OS keychain problem when using extension in workspaces

Checklist

• I'm using the latest version of the extension (see the latest version in the right column of this page)
  • Extension version: v4.3.0
• I'm using the latest VS Code version (find the latest version here)
  • VS Code version: We inject our fork of VS Code into the workspace

    $ /projects/.gl-tools/code-server/bin/gitlab-webide-server --version
    1.85.2
    cc647a6c3fe1bc82cbcae763de7ec0939cc092c3
    x64

• I'm using a supported version of GitLab (see README for the supported version)
  • GitLab version: happens on gitlab.com

Summary

When we re-connect to a remote VS Code server, the GitLab Workflow extension doesn't recognize/auto-configure itself from stored credentials. But when you try to "add account" in the extension, it gives the error that the credentials are already present and we should remove them and retry.

Screen_Recording_2024-02-13_at_12.13.36_PM

@viktomas on Slack - this looks like a problem with the OS keychain. All the logs about token missing in the secret storage suggest that. This might be tricky to debug 🤔 We might start by figuring out how the Workspace OS stores secrets and see if there is an open issue for it in the VS Code project

Steps to reproduce

1. Create a workspace from https://gitlab.com/gitlab-org/remote-development/examples/example-go-http-app
   1. Setup Remote Development locally - https://gitlab.com/gitlab-org/remote-development/gitlab-remote-development-docs/-/blob/main/doc/local-development-environment-setup.md
2. Install GitLab Workflow extensions
3. Add an account in the extension
4. Reconnect to the workspace(refresh the page)
5. You'll be asked to add account again. Do that.
6. Notice error.
7. Remove the account from the extension.
8. Add it again and it will succeed.

What is the current bug behavior?

It does not recognize the stored tokens but is able to recognize when we are trying to add the same account again and gives you an error.

What is the expected correct behavior?

• The tokens are stored in such a way that reconnecting to the workspace does not make it ask you to add an account again.
• (Optional) If a user is trying to add an account which already exists, maybe override it? Possibly with a warning?

Relevant logs and/or screenshots

2024-02-22T09:02:28:612 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:29:674 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:29:674 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:164 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:407 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:410 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:411 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:411 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:411 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:853 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:853 [warning]: There is no GitLab account available with access to suggestions
2024-02-22T09:02:30:854 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:855 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:856 [info]: Extracted urls: []
2024-02-22T09:02:30:856 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:859 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:862 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:862 [info]: Found 0 projects for urls: []
2024-02-22T09:02:30:862 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:863 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:863 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:863 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:863 [warning]: There is no GitLab account available with access to suggestions
2024-02-22T09:02:30:863 [warning]: There is no GitLab account available with access to suggestions
2024-02-22T09:02:30:924 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:924 [info]: Extracted urls: [
      "https://gitlab.com/gitlab-org/remote-development/examples/example-go-http-app.git"
    ]
2024-02-22T09:02:30:924 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:925 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:925 [info]: Found 0 projects for urls: [
      "https://gitlab.com/gitlab-org/remote-development/examples/example-go-http-app.git"
    ]
2024-02-22T09:02:30:925 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:925 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:925 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:925 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:30:925 [warning]: There is no GitLab account available with access to suggestions
2024-02-22T09:02:30:925 [warning]: There is no GitLab account available with access to suggestions
2024-02-22T09:02:31:127 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:31:413 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:31:620 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:31:657 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:32:105 [error]: Account for instance https://gitlab.com and user vtak is missing a token in secret storage. Remove the account and add it again.
2024-02-22T09:02:34:871 [debug]: fetch: request to https://gitlab.com/api/v4/personal_access_tokens/self returned HTTP 200 after 339 ms
2024-02-22T09:02:35:006 [debug]: fetch: request to https://gitlab.com/api/v4/user returned HTTP 200 after 131 ms
2024-02-22T09:02:35:008 [error]: Account for instance https://gitlab.com and user vtak already exists. The extension ignored the request to re-add it. You can remove the account with the "GitLab: Remove Account from VS Code" command and add it again.
    Error: Account for instance https://gitlab.com and user vtak already exists. The extension ignored the request to re-add it. You can remove the account with the "GitLab: Remove Account from VS Code" command and add it again.
        at MD.addAccount (/home/gitlab-workspaces/.gitlab-webide-server/extensions/src/desktop/accounts/account_service.ts:149:13)
        at JX (/home/gitlab-workspaces/.gitlab-webide-server/extensions/src/desktop/token_input.ts:32:26)
        at processTicksAndRejections (node:internal/process/task_queues:95:5)
        at /home/gitlab-workspaces/.gitlab-webide-server/extensions/src/common/utils/wrap_command_with_catch.ts:10:7
        at d.h (/projects/.gl-tools/code-server/out/vs/workbench/api/node/extensionHostProcess.js:141:140116)
2024-02-22T09:02:40:299 [info]: Extracted urls: [
      "https://gitlab.com/gitlab-org/remote-development/examples/example-go-http-app.git"
    ]
2024-02-22T09:02:40:299 [info]: Found 0 projects for urls: [
      "https://gitlab.com/gitlab-org/remote-development/examples/example-go-http-app.git"
    ]
2024-02-22T09:02:40:300 [warning]: There is no GitLab account available with access to suggestions
2024-02-22T09:02:40:300 [warning]: There is no GitLab account available with access to suggestions
2024-02-22T09:02:46:387 [debug]: fetch: request to https://gitlab.com/api/v4/personal_access_tokens/self returned HTTP 200 after 102 ms
2024-02-22T09:02:46:559 [debug]: fetch: request to https://gitlab.com/api/v4/user returned HTTP 200 after 171 ms
2024-02-22T09:02:47:312 [info]: Extracted urls: [
      "https://gitlab.com/gitlab-org/remote-development/examples/example-go-http-app.git"
    ]
2024-02-22T09:02:47:314 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:47:318 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:47:522 [debug]: fetch: request to https://gitlab.com/api/graphql returned HTTP 200 after 204 ms
2024-02-22T09:02:47:525 [info]: Found 1 projects for urls: [
      "https://gitlab.com/gitlab-org/remote-development/examples/example-go-http-app.git"
    ]
2024-02-22T09:02:47:526 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:47:526 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:47:527 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:47:527 [info]: Configuring Language Server - baseUrl: https://gitlab.com
2024-02-22T09:02:47:528 [info]: Configuring Language Server - baseUrl: https://gitlab.com
2024-02-22T09:02:47:528 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:47:528 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:47:529 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:47:529 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:47:538 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:47:772 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:47:773 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:47:868 [debug]: fetch: request to https://gitlab.com/api/v4/version returned HTTP 200 after 339 ms
2024-02-22T09:02:47:965 [debug]: fetch: request to https://gitlab.com/api/graphql returned HTTP 200 after 430 ms
2024-02-22T09:02:47:969 [debug]: fetch: request to https://gitlab.com/api/graphql returned HTTP 200 after 430 ms
2024-02-22T09:02:48:011 [debug]: fetch: request to https://gitlab.com/api/v4/version returned HTTP 200 after 469 ms
2024-02-22T09:02:48:015 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:48:016 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:48:089 [debug]: fetch: request to https://gitlab.com/api/v4/projects/45847099/merge_requests?state=opened&source_branch=main returned HTTP 200 after 316 ms
2024-02-22T09:02:48:090 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:48:090 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:48:132 [debug]: fetch: request to https://gitlab.com/api/graphql returned HTTP 200 after 115 ms
2024-02-22T09:02:48:237 [debug]: fetch: request to https://gitlab.com/api/v4/projects/45847099/pipelines?ref=main returned HTTP 200 after 147 ms
2024-02-22T09:02:48:377 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:48:378 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:48:561 [debug]: fetch: request to https://gitlab.com/api/v4/projects/45847099/merge_requests?state=opened&source_branch=main returned HTTP 200 after 183 ms
2024-02-22T09:02:48:562 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:48:562 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:48:811 [debug]: fetch: request to https://gitlab.com/api/v4/projects/45847099/pipelines?ref=main returned HTTP 200 after 249 ms
2024-02-22T09:02:50:549 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:50:549 [debug]: Using non-expired account https://gitlab.com|10764887.
2024-02-22T09:02:50:662 [debug]: fetch: request to https://gitlab.com/api/v4/code_suggestions/enabled returned HTTP 200 after 113 ms

Possible fixes