<!--IssueSummary start--> <details> <summary> Everyone can contribute. [Help move this issue forward](https://handbook.gitlab.com/handbook/marketing/developer-relations/contributor-success/community-contributors-workflows/#contributor-links) while earning points, leveling up and collecting rewards. </summary> - [Close this issue](https://contributors.gitlab.com/manage-issue?action=close&projectId=278964&issueIid=548486) </details> <!--IssueSummary end--> MR: Pending ## Description As a user, I want to access ports opened within a workspace so that I can test services running on the workspace. - **Current behavior:** When I run a http server within the workspace I can connect to it by opening the workspace URL and replace the port with the port of the http server. I will see whatever is served by the http server (`Hello workspace!` in the example below). When I run a https server (with a self-signed certificate) though I get a 502 Bad Gateway error. - **Expected behavior:** The page served by the https server should be shown also for https and even for self-signed certificates (as during development self-signed certificates are often used). - **Steps to reproduce:** 1. Create a workspace 2. Create a self-signed certificate ```sh gitlab-workspaces@workspace-...:/projects/test$ mkdir -p "$PWD/certificate" gitlab-workspaces@workspace-...:/projects/test$ export TLS_KEY="$PWD/certificate/tls.key" gitlab-workspaces@workspace-...:/projects/test$ export TLS_CERT="$PWD/certificate/tls.crt" gitlab-workspaces@workspace-...:/projects/test$ openssl req -x509 -newkey rsa:4096 -days 365 -nodes -out "$TLS_CERT" -keyout "$TLS_KEY" -subj '/CN=localhost' ``` 3. Start a https server with the created certificate (e.g. using nodejs) package.json ```json { "name": "test", "version": "1.0.0", "description": "test case to repdoruce workspace behaviour", "dependencies": { "express": "^5.1.0" } } ``` test.js (working) ```js const http = require('http') const express = require('express') const { readFileSync } = require('fs') const app = express() app.get('/', (_req, res) => { res.send('Hello workspace!') }) const server = http.createServer(app) server.listen(8080, '0.0.0.0') ``` test.js (not working) ```js const https = require('https') const express = require('express') const { readFileSync } = require('fs') const app = express() app.get('/', (_req, res) => { res.send('Hello workspace!') }) const server = https.createServer({ key: readFileSync(process.env.TLS_KEY), cert: readFileSync(process.env.TLS_CERT) }, app) server.listen(8080, '0.0.0.0') ``` ```sh gitlab-workspaces@workspace-...:/projects/test$ node test.js ``` - **Additional information:** .devfile.yaml ```yaml schemaVersion: 2.2.0 variables: registry-root: registry.gitlab.com components: - name: tooling-container attributes: gl/inject-editor: true container: image: "{{registry-root}}/gitlab-org/workspaces/gitlab-workspaces-docs/nodejs:22.13.1-ubuntu-24.04" memoryRequest: 1024M memoryLimit: 4096M cpuRequest: 1000m cpuLimit: 2000m endpoints: - name: http-8080 targetPort: 8080 ``` ## Acceptance criteria - [ ] Ports are forwarded also for https - [ ] Self-signed certificates are supported <!--DO NOT TOUCH BELOW-->