Add backwards compatibility (#8)

Author: jeanp413

package.json

@@ -111,6 +111,7 @@
 		"@types/google-protobuf": "^3.7.4",
 		"@types/node": "16.x",
 		"@types/node-fetch": "^2.5.12",
+		"@types/semver": "^7.3.10",
 		"@types/ssh2": "^0.5.52",
 		"@types/tmp": "^0.2.1",
 		"@types/uuid": "8.0.0",
@@ -136,6 +137,7 @@
 		"analytics-node": "^6.0.0",
 		"node-fetch": "2.6.7",
 		"pkce-challenge": "^3.0.0",
+		"semver": "^7.3.7",
 		"ssh2": "^1.10.0",
 		"tmp": "^0.2.1",
 		"uuid": "8.1.0",

src/featureSupport.ts

@@ -0,0 +1,63 @@
+/*---------------------------------------------------------------------------------------------
+ *  Copyright (c) Gitpod. All rights reserved.
+ *  Licensed under the MIT License. See License.txt in the project root for license information.
+ *--------------------------------------------------------------------------------------------*/
+import * as semver from 'semver';
+import fetch from 'node-fetch';
+
+type Feature = |
+    'SSHPublicKeys' |
+    'localHeartbeat';
+
+const DEFAULT_VERSION = '9999.99.99';
+let cacheGitpodVersion: { host: string; version: string } | undefined;
+export async function getGitpodVersion(gitpodHost: string) {
+    const serviceUrl = new URL(gitpodHost).toString().replace(/\/$/, '');
+    if (serviceUrl === 'https://gitpod.io') {
+        return DEFAULT_VERSION;
+    }
+
+    if (serviceUrl === cacheGitpodVersion?.host) {
+        return cacheGitpodVersion.version;
+    }
+
+    let gitpodVersion: string | null;
+    try {
+        const versionEndPoint = `${serviceUrl}/api/version`;
+        const versionResponse = await fetch(versionEndPoint);
+        if (!versionResponse.ok) {
+            return DEFAULT_VERSION;
+        }
+
+        gitpodVersion = await versionResponse.text();
+    } catch (e) {
+        return DEFAULT_VERSION;
+    }
+
+    gitpodVersion = gitpodVersion.replace('release-', '');
+    gitpodVersion = gitpodVersion.replace(/\.\d+$/, '');
+
+    // Remove leading zeros to make it a valid semver
+    const [yy, mm, dd] = gitpodVersion.split('.');
+    gitpodVersion = `${parseInt(yy, 10)}.${parseInt(mm, 10)}.${parseInt(dd, 10)}`;
+
+    gitpodVersion = semver.valid(gitpodVersion);
+    if (!gitpodVersion) {
+        return DEFAULT_VERSION;
+    }
+
+    cacheGitpodVersion = {
+        host: serviceUrl,
+        version: gitpodVersion
+    };
+
+    return cacheGitpodVersion.version;
+}
+
+export function isFeatureSupported(gitpodVersion: string, feature: Feature) {
+    switch (feature) {
+        case 'SSHPublicKeys':
+        case 'localHeartbeat':
+            return semver.gte(gitpodVersion, '2022.7.0'); // Don't use leading zeros
+    }
+}

src/remoteConnector.ts

@@ -24,6 +24,7 @@ import TelemetryReporter from './telemetryReporter';
 import { addHostToHostFile, checkNewHostInHostkeys } from './ssh/hostfile';
 import { checkDefaultIdentityFiles } from './ssh/identityFiles';
 import { HeartbeatManager } from './heartbeat';
+import { getGitpodVersion, isFeatureSupported } from './featureSupport';
 
 interface SSHConnectionParams {
 	workspaceId: string;
@@ -430,11 +431,12 @@ export default class RemoteConnector extends Disposable {
 
 	private async getWorkspaceSSHDestination(accessToken: string, { workspaceId, gitpodHost }: SSHConnectionParams): Promise<{ destination: string; password?: string }> {
 		const serviceUrl = new URL(gitpodHost);
+		const gitpodVersion = await getGitpodVersion(gitpodHost);
 
 		const [workspaceInfo, ownerToken, registeredSSHKeys] = await withServerApi(accessToken, serviceUrl.toString(), service => Promise.all([
 			service.server.getWorkspace(workspaceId),
 			service.server.getOwnerToken(workspaceId),
-			service.server.getSSHPublicKeys()
+			isFeatureSupported(gitpodVersion, 'SSHPublicKeys') ? service.server.getSSHPublicKeys() : undefined
 		]), this.logger);
 
 		if (workspaceInfo.latestInstance?.status?.phase !== 'running') {
@@ -505,47 +507,32 @@ export default class RemoteConnector extends Disposable {
 		let identityFilePaths = await checkDefaultIdentityFiles();
 		this.logger.trace(`Default identity files:`, identityFilePaths.length ? identityFilePaths.toString() : 'None');
 
-		const keyFingerprints = registeredSSHKeys.map(i => i.fingerprint);
-		const publickKeyFiles = await Promise.allSettled(identityFilePaths.map(path => fs.promises.readFile(path + '.pub')));
-		identityFilePaths = identityFilePaths.filter((_, index) => {
-			const result = publickKeyFiles[index];
-			if (result.status === 'rejected') {
-				return false;
-			}
+		if (registeredSSHKeys) {
+			const keyFingerprints = registeredSSHKeys.map(i => i.fingerprint);
+			const publickKeyFiles = await Promise.allSettled(identityFilePaths.map(path => fs.promises.readFile(path + '.pub')));
+			identityFilePaths = identityFilePaths.filter((_, index) => {
+				const result = publickKeyFiles[index];
+				if (result.status === 'rejected') {
+					return false;
+				}
 
-			const parsedResult = sshUtils.parseKey(result.value);
-			if (parsedResult instanceof Error || !parsedResult) {
-				this.logger.error(`Error while parsing SSH public key${identityFilePaths[index] + '.pub'}:`, parsedResult);
-				return false;
-			}
+				const parsedResult = sshUtils.parseKey(result.value);
+				if (parsedResult instanceof Error || !parsedResult) {
+					this.logger.error(`Error while parsing SSH public key${identityFilePaths[index] + '.pub'}:`, parsedResult);
+					return false;
+				}
 
-			const parsedKey = Array.isArray(parsedResult) ? parsedResult[0] : parsedResult;
-			const fingerprint = crypto.createHash('sha256').update(parsedKey.getPublicSSH()).digest('base64');
-			return keyFingerprints.includes(fingerprint);
-		});
-		this.logger.trace(`Registered public keys in Gitpod account:`, identityFilePaths.length ? identityFilePaths.toString() : 'None');
-
-		// Commented this for now as `checkDefaultIdentityFiles` seems enough
-		// Connect to the OpenSSH agent and check for registered keys
-		// let sshKeys: ParsedKey[] | undefined;
-		// try {
-		// 	if (process.env['SSH_AUTH_SOCK']) {
-		// 		sshKeys = await new Promise<ParsedKey[]>((resolve, reject) => {
-		// 			const sshAgent = new OpenSSHAgent(process.env['SSH_AUTH_SOCK']!);
-		// 			sshAgent.getIdentities((err, publicKeys) => {
-		// 				if (err) {
-		// 					reject(err);
-		// 				} else {
-		// 					resolve(publicKeys!);
-		// 				}
-		// 			});
-		// 		});
-		// 	} else {
-		// 		this.logger.error(`'SSH_AUTH_SOCK' env variable not defined, cannot connect to OpenSSH agent`);
-		// 	}
-		// } catch (e) {
-		// 	this.logger.error(`Couldn't get identities from OpenSSH agent`, e);
-		// }
+				const parsedKey = Array.isArray(parsedResult) ? parsedResult[0] : parsedResult;
+				const fingerprint = crypto.createHash('sha256').update(parsedKey.getPublicSSH()).digest('base64');
+				return keyFingerprints.includes(fingerprint);
+			});
+			this.logger.trace(`Registered public keys in Gitpod account:`, identityFilePaths.length ? identityFilePaths.toString() : 'None');
+		} else {
+			if (identityFilePaths.length) {
+				sshDestInfo.user = `${workspaceId}#${ownerToken}`;
+			}
+			this.logger.warn(`Registered SSH public keys not supported in ${gitpodHost}, using version ${gitpodVersion}`);
+		}
 
 		return {
 			destination: Buffer.from(JSON.stringify(sshDestInfo), 'utf8').toString('hex'),
@@ -664,9 +651,17 @@ export default class RemoteConnector extends Disposable {
 			this.logger.info(`Updated 'gitpod.host' setting to '${gitpodHost}' while trying to connect to a Gitpod workspace`);
 		}
 
+		const gitpodVersion = await getGitpodVersion(gitpodHost);
+		const sessionScopes = ['function:getWorkspace', 'function:getOwnerToken', 'function:getLoggedInUser', 'resource:default'];
+		if (isFeatureSupported(gitpodVersion, 'SSHPublicKeys') /* && isFeatureSupported('', 'sendHeartBeat') */) {
+			sessionScopes.push('function:getSSHPublicKeys', 'function:sendHeartBeat');
+		} else {
+			this.logger.warn(`function:getSSHPublicKeys and function:sendHeartBeat session scopes not supported in ${gitpodHost}, using version ${gitpodVersion}`);
+		}
+
 		return vscode.authentication.getSession(
 			'gitpod',
-			['function:getWorkspace', 'function:getOwnerToken', 'function:getLoggedInUser', 'function:getSSHPublicKeys', 'function:sendHeartBeat', 'resource:default'],
+			sessionScopes,
 			{ createIfNone: true }
 		);
 	}
@@ -829,19 +824,31 @@ export default class RemoteConnector extends Disposable {
 
 		await this.context.globalState.update(`${RemoteConnector.SSH_DEST_KEY}${sshDestStr}`, { ...connectionInfo, isFirstConnection: false });
 
-		// gitpod remote extension installation is async so sometimes gitpod-desktop will activate before gitpod-remote
-		// let's wait a few seconds for it to finish install
-		setTimeout(async () => {
-			// Check for gitpod remote extension version to avoid sending heartbeat in both extensions at the same time
-			const isGitpodRemoteHeartbeatCancelled = await cancelGitpodRemoteHeartbeat();
-			if (isGitpodRemoteHeartbeatCancelled) {
-				const session = await this.getGitpodSession(connectionInfo.gitpodHost);
-				if (session) {
-					this.startHeartBeat(session.accessToken, connectionInfo);
+		const gitpodVersion = await getGitpodVersion(connectionInfo.gitpodHost);
+		if (isFeatureSupported(gitpodVersion, 'localHeartbeat')) {
+			// gitpod remote extension installation is async so sometimes gitpod-desktop will activate before gitpod-remote
+			// let's try a few times for it to finish install
+			let retryCount = 10;
+			const tryStartHeartbeat = async () => {
+				// Check for gitpod remote extension version to avoid sending heartbeat in both extensions at the same time
+				const isGitpodRemoteHeartbeatCancelled = await cancelGitpodRemoteHeartbeat();
+				if (isGitpodRemoteHeartbeatCancelled) {
+					const session = await this.getGitpodSession(connectionInfo.gitpodHost);
+					if (session) {
+						this.startHeartBeat(session.accessToken, connectionInfo);
+					}
+					this.telemetry.sendTelemetryEvent('vscode_desktop_heartbeat_state', { enabled: String(!!this.heartbeatManager), gitpodHost: connectionInfo.gitpodHost, workspaceId: connectionInfo.workspaceId, instanceId: connectionInfo.instanceId });
+				} else if (retryCount > 0) {
+					retryCount--;
+					setTimeout(tryStartHeartbeat, 3000);
+				} else {
+					this.telemetry.sendTelemetryEvent('vscode_desktop_heartbeat_state', { enabled: String(false), gitpodHost: connectionInfo.gitpodHost, workspaceId: connectionInfo.workspaceId, instanceId: connectionInfo.instanceId });
 				}
-			}
-			this.telemetry.sendTelemetryEvent('vscode_desktop_heartbeat_state', { enabled: String(!!this.heartbeatManager), gitpodHost: connectionInfo.gitpodHost, workspaceId: connectionInfo.workspaceId, instanceId: connectionInfo.instanceId });
-		}, 7000);
+			};
+			tryStartHeartbeat();
+		} else {
+			this.logger.warn(`Local heatbeat not supported in ${connectionInfo.gitpodHost}, using version ${gitpodVersion}`);
+		}
 	}
 
 	public override async dispose(): Promise<void> {

yarn.lock

@@ -219,6 +219,11 @@
   resolved "https://registry.yarnpkg.com/@types/scheduler/-/scheduler-0.16.2.tgz#1a62f89525723dde24ba1b01b092bf5df8ad4d39"
   integrity sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew==
 
+"@types/semver@^7.3.10":
+  version "7.3.10"
+  resolved "https://registry.yarnpkg.com/@types/semver/-/semver-7.3.10.tgz#5f19ee40cbeff87d916eedc8c2bfe2305d957f73"
+  integrity sha512-zsv3fsC7S84NN6nPK06u79oWgrPVd0NvOyqgghV1haPaFcVxIrP4DLomRwGAXk0ui4HZA7mOcSFL98sMVW9viw==
+
 "@types/ssh2-streams@*":
   version "0.1.9"
   resolved "https://registry.yarnpkg.com/@types/ssh2-streams/-/ssh2-streams-0.1.9.tgz#8ca51b26f08750a780f82ee75ff18d7160c07a87"