Merge branch 'main' into bcpeinhardt/ai-agent-session-in-vscode

Author: bcpeinhardt

CHANGELOG.md

@@ -2,6 +2,20 @@
 
 ## Unreleased
 
+## [v1.7.0](https://github.com/coder/vscode-coder/releases/tag/v1.7.0) (2025-04-03)
+
+### Added
+
+- Add new `/openDevContainer` path, similar to the `/open` path, except this
+  allows connecting to a dev container inside a workspace. For now, the dev
+  container must already be running for this to work.
+
+### Fixed
+
+- When not using token authentication, avoid setting `undefined` for the token
+  header, as Node will throw an error when headers are undefined. Now, we will
+  not set any header at all.
+
 ## [v1.6.0](https://github.com/coder/vscode-coder/releases/tag/v1.6.0) (2025-04-01)
 
 ### Added

package.json

@@ -4,7 +4,7 @@
   "displayName": "Coder",
   "description": "Open any workspace with a single click.",
   "repository": "https://github.com/coder/vscode-coder",
-  "version": "1.6.0",
+  "version": "1.7.0",
   "engines": {
     "vscode": "^1.73.0"
   },
@@ -283,16 +283,16 @@
   "devDependencies": {
     "@types/eventsource": "^3.0.0",
     "@types/glob": "^7.1.3",
-    "@types/node": "^18.0.0",
+    "@types/node": "^22.14.0",
     "@types/node-forge": "^1.3.11",
     "@types/ua-parser-js": "^0.7.39",
     "@types/vscode": "^1.73.0",
-    "@types/ws": "^8.5.11",
+    "@types/ws": "^8.18.1",
     "@typescript-eslint/eslint-plugin": "^6.21.0",
     "@typescript-eslint/parser": "^6.21.0",
     "@vscode/test-electron": "^2.4.1",
     "@vscode/vsce": "^2.21.1",
-    "bufferutil": "^4.0.8",
+    "bufferutil": "^4.0.9",
     "coder": "https://github.com/coder/coder#main",
     "dayjs": "^1.11.13",
     "eslint": "^8.57.1",
@@ -309,22 +309,22 @@
     "utf-8-validate": "^6.0.5",
     "vitest": "^0.34.6",
     "vscode-test": "^1.5.0",
-    "webpack": "^5.94.0",
+    "webpack": "^5.98.0",
     "webpack-cli": "^5.1.4"
   },
   "dependencies": {
     "axios": "1.8.4",
     "date-fns": "^3.6.0",
-    "eventsource": "^3.0.5",
+    "eventsource": "^3.0.6",
     "find-process": "^1.4.7",
     "jsonc-parser": "^3.3.1",
     "memfs": "^4.9.3",
     "node-forge": "^1.3.1",
-    "pretty-bytes": "^6.0.0",
+    "pretty-bytes": "^6.1.1",
     "proxy-agent": "^6.4.0",
     "semver": "^7.6.2",
     "ua-parser-js": "^1.0.38",
-    "ws": "^8.18.0",
+    "ws": "^8.18.1",
     "zod": "^3.23.8"
   },
   "resolutions": {

src/api.ts

@@ -13,6 +13,8 @@ import { getProxyForUrl } from "./proxy"
 import { Storage } from "./storage"
 import { expandPath } from "./util"
 
+export const coderSessionTokenHeader = "Coder-Session-Token"
+
 /**
  * Return whether the API will need a token for authorization.
  * If mTLS is in use (as specified by the cert or key files being set) then
@@ -242,14 +244,15 @@ export async function waitForBuild(
       const baseUrl = new URL(baseUrlRaw)
       const proto = baseUrl.protocol === "https:" ? "wss:" : "ws:"
       const socketUrlRaw = `${proto}//${baseUrl.host}${path}`
+      const token = restClient.getAxiosInstance().defaults.headers.common[coderSessionTokenHeader] as string | undefined
       const socket = new ws.WebSocket(new URL(socketUrlRaw), {
-        headers: {
-          "Coder-Session-Token": restClient.getAxiosInstance().defaults.headers.common["Coder-Session-Token"] as
-            | string
-            | undefined,
-        },
-        followRedirects: true,
         agent: agent,
+        followRedirects: true,
+        headers: token
+          ? {
+              [coderSessionTokenHeader]: token,
+            }
+          : undefined,
       })
       socket.binaryType = "nodebuffer"
       socket.on("message", (data) => {

src/commands.ts

@@ -6,7 +6,7 @@ import { makeCoderSdk, needToken } from "./api"
 import { extractAgents } from "./api-helper"
 import { CertificateError } from "./error"
 import { Storage } from "./storage"
-import { AuthorityPrefix, toSafeHost } from "./util"
+import { toRemoteAuthority, toSafeHost } from "./util"
 import { OpenableTreeItem } from "./workspacesProvider"
 import path from "node:path"
 
@@ -543,6 +543,26 @@ export class Commands {
     await openWorkspace(baseUrl, workspaceOwner, workspaceName, workspaceAgent, folderPath, openRecent)
   }
 
+  /**
+   * Open a devcontainer from a workspace belonging to the currently logged-in deployment.
+   *
+   * Throw if not logged into a deployment.
+   */
+  public async openDevContainer(...args: string[]): Promise<void> {
+    const baseUrl = this.restClient.getAxiosInstance().defaults.baseURL
+    if (!baseUrl) {
+      throw new Error("You are not logged in")
+    }
+
+    const workspaceOwner = args[0] as string
+    const workspaceName = args[1] as string
+    const workspaceAgent = undefined // args[2] is reserved, but we do not support multiple agents yet.
+    const devContainerName = args[3] as string
+    const devContainerFolder = args[4] as string
+
+    await openDevContainer(baseUrl, workspaceOwner, workspaceName, workspaceAgent, devContainerName, devContainerFolder)
+  }
+
   /**
    * Update the current workspace.  If there is no active workspace connection,
    * this is a no-op.
@@ -580,10 +600,7 @@ async function openWorkspace(
 ) {
   // A workspace can have multiple agents, but that's handled
   // when opening a workspace unless explicitly specified.
-  let remoteAuthority = `ssh-remote+${AuthorityPrefix}.${toSafeHost(baseUrl)}--${workspaceOwner}--${workspaceName}`
-  if (workspaceAgent) {
-    remoteAuthority += `.${workspaceAgent}`
-  }
+  const remoteAuthority = toRemoteAuthority(baseUrl, workspaceOwner, workspaceName, workspaceAgent)
 
   let newWindow = true
   // Open in the existing window if no workspaces are open.
@@ -642,3 +659,32 @@ async function openWorkspace(
     reuseWindow: !newWindow,
   })
 }
+
+async function openDevContainer(
+  baseUrl: string,
+  workspaceOwner: string,
+  workspaceName: string,
+  workspaceAgent: string | undefined,
+  devContainerName: string,
+  devContainerFolder: string,
+) {
+  const remoteAuthority = toRemoteAuthority(baseUrl, workspaceOwner, workspaceName, workspaceAgent)
+
+  const devContainer = Buffer.from(JSON.stringify({ containerName: devContainerName }), "utf-8").toString("hex")
+  const devContainerAuthority = `attached-container+${devContainer}@${remoteAuthority}`
+
+  let newWindow = true
+  if (!vscode.workspace.workspaceFolders?.length) {
+    newWindow = false
+  }
+
+  await vscode.commands.executeCommand(
+    "vscode.openFolder",
+    vscode.Uri.from({
+      scheme: "vscode-remote",
+      authority: devContainerAuthority,
+      path: devContainerFolder,
+    }),
+    newWindow,
+  )
+}

src/extension.ts

@@ -22,6 +22,7 @@ export async function activate(ctx: vscode.ExtensionContext): Promise<void> {
   // Cursor and VSCode are covered by ms remote, and the only other is windsurf for now
   // Means that vscodium is not supported by this for now
   const remoteSSHExtension =
+    vscode.extensions.getExtension("jeanp413.open-remote-ssh") ||
     vscode.extensions.getExtension("codeium.windsurf-remote-openssh") ||
     vscode.extensions.getExtension("ms-vscode-remote.remote-ssh")
   if (!remoteSSHExtension) {
@@ -111,6 +112,61 @@ export async function activate(ctx: vscode.ExtensionContext): Promise<void> {
         await storage.configureCli(toSafeHost(url), url, token)
 
         vscode.commands.executeCommand("coder.open", owner, workspace, agent, folder, openRecent)
+      } else if (uri.path === "/openDevContainer") {
+        const workspaceOwner = params.get("owner")
+        const workspaceName = params.get("workspace")
+        const workspaceAgent = params.get("agent")
+        const devContainerName = params.get("devContainerName")
+        const devContainerFolder = params.get("devContainerFolder")
+
+        if (!workspaceOwner) {
+          throw new Error("workspace owner must be specified as a query parameter")
+        }
+
+        if (!workspaceName) {
+          throw new Error("workspace name must be specified as a query parameter")
+        }
+
+        if (!devContainerName) {
+          throw new Error("dev container name must be specified as a query parameter")
+        }
+
+        if (!devContainerFolder) {
+          throw new Error("dev container folder must be specified as a query parameter")
+        }
+
+        // We are not guaranteed that the URL we currently have is for the URL
+        // this workspace belongs to, or that we even have a URL at all (the
+        // queries will default to localhost) so ask for it if missing.
+        // Pre-populate in case we do have the right URL so the user can just
+        // hit enter and move on.
+        const url = await commands.maybeAskUrl(params.get("url"), storage.getUrl())
+        if (url) {
+          restClient.setHost(url)
+          await storage.setUrl(url)
+        } else {
+          throw new Error("url must be provided or specified as a query parameter")
+        }
+
+        // If the token is missing we will get a 401 later and the user will be
+        // prompted to sign in again, so we do not need to ensure it is set now.
+        // For non-token auth, we write a blank token since the `vscodessh`
+        // command currently always requires a token file.  However, if there is
+        // a query parameter for non-token auth go ahead and use it anyway; all
+        // that really matters is the file is created.
+        const token = needToken() ? params.get("token") : (params.get("token") ?? "")
+
+        // Store on disk to be used by the cli.
+        await storage.configureCli(toSafeHost(url), url, token)
+
+        vscode.commands.executeCommand(
+          "coder.openDevContainer",
+          workspaceOwner,
+          workspaceName,
+          workspaceAgent,
+          devContainerName,
+          devContainerFolder,
+        )
       } else {
         throw new Error(`Unknown path ${uri.path}`)
       }
@@ -123,6 +179,7 @@ export async function activate(ctx: vscode.ExtensionContext): Promise<void> {
   vscode.commands.registerCommand("coder.login", commands.login.bind(commands))
   vscode.commands.registerCommand("coder.logout", commands.logout.bind(commands))
   vscode.commands.registerCommand("coder.open", commands.open.bind(commands))
+  vscode.commands.registerCommand("coder.openDevContainer", commands.openDevContainer.bind(commands))
   vscode.commands.registerCommand("coder.openFromSidebar", commands.openFromSidebar.bind(commands))
   vscode.commands.registerCommand("coder.openAppStatus", commands.openAppStatus.bind(commands))
   vscode.commands.registerCommand("coder.workspace.update", commands.updateWorkspace.bind(commands))

src/inbox.ts

@@ -3,6 +3,7 @@ import { Workspace, GetInboxNotificationResponse } from "coder/site/src/api/type
 import { ProxyAgent } from "proxy-agent"
 import * as vscode from "vscode"
 import { WebSocket } from "ws"
+import { coderSessionTokenHeader } from "./api"
 import { errToStr } from "./api-helper"
 import { type Storage } from "./storage"
 
@@ -37,15 +38,15 @@ export class Inbox implements vscode.Disposable {
     const socketProto = baseUrl.protocol === "https:" ? "wss:" : "ws:"
     const socketUrl = `${socketProto}//${baseUrl.host}/api/v2/notifications/inbox/watch?format=plaintext&templates=${watchTemplatesParam}&targets=${watchTargetsParam}`
 
-    const coderSessionTokenHeader = "Coder-Session-Token"
+    const token = restClient.getAxiosInstance().defaults.headers.common[coderSessionTokenHeader] as string | undefined
     this.#socket = new WebSocket(new URL(socketUrl), {
-      followRedirects: true,
       agent: httpAgent,
-      headers: {
-        [coderSessionTokenHeader]: restClient.getAxiosInstance().defaults.headers.common[coderSessionTokenHeader] as
-          | string
-          | undefined,
-      },
+      followRedirects: true,
+      headers: token
+        ? {
+            [coderSessionTokenHeader]: token,
+          }
+        : undefined,
     })
 
     this.#socket.on("open", () => {

src/util.ts

@@ -61,6 +61,19 @@ export function parseRemoteAuthority(authority: string): AuthorityParts | null {
   }
 }
 
+export function toRemoteAuthority(
+  baseUrl: string,
+  workspaceOwner: string,
+  workspaceName: string,
+  workspaceAgent: string | undefined,
+): string {
+  let remoteAuthority = `ssh-remote+${AuthorityPrefix}.${toSafeHost(baseUrl)}--${workspaceOwner}--${workspaceName}`
+  if (workspaceAgent) {
+    remoteAuthority += `.${workspaceAgent}`
+  }
+  return remoteAuthority
+}
+
 /**
  * Given a URL, return the host in a format that is safe to write.
  */