Skip to content
This repository was archived by the owner on Aug 30, 2024. It is now read-only.

Commit ff7ba37

Browse files
f0sself0ssel
authored
Validate wsp and cemanager schemes match (#294)
1 parent f110d59 commit ff7ba37

File tree

1 file changed

+23
-9
lines changed

1 file changed

+23
-9
lines changed

internal/cmd/providers.go

+23-9
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,21 @@ coder providers create my-provider --hostname=https://provider.example.com --clu
5151
return err
5252
}
5353

54+
version, err := client.APIVersion(ctx)
55+
if err != nil {
56+
return xerrors.Errorf("get application version: %w", err)
57+
}
58+
59+
cemanagerURL := client.BaseURL()
60+
ingressHost, err := url.Parse(hostname)
61+
if err != nil {
62+
return xerrors.Errorf("parse hostname: %w", err)
63+
}
64+
65+
if cemanagerURL.Scheme != ingressHost.Scheme {
66+
return xerrors.Errorf("Coder access url and hostname must have matching protocols: coder access url: %s, workspace provider hostname: %s", cemanagerURL.String(), ingressHost.String())
67+
}
68+
5469
// ExactArgs(1) ensures our name value can't panic on an out of bounds.
5570
createReq := &coder.CreateWorkspaceProviderReq{
5671
Name: args[0],
@@ -64,15 +79,12 @@ coder providers create my-provider --hostname=https://provider.example.com --clu
6479
return xerrors.Errorf("create workspace provider: %w", err)
6580
}
6681

67-
cemanagerURL := client.BaseURL()
68-
ingressHost, err := url.Parse(hostname)
69-
if err != nil {
70-
return xerrors.Errorf("parse hostname: %w", err)
71-
}
72-
73-
version, err := client.APIVersion(ctx)
74-
if err != nil {
75-
return xerrors.Errorf("get application version: %w", err)
82+
var sslNote string
83+
if ingressHost.Scheme == "https" {
84+
sslNote = `
85+
NOTE: Since the hostname provided is using https you must ensure the deployment
86+
has a valid SSL certificate. See https://coder.com/docs/guides/ssl-certificates
87+
for more information.`
7688
}
7789

7890
clog.LogSuccess(fmt.Sprintf(`
@@ -93,9 +105,11 @@ helm upgrade coder-workspace-provider coder/workspace-provider \
93105
--install \
94106
--force \
95107
--set envproxy.token=`+wp.EnvproxyToken+` \
108+
--set envproxy.accessURL=`+ingressHost.String()+` \
96109
--set ingress.host=`+ingressHost.Hostname()+` \
97110
--set envproxy.clusterAddress=`+clusterAddress+` \
98111
--set cemanager.accessURL=`+cemanagerURL.String()+`
112+
`+sslNote+`
99113
100114
WARNING: The 'envproxy.token' is a secret value that authenticates the workspace provider,
101115
make sure not to share this token or make it public.

0 commit comments

Comments
 (0)