fix(codecatalyst): disallow non-vscode Dev Environment #3303

Problem:
If customer changed the "IDE runtime" (in the CodeCatalyst console), AWS
Toolkit will attempt to reconnect to the Dev Environment, which is
inconsistent with other IDEs (jetbrains, cloud9).

Solution:
Check the `ides` field on connect. Disconnect if the ide runtime is not "vscode".

Author: justinmk3

.changes/next-release/Bug Fix-5ec947ce-d7aa-439a-b77c-110a309bcc00.json

@@ -0,0 +1,4 @@
+{
+	"type": "Bug Fix",
+	"description": "CodeCatalyst: Toolkit attempts reconnect to non-vscode Dev Environment"
+}

src/codecatalyst/activation.ts

@@ -20,6 +20,9 @@ import { dontShow } from '../shared/localizedText'
 import { isCloud9 } from '../shared/extensionUtilities'
 import { Commands } from '../shared/vscode/commands2'
 import { getCodeCatalystConfig } from '../shared/clients/codecatalystClient'
+import { getThisDevEnv } from './model'
+import { isDevenvVscode } from './utils'
+import { getLogger } from '../shared/logger/logger'
 
 const localize = nls.loadMessageBundle()
 
@@ -54,13 +57,22 @@ export async function activate(ctx: ExtContext): Promise<void> {
         watchRestartingDevEnvs(ctx, authProvider)
     }
 
-    const devenvClient = new DevEnvClient()
-    if (devenvClient.id) {
-        ctx.extensionContext.subscriptions.push(registerDevfileWatcher(devenvClient))
+    ctx.extensionContext.subscriptions.push(DevEnvClient.instance)
+    if (DevEnvClient.instance.id) {
+        ctx.extensionContext.subscriptions.push(registerDevfileWatcher(DevEnvClient.instance))
     }
 
     const settings = PromptSettings.instance
     if (getCodeCatalystDevEnvId()) {
+        const thisDevenv = await getThisDevEnv(authProvider)
+        getLogger().info('codecatalyst: Dev Environment ides=%O', thisDevenv?.summary.ides)
+        if (thisDevenv && !isDevenvVscode(thisDevenv.summary.ides)) {
+            // Prevent Toolkit from reconnecting to a "non-vscode" devenv by actively closing it.
+            // Can happen if devenv is switched to ides="cloud9", etc.
+            vscode.commands.executeCommand('workbench.action.remote.close')
+            return
+        }
+
         if (await settings.isPromptEnabled('remoteConnected')) {
             const message = localize(
                 'AWS.codecatalyst.connectedMessage',

src/codecatalyst/devfile.ts

@@ -16,7 +16,7 @@ import { checkUnsavedChanges } from '../shared/utilities/workspaceUtils'
 import { ToolkitError } from '../shared/errors'
 
 async function updateDevfile(uri: vscode.Uri): Promise<void> {
-    const client = new DevEnvClient()
+    const client = DevEnvClient.instance
     if (!client.isCodeCatalystDevEnv()) {
         throw new Error('Cannot update devfile outside a Dev Environment')
     }
@@ -60,7 +60,7 @@ export class DevfileCodeLensProvider implements vscode.CodeLensProvider {
 
     public constructor(
         registry: DevfileRegistry,
-        private readonly client = new DevEnvClient(),
+        private readonly client = DevEnvClient.instance,
         workspace: Workspace = vscode.workspace
     ) {
         this.disposables.push(this._onDidChangeCodeLenses)

src/codecatalyst/explorer.ts

@@ -6,16 +6,14 @@
 import * as vscode from 'vscode'
 import { RootNode } from '../awsexplorer/localExplorer'
 import { Connection, createBuilderIdConnection, isBuilderIdConnection } from '../credentials/auth'
-import { createClient, DevEnvironment } from '../shared/clients/codecatalystClient'
-import { UnknownError } from '../shared/errors'
+import { DevEnvironment } from '../shared/clients/codecatalystClient'
 import { isCloud9 } from '../shared/extensionUtilities'
 import { addColor, getIcon } from '../shared/icons'
-import { getLogger } from '../shared/logger/logger'
 import { TreeNode } from '../shared/treeview/resourceTreeDataProvider'
 import { Commands } from '../shared/vscode/commands2'
 import { CodeCatalystAuthenticationProvider } from './auth'
 import { CodeCatalystCommands } from './commands'
-import { ConnectedDevEnv, getConnectedDevEnv, getDevfileLocation } from './model'
+import { ConnectedDevEnv, getDevfileLocation, getThisDevEnv } from './model'
 import * as codecatalyst from './model'
 
 const getStartedCommand = Commands.register(
@@ -127,7 +125,7 @@ export class CodeCatalystRootNode implements RootNode {
     }
 
     public async getTreeItem() {
-        this.devenv = await this.getDevEnv()
+        this.devenv = await getThisDevEnv(this.authProvider)
 
         const item = new vscode.TreeItem('CodeCatalyst', vscode.TreeItemCollapsibleState.Collapsed)
         item.contextValue = this.authProvider.isUsingSavedConnection
@@ -143,18 +141,4 @@ export class CodeCatalystRootNode implements RootNode {
 
         return item
     }
-
-    private async getDevEnv() {
-        try {
-            await this.authProvider.restore()
-            const conn = this.authProvider.activeConnection
-            if (conn !== undefined && this.authProvider.auth.getConnectionState(conn) === 'valid') {
-                const client = await createClient(conn)
-
-                return await getConnectedDevEnv(client)
-            }
-        } catch (err) {
-            getLogger().warn(`codecatalyst: failed to get Dev Environment: ${UnknownError.cast(err).message}`)
-        }
-    }
 }

src/codecatalyst/model.ts

@@ -8,6 +8,7 @@ import globals from '../shared/extensionGlobals'
 import * as vscode from 'vscode'
 import * as path from 'path'
 import {
+    createClient,
     CodeCatalystClient,
     DevEnvironment,
     CodeCatalystRepo,
@@ -21,11 +22,13 @@ import { writeFile } from 'fs-extra'
 import { sshAgentSocketVariable, startSshAgent, startVscodeRemote } from '../shared/extensions/ssh'
 import { ChildProcess } from '../shared/utilities/childProcess'
 import { ensureDependencies, hostNamePrefix } from './tools'
-import { isCodeCatalystVSCode } from './utils'
+import { isDevenvVscode } from './utils'
 import { Timeout } from '../shared/utilities/timeoutUtils'
 import { Commands } from '../shared/vscode/commands2'
 import { areEqual } from '../shared/utilities/pathUtils'
 import { fileExists } from '../shared/filesystemUtilities'
+import { CodeCatalystAuthenticationProvider } from './auth'
+import { UnknownError } from '../shared/errors'
 
 export type DevEnvironmentId = Pick<DevEnvironment, 'id' | 'org' | 'project'>
 
@@ -150,7 +153,7 @@ export interface ConnectedDevEnv {
 
 export async function getConnectedDevEnv(
     codeCatalystClient: CodeCatalystClient,
-    devenvClient = new DevEnvClient()
+    devenvClient = DevEnvClient.instance
 ): Promise<ConnectedDevEnv | undefined> {
     const devEnvId = devenvClient.id
     if (!devEnvId || !devenvClient.isCodeCatalystDevEnv()) {
@@ -173,6 +176,23 @@ export async function getConnectedDevEnv(
     return { summary, devenvClient: devenvClient }
 }
 
+/**
+ * Gets the current devenv that Toolkit is running in, if any.
+ */
+export async function getThisDevEnv(authProvider: CodeCatalystAuthenticationProvider) {
+    try {
+        await authProvider.restore()
+        const conn = authProvider.activeConnection
+        if (conn !== undefined && authProvider.auth.getConnectionState(conn) === 'valid') {
+            const client = await createClient(conn)
+            return await getConnectedDevEnv(client)
+        }
+    } catch (err) {
+        getLogger().warn(`codecatalyst: failed to get Dev Environment: ${UnknownError.cast(err).message}`)
+    }
+    return undefined
+}
+
 /**
  * Everything needed to connect to a dev environment via VS Code or `ssh`
  */
@@ -313,7 +333,7 @@ export function associateDevEnv(
         const devenvs = await client
             .listResources('devEnvironment')
             .flatten()
-            .filter(env => env.repositories.length > 0 && isCodeCatalystVSCode(env.ides))
+            .filter(env => env.repositories.length > 0 && isDevenvVscode(env.ides))
             .toMap(env => `${env.org.name}.${env.project.name}.${env.repositories[0].repositoryName}`)
 
         yield* repos.map(repo => ({

src/codecatalyst/reconnect.ts

@@ -15,7 +15,7 @@ import { showViewLogsMessage } from '../shared/utilities/messages'
 import { CodeCatalystAuthenticationProvider } from './auth'
 import { getCodeCatalystDevEnvId } from '../shared/vscode/env'
 import globals from '../shared/extensionGlobals'
-import { recordSource } from './utils'
+import { isDevenvVscode, recordSource } from './utils'
 
 const localize = nls.loadMessageBundle()
 
@@ -28,6 +28,7 @@ export function watchRestartingDevEnvs(ctx: ExtContext, authProvider: CodeCataly
         if (restartHandled || conn === undefined || authProvider.auth.getConnectionState(conn) !== 'valid') {
             return
         }
+        getLogger().info(`codecatalyst: reconnect: onDidChangeActiveConnection: startUrl=${conn.startUrl}`)
 
         const client = await createClient(conn)
         const envId = getCodeCatalystDevEnvId()
@@ -81,7 +82,7 @@ async function reconnectDevEnvs(client: CodeCatalystClient, ctx: ExtContext): Pr
     const polledDevEnvs = devenvNames.join(', ')
     const progressTitle = localize(
         'AWS.codecatalyst.reconnect.restarting',
-        'The following devenvs are restarting: {0}',
+        'Dev Environments restarting: {0}',
         polledDevEnvs
     )
     vscode.window.withProgress(
@@ -143,6 +144,7 @@ async function pollDevEnvs(
     await setWatchedDevEnvStatus(memento, devenvs, true)
 
     const shouldCloseRootInstance = Object.keys(devenvs).length === 1
+    getLogger().info(`codecatalyst: reconnect: pollDevEnvs: ${Object.keys(devenvs).length}`)
 
     while (Object.keys(devenvs).length > 0) {
         if (token.isCancellationRequested) {
@@ -152,7 +154,6 @@ async function pollDevEnvs(
 
         for (const id in devenvs) {
             const details = devenvs[id]
-
             const devenvName = getDevEnvName(details.alias, id)
 
             try {
@@ -162,18 +163,31 @@ async function pollDevEnvs(
                     projectName: details.projectName,
                 })
 
+                const ide = metadata.ides?.[0]?.name
+                getLogger().info(`codecatalyst: reconnect: ides=${ide} statusReason=${metadata.statusReason}`)
+
                 if (metadata?.status === 'RUNNING') {
                     progress.report({
                         message: `Dev Environment ${devenvName} is now running. Attempting to reconnect.`,
                     })
 
                     openReconnectedDevEnv(client, id, details, shouldCloseRootInstance)
 
-                    // We no longer need to watch this devenv anymore because it's already being re-opened in SSH
+                    // Don't watch this devenv, it is already being re-opened in SSH.
+                    delete devenvs[id]
+                } else if (!isDevenvVscode(metadata.ides)) {
+                    // Technically vscode _can_ connect to a ideRuntime=jetbrains/cloud9 devenv, but
+                    // we refuse to anyway so that the experience is consistent with other IDEs
+                    // (jetbrains/cloud9) which are not capable of connecting to a devenv that lacks
+                    // their runtime/bootstrap files.
+                    const ide = metadata.ides?.[0]
+                    const toIde = ide ? ` to "${ide.name}"` : ''
+                    progress.report({ message: `Dev Environment ${devenvName} was switched${toIde}` })
+                    // Don't watch devenv that is no longer connectable.
                     delete devenvs[id]
                 } else if (isTerminating(metadata)) {
                     progress.report({ message: `Dev Environment ${devenvName} is terminating` })
-                    // We no longer need to watch a devenv that is in a terminating state
+                    // Don't watch devenv that is terminating.
                     delete devenvs[id]
                 } else if (isExpired(details.previousConnectionTimestamp)) {
                     progress.report({ message: `Dev Environment ${devenvName} has expired` })
@@ -192,7 +206,6 @@ function isTerminating(devenv: Pick<DevEnvironment, 'status'>): boolean {
     if (!devenv.status) {
         return false
     }
-
     return devenv.status === 'FAILED' || devenv.status === 'DELETING' || devenv.status === 'DELETED'
 }
 

src/codecatalyst/utils.ts

@@ -52,7 +52,8 @@ export function openCodeCatalystUrl(o: CodeCatalystResource) {
     vscode.env.openExternal(vscode.Uri.parse(url))
 }
 
-export function isCodeCatalystVSCode(ides: Ides | undefined): boolean {
+/** Returns true if the dev env has a "vscode" IDE runtime. */
+export function isDevenvVscode(ides: Ides | undefined): boolean {
     return ides !== undefined && ides.findIndex(ide => ide.name === 'VSCode') !== -1
 }
 

src/codecatalyst/wizards/selectResource.ts

@@ -17,7 +17,7 @@ import { AsyncCollection } from '../../shared/utilities/asyncCollection'
 import { getRelativeDate } from '../../shared/utilities/textUtilities'
 import { isValidResponse } from '../../shared/wizards/wizard'
 import { associateDevEnv, docs } from '../model'
-import { getHelpUrl, isCodeCatalystVSCode } from '../utils'
+import { getHelpUrl, isDevenvVscode } from '../utils'
 
 export function createRepoLabel(r: codecatalyst.CodeCatalystRepo): string {
     return `${r.org.name} / ${r.project.name} / ${r.name}`
@@ -144,7 +144,7 @@ export function createDevEnvPrompter(
 ): QuickPickPrompter<codecatalyst.DevEnvironment> {
     const helpUri = isCloud9() ? docs.cloud9.devenv : docs.vscode.devenv
     const envs = proj ? client.listDevEnvironments(proj) : client.listResources('devEnvironment')
-    const filtered = envs.map(arr => arr.filter(env => isCodeCatalystVSCode(env.ides)))
+    const filtered = envs.map(arr => arr.filter(env => isDevenvVscode(env.ides)))
     const isData = <T>(obj: T | DataQuickPickItem<T>['data']): obj is T => {
         return typeof obj !== 'function' && isValidResponse(obj)
     }

src/shared/clients/devenvClient.ts

@@ -3,14 +3,65 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
+import * as vscode from 'vscode'
 import got from 'got'
+import globals from '../extensionGlobals'
+import { getLogger } from '../logger/logger'
 import { getCodeCatalystDevEnvId } from '../vscode/env'
 
 const environmentAuthToken = '__MDE_ENV_API_AUTHORIZATION_TOKEN'
 const environmentEndpoint = 'http://127.0.0.1:1339'
 
-export class DevEnvClient {
-    public constructor(private readonly endpoint: string = environmentEndpoint) {}
+/**
+ * Client to the MDE quasi-IMDS localhost endpoint.
+ */
+export class DevEnvClient implements vscode.Disposable {
+    static #instance: DevEnvClient
+    private readonly timer
+    private lastStatus = ''
+    private onStatusChangeFn: undefined | ((oldStatus: string, newStatus: string) => void)
+
+    /** Singleton instance (to avoid multiple polling workers). */
+    public static get instance() {
+        return (this.#instance ??= new this())
+    }
+
+    /** @internal */
+    public constructor(private readonly endpoint: string = environmentEndpoint) {
+        if (!this.id) {
+            getLogger().debug('codecatalyst: DevEnvClient skipped (local)')
+            this.timer = undefined
+        } else {
+            getLogger().info('codecatalyst: DevEnvClient started')
+            this.timer = globals.clock.setInterval(async () => {
+                const r = await this.getStatus()
+                if (this.lastStatus !== r.status) {
+                    const newStatus = r.status ?? 'NULL'
+                    getLogger().info(
+                        'codecatalyst: DevEnvClient: status change (old=%s new=%s)%s%s',
+                        this.lastStatus,
+                        newStatus,
+                        r.actionId ? ` action=${r.actionId}` : '',
+                        r.message ? `: "${r.message}"` : ''
+                    )
+                    if (this.onStatusChangeFn) {
+                        this.onStatusChangeFn(this.lastStatus, newStatus)
+                    }
+                    this.lastStatus = newStatus ?? 'NULL'
+                }
+            }, 1000)
+        }
+    }
+
+    public onStatusChange(fn: (oldStatus: string, newStatus: string) => void) {
+        this.onStatusChangeFn = fn
+    }
+
+    public dispose() {
+        if (this.timer) {
+            globals.clock.clearInterval(this.timer)
+        }
+    }
 
     public get id(): string | undefined {
         return getCodeCatalystDevEnvId()
@@ -33,6 +84,9 @@ export class DevEnvClient {
     }
 
     // Get status and action type
+    //
+    // Example:
+    //      { status: 'IMAGES-UPDATE-AVAILABLE', location: 'devfile.yaml' }
     public async getStatus(): Promise<GetStatusResponse> {
         const response = await this.got<GetStatusResponse>('status')
 
@@ -75,4 +129,12 @@ export interface StartDevfileRequest {
     recreateHomeVolumes?: boolean
 }
 
-export type Status = 'PENDING' | 'STABLE' | 'CHANGED'
+export type Status =
+    | 'PENDING'
+    | 'STABLE'
+    | 'CHANGED'
+    /**
+     * The image on-disk in the DE is different from the one in the container registry.
+     * Client should call "/devfile/pull" to pull the latest image from the registry.
+     */
+    | 'IMAGES-UPDATE-AVAILABLE'