VSCode >= 4.60 and getting a enter password prompt

Hi, I’m trying to run VSCode 4.9.1 (and also tried 4.6.0 to match existing threads about VSCode), but the issue I’m having isn’t a URL rewrite (as far as I know). It seems to be a password issue.

I won’t post all of the internal application files, but I am creating/setting a password in the before.sh.erb file, that password is being recognized in the script.sh.erb file (I print out the password to stdout just so I can see it being set).

The VSCode server launches, but when I click on the connection link in OOD, I’m taken to the ‘Welcome to code-server, Please log in below password was set from $PASSWORD’ screen. If I paste in the password that was printed in the output, I’m logged in and it seems to work.

Does anyone know how to get past the welcome screen and just have VSCode launch without that extra step?

Thanks.

Sorry for the trouble.

It may be that you just need to ensure that password is posted to the app at launch.

You’ll have to edit the view.html.erb to have something like

<form id="<%= form_id %>" action="/rnode/<%= host %>/<%= port %>/login?to=" method="post" target="_blank">
  <input type="hidden" name="password" value="<%= password %>">
  <button class="btn btn-primary" type="submit">
    <i class="fa fa-cogs"></i> Connect to VS Code
  </button>
</form>

And I think that should do it.

If you’re using more than one version of codeserver and want to select that in the form there are some extra steps needed as well, but I’m reading this as just one version is used, is that correct?

well, step 1 is to see if the newer version works, then I’m going to see about making a multi-version app…but right now just trying to get the one working. Let me see what I find.

I think it’s closer, but still doesn’t work. My created URL is now this:

https://ondemand/rnode/computenode1/51999/login?password=4qF5i0Q8zgHgEVBd
but I still have the ‘enter password’ screen.

Ok, I’m going to post the steps for multi-version selection as well for completeness.

In the form.yml:

---
cluster: "my_cluster"
form:
  ...
  - version
  ...
attributes:
  ...
  version:
    widget: "select"
    label: "Codeserver Version"
    options:
      - ["4.3", "4.3.1"]
      - ["4.6", "4.6.0"]
      - ["4.9", "4.9.1"]

In the template/before.sh add:

...
export code_server_version="<%= context.version %>"
...

In the submit.yml.erb:

---
batch_connect:
  template: "basic"
  conn_params:
    - code_server_version

And in the view.html.erb use some logic to use different REST calls based on the version number:

<% if code_server_version >= '4.6.1' %>
<form id="<%= form_id %>" action="/rnode/<%= host %>/<%= port %>/login?to=" method="post" target="_blank">
  <input type="hidden" name="password" value="<%= password %>">
<% else %>
<form id="<%= form_id %>" action="/rnode/<%= host %>/<%= port %>/" method="get" target="_blank">
<% end %>
  <button class="btn btn-primary" type="submit">
    <i class="fa fa-cogs"></i> Connect to VS Code
  </button>
</form>

This would allow older versions that don’t need to POST the password to just use a GET instead for example.

Thanks for that, that’ll save me a bunch of time. Still getting the login page though, even if I open a web browser directly on the server.

Hmm, ok, let me do some testing on my end. I’ve had to deal with this previously and the app can be finicky in these later version due to some upstream changes they made, sorry about the trouble.

Could I see the template/script.sh.erb file? Specifically the call to codeserver itself that is used and what options are being passed is what I am looking to see.

#!/usr/bin/bash -l
<%

# Determine the application root from session token.
app_root = BatchConnect::App.from_token(session.token).root.realpath

# Set our working directory.
working_dir = Pathname.new(context.working_dir)

# Ensure that code-server always starts up in either a user defined directory or the home directory.
if ! working_dir.exist?
    working_dir = Pathname.new(ENV['HOME'])
elsif working_dir.file?
    working_dir = working_dir.parent
end
%>

# Setup environment
APP_ROOT="<%= app_root.to_s %>"
CODE_SERVER_DATAROOT="$HOME/.local/share/code-server"
mkdir -p "$CODE_SERVER_DATAROOT/extensions"

# Expose the password to the server.
#export PASSWORD="$password"
#echo "PASSWORD: $password"

# Print compute node.
echo "$(date): Running on compute node ${compute_node}:$port"

# VSCode complains that system git is too old.
module load git/2.34 app_code_server/<%= context.version %>

CPP_FILE="<%= working_dir.to_s %>/.vscode/c_cpp_properties.json"

if [[ -f "$CPP_FILE" ]]; then
    CPP_DIR="${TMPDIR:=/tmp/$USER}/cpp-vscode"
    mkdir -p "$CPP_DIR"
    chmod 700 "$CPP_DIR"

    # if the file is empty, let's initialize it
    [ -s "$CPP_FILE" ] || echo '{"configurations": [{ "name": "Linux", "browse": { "databaseFilename": null }}], "version": 4}' > "$CPP_FILE"

    jq --arg dbfile "$CPP_DIR/cpp-vscode.db" \
      '.configurations[0].browse.databaseFilename = $dbfile' \
      "$CPP_FILE" > "$CPP_FILE".new

    mv "$CPP_FILE".new "$CPP_FILE"
  fi

#
# Start Code Server.
#
echo "$(date): Started code-server"
echo ""

module load git/2.34
/path/to/code-server-4.9.1-linux-amd64/bin/code-server \
    --auth="password" \
    --bind-addr="0.0.0.0:${port}" \
    --disable-telemetry \
    --disable-update-check
    --extensions-dir="$CODE_SERVER_DATAROOT/extensions" \
    --user-data-dir="$CODE_SERVER_DATAROOT" \
    --ignore-last-opened \
    --reuse-window \
    --log debug \
    "<%= working_dir.to_s %>"

Just looking a little deeper. It seems like VSCode wants a cookie with a hashed password set as a key= value (Setting/passing password as cookie is not working anymore · Issue #1189 · coder/code-server · GitHub)

As a quick test I just manually started up vscode and got the login screen at the url:
localhost:9999 (it auto-redirects me to /login). I enter the password, and the URL changes to localhost:9999/?key=12345

However, if I try to directly use that URL on a new session, I still get the login screen, so that makes me think it’s a cookie being used. The URL gets rewritten when I do this to: localhost:9999/login?key=12345&to=, so that password can’t be entered directly on the URL.

Just want to mention that I was able to get this working after re-downloading the latest copy of GitHub - OSC/bc_osc_codeserver: BETA - Batch Connect - OSC Code Server

I noticed there were a couple of extra lines in the view.html.erb that may have been the trick. Modifying the config files for our cluster, I was able to bring up code server 4.11 with no issue.

Side question, for installing extensions, the web page load that has the extension description won’t display. Does anyone have that working? I just get a ‘firefox can’t load this page’, then has a button to launch in a new window, and that doesn’t work either.

Dear all,

I am trying to add newer versions of vscode and got the same “passwd prompt” issue. I have tried vscode/4.8.3 and 4.11.0 and 4.12.0.

Using the code “”, the initial repetitive "passwd prompt " went away, but I got “Not found.” with the URL shown below:

https://lrc-ondemand.lbl.gov/rnode/n0000.ood0/61073/rnode/n0000.ood0/61073/

In contrast, for the working version vscode/3.8.0 I have, the URL would be something in the format like "https://lrc-ondemand.lbl.gov/rnode/n0000.ood0/61073/? "

Any advises?

Thank you very much.
Wei

There is different logic VSCode uses to login. Here’s the if block we use for our different versions. That may fix the redirect issues too. If it doesn’t let me know what OnDemand version you’re on - we may have patched that issue (you see that there are duplicate rnode items in the URL).

Hi Jeff,

We are use an old version: v1.8.18, any suggestions for the duplicated rnode items in the URL.

We have a plan to upgrade in the near future, but not there yet.

Thank you,
Wei

You can hot patch your system if you need, but I don’t know if it’s suggestible or what side affects you’d have. If you do, please back up all the files you edit.

You’d probably need to edit the template (/opt/ood/ood-portal-generator/templates/ood-portal.conf.erb), not the resulting file (/opt/rh/httpd24/root/etc/httpd/conf.d/ood-portal.conf).

You’d want to apply this patch that accounts for relative paths.

Which is to say - this issue was patched in 2.0, so an update may just fix the issue directly.

Thank you Jeff!

I changed /opt/ood/ood-portal-generator/templates/ood-portal.conf.erb.

However

-bash-4.2# pwd
/opt/ood/ood-portal-generator/spec/fixtures
-bash-4.2# ls ood*
ood-portal.conf.default ood-portal.conf.dex-full ood-portal.conf.maint_with_ips ood-portal.conf.oidc ood_portal.yaml.port
ood-portal.conf.dex ood-portal.conf.dex-ldap ood-portal.conf.nomaint ood-portal.conf.oidc-ssl

The file ood-portal.conf.all seems to be missing from the OOD version (v1.8.18) we are using.

Thank you,
Wei

Those are just test files. Files we use to run and validate tests against, so there’s no issue there. /opt/ood/ood-portal-generator/templates/ood-portal.conf.erb the only file you should need to update.

Hi Jeff,

Still get the same error message (below) with the patch.

https://lrc-ondemand.lbl.gov/rnode/n0000.ood0/24807/rnode/n0000.ood0/24807/

The problem applies to vscode below
- [“4.8”, “4.8.3”]
- [“4.11”, “4.11.0”]

The older version [“3.8”, “3.8.0”] has no problem, works before and after the patch.

Thanks,
Wei