Disable JetBrains local ports forwarding with FF (#20274)

* Disable gitpod port forwarding

* Use FF and env to control port exposing

* Rename to `forwarding`

* disable local ports forwarding only

Author: mustard-mh

components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt

@@ -13,7 +13,6 @@ import com.intellij.util.application
 import com.jetbrains.rd.platform.codeWithMe.portForwarding.*
 import com.jetbrains.rd.util.URI
 import com.jetbrains.rd.util.lifetime.Lifetime
-import com.jetbrains.rd.util.threading.coroutines.launch
 import io.gitpod.supervisor.api.Status
 import io.gitpod.supervisor.api.Status.PortsStatus
 import io.gitpod.supervisor.api.StatusServiceGrpc
@@ -41,6 +40,10 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService
     private fun start() {
         if (application.isHeadlessEnvironment) return
 
+        if (isLocalPortForwardingDisabled()) {
+            thisLogger().warn("gitpod: Local port forwarding is disabled.")
+        }
+
         observePortsListWhileProjectIsOpen()
     }
 
@@ -77,7 +80,7 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService
         val portsStatusRequest = Status.PortsStatusRequest.newBuilder().setObserve(true).build()
 
         val portsStatusResponseObserver = object :
-                ClientResponseObserver<Status.PortsStatusRequest, Status.PortsStatusResponse> {
+            ClientResponseObserver<Status.PortsStatusRequest, Status.PortsStatusResponse> {
             override fun beforeStart(request: ClientCallStreamObserver<Status.PortsStatusRequest>) {
                 lifetime.onTerminationOrNow { request.cancel("gitpod: Service lifetime terminated.", null) }
             }
@@ -100,6 +103,10 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService
         return completableFuture
     }
 
+    private fun isLocalPortForwardingDisabled(): Boolean {
+        return System.getenv("GITPOD_DISABLE_JETBRAINS_LOCAL_PORT_FORWARDING")?.toBoolean() ?: false
+    }
+
     private fun syncPortsListWithClient(response: Status.PortsStatusResponse) {
         val ignoredPorts = ignoredPortsForNotificationService.getIgnoredPorts()
         val portsList = response.portsList.filter { !ignoredPorts.contains(it.localPort) }
@@ -114,11 +121,11 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService
             perClientPortForwardingManager.getPorts(it.localPort).none { p -> p.labels.contains(EXPOSED_PORT_LABEL) }
         }
         val forwardedPortsToStopForwarding = perClientPortForwardingManager.getPorts(FORWARDED_PORT_LABEL)
-                .map { it.hostPortNumber }
-                .filter { portsNumbersFromNonServedPorts.contains(it) || !portsNumbersFromPortsList.contains(it) }
+            .map { it.hostPortNumber }
+            .filter { portsNumbersFromNonServedPorts.contains(it) || !portsNumbersFromPortsList.contains(it) }
         val exposedPortsToStopExposingOnClient = perClientPortForwardingManager.getPorts(EXPOSED_PORT_LABEL)
-                .map { it.hostPortNumber }
-                .filter { portsNumbersFromNonServedPorts.contains(it) || !portsNumbersFromPortsList.contains(it) }
+            .map { it.hostPortNumber }
+            .filter { portsNumbersFromNonServedPorts.contains(it) || !portsNumbersFromPortsList.contains(it) }
 
         servedPortsToStartForwarding.forEach { startForwarding(it) }
 
@@ -132,11 +139,14 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService
     }
 
     private fun startForwarding(portStatus: PortsStatus) {
+        if (isLocalPortForwardingDisabled()) {
+            return
+        }
         try {
             perClientPortForwardingManager.forwardPort(
-                    portStatus.localPort,
-                    PortType.TCP,
-                    setOf(FORWARDED_PORT_LABEL),
+                portStatus.localPort,
+                PortType.TCP,
+                setOf(FORWARDED_PORT_LABEL),
             )
         } catch (throwable: Throwable) {
             if (throwable !is PortAlreadyForwardedException) {
@@ -147,22 +157,22 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService
 
     private fun stopForwarding(hostPort: Int) {
         perClientPortForwardingManager.getPorts(hostPort)
-                .filter { it.labels.contains(FORWARDED_PORT_LABEL) }
-                .forEach { perClientPortForwardingManager.removePort(it) }
+            .filter { it.labels.contains(FORWARDED_PORT_LABEL) }
+            .forEach { perClientPortForwardingManager.removePort(it) }
     }
 
     private fun startExposingOnClient(portStatus: PortsStatus) {
         perClientPortForwardingManager.exposePort(
-                portStatus.localPort,
-                portStatus.exposed.url,
-                setOf(EXPOSED_PORT_LABEL),
+            portStatus.localPort,
+            portStatus.exposed.url,
+            setOf(EXPOSED_PORT_LABEL),
         )
     }
 
     private fun stopExposingOnClient(hostPort: Int) {
         perClientPortForwardingManager.getPorts(hostPort)
-                .filter { it.labels.contains(EXPOSED_PORT_LABEL) }
-                .forEach { perClientPortForwardingManager.removePort(it) }
+            .filter { it.labels.contains(EXPOSED_PORT_LABEL) }
+            .forEach { perClientPortForwardingManager.removePort(it) }
     }
 
     private fun updatePortsPresentation(portStatus: PortsStatus) {

components/server/src/workspace/workspace-starter.ts

@@ -1552,16 +1552,20 @@ export class WorkspaceStarter {
         sysEnvvars.push(orgIdEnv);
 
         const client = getExperimentsClientForBackend();
-        const [isSetJavaXmx, isSetJavaProcessorCount] = await Promise.all([
+        const [isSetJavaXmx, isSetJavaProcessorCount, disableJetBrainsLocalPortForwarding] = await Promise.all([
             client
                 .getValueAsync("supervisor_set_java_xmx", false, { user })
                 .then((v) => newEnvVar("GITPOD_IS_SET_JAVA_XMX", String(v))),
             client
                 .getValueAsync("supervisor_set_java_processor_count", false, { user })
                 .then((v) => newEnvVar("GITPOD_IS_SET_JAVA_PROCESSOR_COUNT", String(v))),
+            client
+                .getValueAsync("disable_jetbrains_local_port_forwarding", false, { user })
+                .then((v) => newEnvVar("GITPOD_DISABLE_JETBRAINS_LOCAL_PORT_FORWARDING", String(v))),
         ]);
         sysEnvvars.push(isSetJavaXmx);
         sysEnvvars.push(isSetJavaProcessorCount);
+        sysEnvvars.push(disableJetBrainsLocalPortForwarding);
         const spec = new StartWorkspaceSpec();
         await createGitpodTokenPromise;
         spec.setEnvvarsList(envvars);