems that I am impacted by similar issue, though maybe the observed behavior is slightly different.

I have freshly installed coder (same version as in title) with docker on a Ubuntu 20.04 machine with nginx as reverse proxy.
I'm using docker and docker with code-server templates for testing.

I cannot open terminal to the workspace via any means provided by coder known to me (web interface, code-server, coder ssh command). They all give me empty terminal. In the web interface I saw in the network inspector that the web socket connection is working and the terminal is sending my keystrokes - it's just the other side that is silent.

When I open docker shell into the workspace and try to run any eg. coder list I'm getting error that I'm not logged in.
Export gives me that:

coder@test2:/tmp/coder.wM6Ab4$ export
declare -x CODER_AGENT_AUTH="token"
declare -x CODER_AGENT_TOKEN="<redacted GUID-like string>"
declare -x ENTRYPOINTD="/entrypoint.d"
declare -x HOME="/home/coder"
declare -x HOSTNAME="test2"
declare -x LANG="en_US.UTF-8"
declare -x LS_COLORS="rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.zst=01;31:*.tzst=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.wim=01;31:*.swm=01;31:*.dwm=01;31:*.esd=01;31:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.webp=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:"
declare -x OLDPWD="/home/coder"
declare -x PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
declare -x PWD="/tmp/coder.wM6Ab4"
declare -x SHLVL="1"
declare -x TERM="xterm"
declare -x USER="coder"

docker logs gives me a ton of error messages like this:

2022-07-09 20:44:43.309 [WARN]  <./agent/agent.go:137>  (*agent).run    failed to dial  {"error": "GET https://<redacted domain name>/api/v2/workspaceagents/me/metadata: unexpected status code 401: Cookie \"session_token\" must be provided.: Try logging in using 'coder login \u003curl\u003e'."}

It might be that my proxy configuration is wrong, though I do not see any errors that would indicate that. I'm using the following nginx config:

  location / {
    proxy_pass http://127.0.0.1:3000;
    proxy_http_version 1.1;

      proxy_set_header Host $host;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection upgrade;
      proxy_set_header Accept-Encoding gzip;

            proxy_read_timeout 999999999;
  }

I also tried the trick with setting Connection header depending on $http_upgrade value, but that did not help in any way, so I reverted to simpler option.

Oh and the web interface says that the agent is connected.

If what I'm experiencing is unrelated, but still qualifies as a proper ticket please let me know and I'll create a new one.

@kylecarbs kylecarbs changed the title Bug in v0.7.6 a494489: coder CLI in workspace requires login CLI in workspace requires login Jul 18, 2022
@kylecarbs kylecarbs changed the title CLI in workspace requires login CLI in workspace requires running coder login Jul 18, 2022
@kylecarbs kylecarbs mentioned this issue Jul 19, 2022
Closed
20 tasks
@bpmct bpmct mentioned this issue Jul 22, 2022
Closed
@misskniss
Copy link

@bpmct will you add your repro steps?

@misskniss
Copy link

?Is CODER_USER token set?

@bpmct
Copy link
Member

bpmct commented Jul 26, 2022

@bpmct will you add your repro steps?

Done in issue comment

@misskniss
Copy link

@enbyted Would you mind creating a separate issue for what you are seeing so we can take a look? We think yours is potentially an nginx error.

@tjcran tjcran mentioned this issue Jul 29, 2022
Closed
25 tasks
@kylecarbs kylecarbs changed the title CLI in workspace requires running coder login Automatically authenticate user with Coder in a workspace Aug 24, 2022
@kylecarbs kylecarbs added feature and removed bug labels Aug 24, 2022
@github-actions
Copy link

This issue is becoming stale. In order to keep the tracker readable and actionable, I'm going close to this issue in 7 days if there isn't more activity.

@github-actions github-actions bot added the stale This issue is like stale bread. label Oct 25, 2022
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Nov 2, 2022
@matifali
Copy link
Member

We now have this using the coder-login module.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stale This issue is like stale bread.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@ketang @enbyted @sharkymark @misskniss @kylecarbs @matifali @f0ssel @bpmct