VSCode >= 4.60 and getting a enter password prompt

Hi, I’m trying to run VSCode 4.9.1 (and also tried 4.6.0 to match existing threads about VSCode), but the issue I’m having isn’t a URL rewrite (as far as I know). It seems to be a password issue.

I won’t post all of the internal application files, but I am creating/setting a password in the before.sh.erb file, that password is being recognized in the script.sh.erb file (I print out the password to stdout just so I can see it being set).

The VSCode server launches, but when I click on the connection link in OOD, I’m taken to the ‘Welcome to code-server, Please log in below password was set from $PASSWORD’ screen. If I paste in the password that was printed in the output, I’m logged in and it seems to work.

Does anyone know how to get past the welcome screen and just have VSCode launch without that extra step?

Thanks.

Sorry for the trouble.

It may be that you just need to ensure that password is posted to the app at launch.

You’ll have to edit the view.html.erb to have something like

<form id="<%= form_id %>" action="/rnode/<%= host %>/<%= port %>/login?to=" method="post" target="_blank">
  <input type="hidden" name="password" value="<%= password %>">
  <button class="btn btn-primary" type="submit">
    <i class="fa fa-cogs"></i> Connect to VS Code
  </button>
</form>

And I think that should do it.

If you’re using more than one version of codeserver and want to select that in the form there are some extra steps needed as well, but I’m reading this as just one version is used, is that correct?

well, step 1 is to see if the newer version works, then I’m going to see about making a multi-version app…but right now just trying to get the one working. Let me see what I find.

I think it’s closer, but still doesn’t work. My created URL is now this:

https://ondemand/rnode/computenode1/51999/login?password=4qF5i0Q8zgHgEVBd
but I still have the ‘enter password’ screen.

Ok, I’m going to post the steps for multi-version selection as well for completeness.

In the form.yml:

---
cluster: "my_cluster"
form:
  ...
  - version
  ...
attributes:
  ...
  version:
    widget: "select"
    label: "Codeserver Version"
    options:
      - ["4.3", "4.3.1"]
      - ["4.6", "4.6.0"]
      - ["4.9", "4.9.1"]

In the template/before.sh add:

...
export code_server_version="<%= context.version %>"
...

In the submit.yml.erb:

---
batch_connect:
  template: "basic"
  conn_params:
    - code_server_version

And in the view.html.erb use some logic to use different REST calls based on the version number:

<% if code_server_version >= '4.6.1' %>
<form id="<%= form_id %>" action="/rnode/<%= host %>/<%= port %>/login?to=" method="post" target="_blank">
  <input type="hidden" name="password" value="<%= password %>">
<% else %>
<form id="<%= form_id %>" action="/rnode/<%= host %>/<%= port %>/" method="get" target="_blank">
<% end %>
  <button class="btn btn-primary" type="submit">
    <i class="fa fa-cogs"></i> Connect to VS Code
  </button>
</form>

This would allow older versions that don’t need to POST the password to just use a GET instead for example.

Thanks for that, that’ll save me a bunch of time. Still getting the login page though, even if I open a web browser directly on the server.

Hmm, ok, let me do some testing on my end. I’ve had to deal with this previously and the app can be finicky in these later version due to some upstream changes they made, sorry about the trouble.

Could I see the template/script.sh.erb file? Specifically the call to codeserver itself that is used and what options are being passed is what I am looking to see.

#!/usr/bin/bash -l
<%

# Determine the application root from session token.
app_root = BatchConnect::App.from_token(session.token).root.realpath

# Set our working directory.
working_dir = Pathname.new(context.working_dir)

# Ensure that code-server always starts up in either a user defined directory or the home directory.
if ! working_dir.exist?
    working_dir = Pathname.new(ENV['HOME'])
elsif working_dir.file?
    working_dir = working_dir.parent
end
%>

# Setup environment
APP_ROOT="<%= app_root.to_s %>"
CODE_SERVER_DATAROOT="$HOME/.local/share/code-server"
mkdir -p "$CODE_SERVER_DATAROOT/extensions"

# Expose the password to the server.
#export PASSWORD="$password"
#echo "PASSWORD: $password"

# Print compute node.
echo "$(date): Running on compute node ${compute_node}:$port"

# VSCode complains that system git is too old.
module load git/2.34 app_code_server/<%= context.version %>

CPP_FILE="<%= working_dir.to_s %>/.vscode/c_cpp_properties.json"

if [[ -f "$CPP_FILE" ]]; then
    CPP_DIR="${TMPDIR:=/tmp/$USER}/cpp-vscode"
    mkdir -p "$CPP_DIR"
    chmod 700 "$CPP_DIR"

    # if the file is empty, let's initialize it
    [ -s "$CPP_FILE" ] || echo '{"configurations": [{ "name": "Linux", "browse": { "databaseFilename": null }}], "version": 4}' > "$CPP_FILE"

    jq --arg dbfile "$CPP_DIR/cpp-vscode.db" \
      '.configurations[0].browse.databaseFilename = $dbfile' \
      "$CPP_FILE" > "$CPP_FILE".new

    mv "$CPP_FILE".new "$CPP_FILE"
  fi

#
# Start Code Server.
#
echo "$(date): Started code-server"
echo ""

module load git/2.34
/path/to/code-server-4.9.1-linux-amd64/bin/code-server \
    --auth="password" \
    --bind-addr="0.0.0.0:${port}" \
    --disable-telemetry \
    --disable-update-check
    --extensions-dir="$CODE_SERVER_DATAROOT/extensions" \
    --user-data-dir="$CODE_SERVER_DATAROOT" \
    --ignore-last-opened \
    --reuse-window \
    --log debug \
    "<%= working_dir.to_s %>"

Just looking a little deeper. It seems like VSCode wants a cookie with a hashed password set as a key= value (Setting/passing password as cookie is not working anymore · Issue #1189 · coder/code-server · GitHub)

As a quick test I just manually started up vscode and got the login screen at the url:
localhost:9999 (it auto-redirects me to /login). I enter the password, and the URL changes to localhost:9999/?key=12345

However, if I try to directly use that URL on a new session, I still get the login screen, so that makes me think it’s a cookie being used. The URL gets rewritten when I do this to: localhost:9999/login?key=12345&to=, so that password can’t be entered directly on the URL.