Connect to dev environment using the JetBrains SSH connection handler (#3629)

* Put alternative connect strategy under feature flag

* Update CawsSshConnectionConfigModifier.kt

* connects to dev env

* removed registry entry

* new changes

* feedback changes

* detekt

* Fix integ

* oops

* fix failure

---------

Co-authored-by: Richard Li <[email protected]>
Co-authored-by: Richard Li <[email protected]>
Co-authored-by: Saurabh Ajmera <[email protected]>

Author: 3 people

gradle.properties

@@ -8,7 +8,7 @@ toolkitVersion=1.69-SNAPSHOT
 publishToken=
 publishChannel=
 
-ideProfileName=2022.2
+ideProfileName=2023.1
 
 remoteRobotPort=8080
 

jetbrains-core/resources/META-INF/services/caws.xml

@@ -9,7 +9,6 @@
         <applicationService serviceImplementation="software.aws.toolkits.jetbrains.core.credentials.sono.SonoCredentialManager"/>
         <applicationService serviceImplementation="software.aws.toolkits.jetbrains.services.caws.envclient.CawsEnvironmentClient"/>
         <applicationService serviceImplementation="software.aws.toolkits.jetbrains.settings.CawsSpaceTracker"/>
-
         <projectService serviceImplementation="software.aws.toolkits.jetbrains.services.caws.projectstate.CawsProjectSettings"/>
     </extensions>
 

jetbrains-core/src/software/aws/toolkits/jetbrains/services/caws/CawsConstants.kt

@@ -5,6 +5,7 @@ package software.aws.toolkits.jetbrains.services.caws
 
 object CawsConstants {
     const val CAWS_ENV_PROJECT_DIR = "/projects"
+    const val CAWS_ENV_IDE_BACKEND_DIR = "/aws/mde/ide-runtimes/jetbrains/runtime/"
     const val CAWS_ENV_AUTH_TOKEN_VAR = "__MDE_ENV_API_AUTHORIZATION_TOKEN"
     const val CAWS_ENV_ORG_NAME_VAR = "__DEV_ENVIRONMENT_ORGANIZATION_NAME"
     const val CAWS_ENV_PROJECT_NAME_VAR = "__DEV_ENVIRONMENT_PROJECT_NAME"

jetbrains-gateway/it/software/aws/toolkits/jetbrains/gateway/DevEnvConnectTest.kt

@@ -5,10 +5,10 @@ package software.aws.toolkits.jetbrains.gateway
 
 import com.intellij.execution.configurations.GeneralCommandLine
 import com.intellij.execution.util.ExecUtil
-import com.intellij.openapi.application.ApplicationInfo
 import com.intellij.openapi.application.ApplicationManager
 import com.intellij.openapi.components.service
 import com.intellij.openapi.components.serviceOrNull
+import com.intellij.openapi.util.Disposer
 import com.intellij.remoteDev.downloader.JetBrainsClientDownloaderConfigurationProvider
 import com.intellij.remoteDev.downloader.TestJetBrainsClientDownloaderConfigurationProvider
 import com.intellij.remoteDev.hostStatus.UnattendedHostStatus
@@ -20,7 +20,6 @@ import com.jetbrains.gateway.api.ConnectionRequestor
 import com.jetbrains.gateway.api.GatewayConnectionHandle
 import com.jetbrains.rd.util.lifetime.isNotAlive
 import kotlinx.coroutines.runBlocking
-import org.junit.jupiter.api.Assumptions.assumeTrue
 import org.junit.jupiter.api.BeforeEach
 import org.junit.jupiter.api.DynamicTest
 import org.junit.jupiter.api.TestFactory
@@ -47,6 +46,7 @@ import software.aws.toolkits.jetbrains.core.credentials.sono.SONO_URL
 import software.aws.toolkits.jetbrains.core.credentials.sso.bearer.BearerTokenProvider
 import software.aws.toolkits.jetbrains.core.tools.MockToolManagerRule
 import software.aws.toolkits.jetbrains.core.tools.ToolManager
+import software.aws.toolkits.jetbrains.gateway.connection.IDE_BACKEND_DIR
 import software.aws.toolkits.jetbrains.gateway.connection.StdOutResult
 import software.aws.toolkits.jetbrains.gateway.connection.ThinClientTrackerService
 import software.aws.toolkits.jetbrains.gateway.connection.caws.CawsCommandExecutor
@@ -168,6 +168,7 @@ class DevEnvConnectTest : AfterAllCallback {
         // can probably abstract this out as an extension
         // force auth to complete now
         connection = ManagedBearerSsoConnection(SONO_URL, SONO_REGION, listOf("codecatalyst:read_write"))
+        Disposer.register(disposable, connection)
         // pin connection to avoid dialog prompt
         ConnectionPinningManager.getInstance().setPinnedConnection(CodeCatalystConnection.getInstance(), connection)
         (connection.getConnectionSettings().tokenProvider.delegate as BearerTokenProvider).reauthenticate()
@@ -184,9 +185,6 @@ class DevEnvConnectTest : AfterAllCallback {
     @TestFactory
     @Timeout(value = 5, unit = TimeUnit.MINUTES)
     fun `test connect to devenv`(): Iterator<DynamicTest> = sequence<DynamicTest> {
-        // having issues running on 222, technically works on 223, but cleanup fails
-        assumeTrue(ApplicationInfo.getInstance().build.baselineVersion >= 231)
-
         connectionHandle = runBlocking {
             CawsConnectionProvider().connect(
                 mapOf(
@@ -198,9 +196,21 @@ class DevEnvConnectTest : AfterAllCallback {
             )
         } ?: error("null connection handle")
 
+        yield(test(::`wait for environment ready`))
+
+        // inject token to backend launcher script to enable the host status endpoint
+        println(
+            ssmFactory.executeSshCommand {
+                it.addToRemoteCommand(
+                    """
+                    grep -q "CWM_HOST_STATUS_OVER_HTTP_TOKEN" $IDE_BACKEND_DIR/bin/remote-dev-server.sh || sed -i.bak '2iexport CWM_HOST_STATUS_OVER_HTTP_TOKEN=$hostToken' $IDE_BACKEND_DIR/bin/remote-dev-server.sh
+                    """.trimIndent()
+                )
+            }
+        )
+
         yieldAll(
             listOf(
-                test(::`wait for environment ready`),
                 test(::`poll for bootstrap script availability`),
                 test(::`wait for backend start`),
                 test(::`wait for backend connect`)
@@ -266,12 +276,16 @@ class DevEnvConnectTest : AfterAllCallback {
     fun `wait for backend connect`() = runBlocking {
         waitUntil(
             succeedOn = { status ->
-                status.projects?.any { it.users.size > 1 } == true
+                status?.projects?.any { it.users.size > 1 } == true
             },
             failOn = { connectionHandle.lifetime.isNotAlive },
             maxDuration = Duration.ofMinutes(5),
             call = {
-                UnattendedHostStatus.fromJson(HttpRequests.request(endpoint).readString())
+                // can potentially have a socket reset which will lead to a very confusing error that's hard to debug
+                // due to the Gateway connection executor continuing to run
+                tryOrNull {
+                    UnattendedHostStatus.fromJson(HttpRequests.request(endpoint).readString())
+                }
             }
         )
 

jetbrains-gateway/resources/META-INF/ext-gateway.xml

@@ -9,6 +9,7 @@
         <applicationService serviceImplementation="software.aws.toolkits.jetbrains.gateway.connection.SshAgentService" />
         <applicationService serviceImplementation="software.aws.toolkits.jetbrains.gateway.connection.ThinClientTrackerService" />
 
+        <ssh.config.sshConnectionConfigService.modifier implementation="software.aws.toolkits.jetbrains.gateway.connection.caws.CawsSshConnectionConfigModifier"/>
     </extensions>
     <applicationListeners>
         <listener class="software.aws.toolkits.jetbrains.gateway.GatewayDeprecationNotice" topic="com.intellij.ide.AppLifecycleListener"/>

jetbrains-gateway/src/software/aws/toolkits/jetbrains/gateway/CawsConnectionProvider.kt

@@ -39,7 +39,6 @@ import org.jetbrains.concurrency.AsyncPromise
 import org.jetbrains.concurrency.await
 import software.amazon.awssdk.services.codecatalyst.CodeCatalystClient
 import software.amazon.awssdk.services.codecatalyst.model.DevEnvironmentStatus
-import software.amazon.awssdk.services.codecatalyst.model.InstanceType
 import software.aws.toolkits.core.utils.AttributeBagKey
 import software.aws.toolkits.core.utils.error
 import software.aws.toolkits.core.utils.getLogger
@@ -60,14 +59,13 @@ import software.aws.toolkits.jetbrains.gateway.connection.workflow.CopyScripts
 import software.aws.toolkits.jetbrains.gateway.connection.workflow.InstallPluginBackend.InstallLocalPluginBackend
 import software.aws.toolkits.jetbrains.gateway.connection.workflow.InstallPluginBackend.InstallMarketplacePluginBackend
 import software.aws.toolkits.jetbrains.gateway.connection.workflow.PrimeSshAgent
-import software.aws.toolkits.jetbrains.gateway.connection.workflow.StartBackend
 import software.aws.toolkits.jetbrains.gateway.connection.workflow.TabbedWorkflowEmitter
 import software.aws.toolkits.jetbrains.gateway.connection.workflow.installBundledPluginBackend
+import software.aws.toolkits.jetbrains.gateway.connection.workflow.v2.StartBackendV2
 import software.aws.toolkits.jetbrains.gateway.welcomescreen.WorkspaceListStateChangeContext
 import software.aws.toolkits.jetbrains.gateway.welcomescreen.WorkspaceNotifications
 import software.aws.toolkits.jetbrains.services.caws.CawsProject
 import software.aws.toolkits.jetbrains.utils.execution.steps.Context
-import software.aws.toolkits.jetbrains.utils.execution.steps.Step
 import software.aws.toolkits.jetbrains.utils.execution.steps.StepEmitter
 import software.aws.toolkits.jetbrains.utils.execution.steps.StepExecutor
 import software.aws.toolkits.jetbrains.utils.execution.steps.StepWorkflow
@@ -111,6 +109,7 @@ class CawsConnectionProvider : GatewayConnectionProvider {
         val spaceName = connectionParams.space
         val projectName = connectionParams.project
         val envId = connectionParams.envId
+        val id = WorkspaceIdentifier(CawsProject(spaceName, projectName), envId)
 
         val lifetime = Lifetime.Eternal.createNested()
         val workflowDisposable = Lifetime.Eternal.createNestedDisposable()
@@ -166,12 +165,6 @@ class CawsConnectionProvider : GatewayConnectionProvider {
                                 )
                             }
 
-                            val isSmallInstance = cawsClient.getDevEnvironment {
-                                it.id(envId)
-                                it.projectName(projectName)
-                                it.spaceName(spaceName)
-                            }.instanceType().equals(InstanceType.DEV_STANDARD1_SMALL)
-
                             lifetime.launchIOBackground {
                                 ApplicationManager.getApplication().messageBus.syncPublisher(WorkspaceNotifications.TOPIC)
                                     .environmentStarted(
@@ -278,11 +271,9 @@ class CawsConnectionProvider : GatewayConnectionProvider {
                                 lifetime.createNested(),
                                 parameters,
                                 executor,
-                                gatewayHandle,
-                                envId,
+                                id,
                                 connectionParams.gitSettings,
-                                toolkitInstallSettings,
-                                isSmallInstance
+                                toolkitInstallSettings
                             ).await()
                         }.invokeOnCompletion { e ->
                             if (e == null) {
@@ -391,16 +382,14 @@ class CawsConnectionProvider : GatewayConnectionProvider {
         lifetime: LifetimeDefinition,
         parameters: Map<String, String>,
         executor: CawsCommandExecutor,
-        gatewayHandle: GatewayConnectionHandle,
-        envId: String,
+        envId: WorkspaceIdentifier,
         gitSettings: GitSettings,
         toolkitInstallSettings: ToolkitInstallSettings,
-        isSmallInstance: Boolean
     ): AsyncPromise<Unit> {
         val remoteScriptPath = "/tmp/${UUID.randomUUID()}"
         val remoteProjectName = (gitSettings as? GitSettings.GitRepoSettings)?.repoName
 
-        val steps = buildList<Step> {
+        val steps = buildList {
             add(CopyScripts(remoteScriptPath, executor))
 
             when (gitSettings) {
@@ -430,7 +419,7 @@ class CawsConnectionProvider : GatewayConnectionProvider {
                 }
             }
 
-            add(StartBackend(gatewayHandle, remoteScriptPath, remoteProjectName, executor, lifetime, envId, isSmallInstance))
+            add(StartBackendV2(lifetime, indicator, envId, remoteProjectName))
         }
 
         val promise = AsyncPromise<Unit>()

jetbrains-gateway/src/software/aws/toolkits/jetbrains/gateway/connection/AbstractSsmCommandExecutor.kt

@@ -161,6 +161,8 @@ abstract class AbstractSsmCommandExecutor(private val region: AwsRegion, protect
 
     private fun newSshCommand() = SsmCommandLineFactory(ssmTarget, startSsh(), region).sshCommand()
 
+    fun proxyCommand() = SsmCommandLineFactory(ssmTarget, startSsh(), region).generateProxyCommand()
+
     private companion object {
         private val LOG = getLogger<AbstractSsmCommandExecutor>()
     }

jetbrains-gateway/src/software/aws/toolkits/jetbrains/gateway/connection/SsmCommandLineFactory.kt

@@ -55,7 +55,7 @@ class SsmCommandLineFactory(
             }
     }
 
-    private inner class ProxyCommand(
+    inner class ProxyCommand(
         val exePath: String,
         val ssmPayload: String? = null,
         val environment: Map<String, String> = emptyMap()
@@ -72,7 +72,7 @@ class SsmCommandLineFactory(
         val args = ssmPayload?.let { listOf(it, region.id, "StartSession") }
     }
 
-    private fun generateProxyCommand(): ProxyCommand {
+    fun generateProxyCommand(): ProxyCommand {
         val ssmPluginJson = """
             {
             "streamUrl":"${sessionParameters.streamUrl}", 

jetbrains-gateway/src/software/aws/toolkits/jetbrains/gateway/connection/caws/CawsSshConnectionConfigModifier.kt

@@ -0,0 +1,36 @@
+// Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package software.aws.toolkits.jetbrains.gateway.connection.caws
+
+import com.intellij.ssh.PromiscuousSshHostKeyVerifier
+import com.intellij.ssh.config.SshConnectionConfig
+import com.intellij.ssh.config.SshConnectionConfigService
+import com.intellij.ssh.config.SshProxyConfig
+import software.aws.toolkits.jetbrains.core.awsClient
+import software.aws.toolkits.jetbrains.core.credentials.sono.SonoCredentialManager
+
+class CawsSshConnectionConfigModifier : SshConnectionConfigService.Modifier {
+    override fun modify(initialHost: String, connectionConfig: SshConnectionConfig): SshConnectionConfig {
+        if (!initialHost.startsWith(HOST_PREFIX)) {
+            return connectionConfig
+        }
+
+        val (space, project, envId) = initialHost.substringAfter(HOST_PREFIX).split('/')
+        val executor = CawsCommandExecutor(
+            SonoCredentialManager.getInstance(null).getSettingsAndPromptAuth().awsClient(),
+            ssmTarget = envId,
+            spaceName = space,
+            projectName = project
+        )
+
+        return connectionConfig.copy(
+            proxyConfig = SshProxyConfig.Command(executor.proxyCommand().commandString),
+            hostKeyVerifier = PromiscuousSshHostKeyVerifier
+        )
+    }
+
+    companion object {
+        const val HOST_PREFIX = "aws.codecatalyst:"
+    }
+}

jetbrains-gateway/src/software/aws/toolkits/jetbrains/gateway/connection/workflow/v2/HostContext.kt

@@ -0,0 +1,15 @@
+// Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package software.aws.toolkits.jetbrains.gateway.connection.workflow.v2
+
+import com.jetbrains.gateway.ssh.HighLevelHostAccessor
+import com.jetbrains.gateway.ssh.HostDeployContext
+import com.jetbrains.gateway.ssh.HostDeployInputs
+
+class HostContext(
+    override var config: Unit?,
+    override var deployData: HostDeployInputs?,
+    override val hostAccessor: HighLevelHostAccessor?,
+    override val remoteProjectPath: String?
+) : HostDeployContext<Unit>