Skip to content

Use prefix in environment variables for editor injector

Vishal Tak requested to merge vtak/editor-data-dir into master

What does this MR do and why?

Issue: editor-injector: Use GL_ prefix in environment ... (gitlab-web-ide-vscode-fork#18 - closed)

Use prefix in environment variables for editor injector

Move functionality to start SSH server from the start_server script

Corresponding gitlab-web-ide-vscode-fork MR: fix: Use environment variables with prefix (gitlab-web-ide-vscode-fork!69 - merged) for which a new tag was created https://gitlab.com/gitlab-org/gitlab-web-ide-vscode-fork/-/releases/1.81.1-1.0.0-dev-20240102190239 . The editor-injector for this tag was retagged as registry.gitlab.com/gitlab-org/gitlab-web-ide-vscode-fork/web-ide-injector:5 which is being used in this MR.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. Create a workspace with an image which has SSHD installed. You can use registry.gitlab.com/vtak/gitlab-web-ide-vscode-fork/golang-git-openssh:golang-1.20.5-bullseye for test.

    Click to expand the dockerfile for the above image 
    FROM golang:1.20.5-bullseye

# Install `openssh-server` and other dependencies
RUN apt update \
    && apt upgrade -y \
    && apt install  openssh-server sudo curl git wget software-properties-common apt-transport-https --yes \
    && rm -rf /var/lib/apt/lists/*

# Permit empty passwords
RUN sed -i 's/nullok_secure/nullok/' /etc/pam.d/common-auth
RUN echo "PermitEmptyPasswords yes" >> /etc/ssh/sshd_config

# Generate a workspace host key
RUN ssh-keygen -A
RUN chmod 775 /etc/ssh/ssh_host_rsa_key && \
    chmod 775 /etc/ssh/ssh_host_ecdsa_key && \
    chmod 775 /etc/ssh/ssh_host_ed25519_key

# Create a `gitlab-workspaces` user
RUN useradd -l -u 5001 -G sudo -md /home/gitlab-workspaces -s /bin/bash gitlab-workspaces
RUN passwd -d gitlab-workspaces
ENV HOME=/home/gitlab-workspaces
WORKDIR $HOME
RUN mkdir -p /home/gitlab-workspaces && chgrp -R 0 /home && chmod -R g=u /etc/passwd /etc/group /home

# Allow sign-in access to `/etc/shadow`
RUN chmod 775 /etc/shadow

USER gitlab-workspaces

  2. Click on the workspace URL.

  3. Verify that the start_server script is using environment variables with prefix GL_ by checking the running the command cat /projects/.gl-editor/start_server.sh.

  4. Verify you are able to SSH into the workspace by running the following commands

    # get TCP load balancer IP
kubectl -n gitlab-workspaces get service gitlab-workspaces-proxy-ssh --output jsonpath='{.status.loadBalancer.ingress[0].ip}'


# when prompted for password, enter a token with at least `read_api` access
ssh <WORKSPACE_NAME>@<SSH_LOAD_BALANCER_IP>
Edited by Vishal Tak

Merge request reports