From ed0a8d8bc347f88e0206efbaad03bcb985f0a846 Mon Sep 17 00:00:00 2001 From: hwen Date: Tue, 8 Oct 2024 17:56:49 +0800 Subject: [PATCH 1/4] Disable gitpod port forwarding --- .../AbstractGitpodPortForwardingService.kt | 57 +++++++++---------- 1 file changed, 28 insertions(+), 29 deletions(-) diff --git a/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt b/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt index 27a9a6d0d2188f..d193fd0505880c 100644 --- a/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt +++ b/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt @@ -13,7 +13,6 @@ import com.intellij.util.application import com.jetbrains.rd.platform.codeWithMe.portForwarding.* import com.jetbrains.rd.util.URI import com.jetbrains.rd.util.lifetime.Lifetime -import com.jetbrains.rd.util.threading.coroutines.launch import io.gitpod.supervisor.api.Status import io.gitpod.supervisor.api.Status.PortsStatus import io.gitpod.supervisor.api.StatusServiceGrpc @@ -101,34 +100,34 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService } private fun syncPortsListWithClient(response: Status.PortsStatusResponse) { - val ignoredPorts = ignoredPortsForNotificationService.getIgnoredPorts() - val portsList = response.portsList.filter { !ignoredPorts.contains(it.localPort) } - val portsNumbersFromPortsList = portsList.map { it.localPort } - val servedPorts = portsList.filter { it.served } - val exposedPorts = servedPorts.filter { it.exposed?.url?.isNotBlank() ?: false } - val portsNumbersFromNonServedPorts = portsList.filter { !it.served }.map { it.localPort } - val servedPortsToStartForwarding = servedPorts.filter { - perClientPortForwardingManager.getPorts(it.localPort).none { p -> p.labels.contains(FORWARDED_PORT_LABEL) } - } - val exposedPortsToStartExposingOnClient = exposedPorts.filter { - perClientPortForwardingManager.getPorts(it.localPort).none { p -> p.labels.contains(EXPOSED_PORT_LABEL) } - } - val forwardedPortsToStopForwarding = perClientPortForwardingManager.getPorts(FORWARDED_PORT_LABEL) - .map { it.hostPortNumber } - .filter { portsNumbersFromNonServedPorts.contains(it) || !portsNumbersFromPortsList.contains(it) } - val exposedPortsToStopExposingOnClient = perClientPortForwardingManager.getPorts(EXPOSED_PORT_LABEL) - .map { it.hostPortNumber } - .filter { portsNumbersFromNonServedPorts.contains(it) || !portsNumbersFromPortsList.contains(it) } - - servedPortsToStartForwarding.forEach { startForwarding(it) } - - exposedPortsToStartExposingOnClient.forEach { startExposingOnClient(it) } - - forwardedPortsToStopForwarding.forEach { stopForwarding(it) } - - exposedPortsToStopExposingOnClient.forEach { stopExposingOnClient(it) } - - portsList.forEach { updatePortsPresentation(it) } +// val ignoredPorts = ignoredPortsForNotificationService.getIgnoredPorts() +// val portsList = response.portsList.filter { !ignoredPorts.contains(it.localPort) } +// val portsNumbersFromPortsList = portsList.map { it.localPort } +// val servedPorts = portsList.filter { it.served } +// val exposedPorts = servedPorts.filter { it.exposed?.url?.isNotBlank() ?: false } +// val portsNumbersFromNonServedPorts = portsList.filter { !it.served }.map { it.localPort } +// val servedPortsToStartForwarding = servedPorts.filter { +// perClientPortForwardingManager.getPorts(it.localPort).none { p -> p.labels.contains(FORWARDED_PORT_LABEL) } +// } +// val exposedPortsToStartExposingOnClient = exposedPorts.filter { +// perClientPortForwardingManager.getPorts(it.localPort).none { p -> p.labels.contains(EXPOSED_PORT_LABEL) } +// } +// val forwardedPortsToStopForwarding = perClientPortForwardingManager.getPorts(FORWARDED_PORT_LABEL) +// .map { it.hostPortNumber } +// .filter { portsNumbersFromNonServedPorts.contains(it) || !portsNumbersFromPortsList.contains(it) } +// val exposedPortsToStopExposingOnClient = perClientPortForwardingManager.getPorts(EXPOSED_PORT_LABEL) +// .map { it.hostPortNumber } +// .filter { portsNumbersFromNonServedPorts.contains(it) || !portsNumbersFromPortsList.contains(it) } +// +// servedPortsToStartForwarding.forEach { startForwarding(it) } +// +// exposedPortsToStartExposingOnClient.forEach { startExposingOnClient(it) } +// +// forwardedPortsToStopForwarding.forEach { stopForwarding(it) } +// +// exposedPortsToStopExposingOnClient.forEach { stopExposingOnClient(it) } +// +// portsList.forEach { updatePortsPresentation(it) } } private fun startForwarding(portStatus: PortsStatus) { From 3b1b0c47eb365c79273e5ff5985eb6051cf22b67 Mon Sep 17 00:00:00 2001 From: hwen Date: Wed, 9 Oct 2024 15:16:04 +0800 Subject: [PATCH 2/4] Use FF and env to control port exposing --- .../AbstractGitpodPortForwardingService.kt | 86 ++++++++++--------- .../server/src/workspace/workspace-starter.ts | 4 +- 2 files changed, 50 insertions(+), 40 deletions(-) diff --git a/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt b/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt index d193fd0505880c..d342d995735421 100644 --- a/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt +++ b/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt @@ -76,7 +76,7 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService val portsStatusRequest = Status.PortsStatusRequest.newBuilder().setObserve(true).build() val portsStatusResponseObserver = object : - ClientResponseObserver { + ClientResponseObserver { override fun beforeStart(request: ClientCallStreamObserver) { lifetime.onTerminationOrNow { request.cancel("gitpod: Service lifetime terminated.", null) } } @@ -99,43 +99,51 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService return completableFuture } + private fun isPortExposingDisabled(): Boolean { + return System.getenv("GITPOD_DISABLE_JETBRAINS_LOCAL_PORT_EXPOSE")?.toBoolean() ?: false + } + private fun syncPortsListWithClient(response: Status.PortsStatusResponse) { -// val ignoredPorts = ignoredPortsForNotificationService.getIgnoredPorts() -// val portsList = response.portsList.filter { !ignoredPorts.contains(it.localPort) } -// val portsNumbersFromPortsList = portsList.map { it.localPort } -// val servedPorts = portsList.filter { it.served } -// val exposedPorts = servedPorts.filter { it.exposed?.url?.isNotBlank() ?: false } -// val portsNumbersFromNonServedPorts = portsList.filter { !it.served }.map { it.localPort } -// val servedPortsToStartForwarding = servedPorts.filter { -// perClientPortForwardingManager.getPorts(it.localPort).none { p -> p.labels.contains(FORWARDED_PORT_LABEL) } -// } -// val exposedPortsToStartExposingOnClient = exposedPorts.filter { -// perClientPortForwardingManager.getPorts(it.localPort).none { p -> p.labels.contains(EXPOSED_PORT_LABEL) } -// } -// val forwardedPortsToStopForwarding = perClientPortForwardingManager.getPorts(FORWARDED_PORT_LABEL) -// .map { it.hostPortNumber } -// .filter { portsNumbersFromNonServedPorts.contains(it) || !portsNumbersFromPortsList.contains(it) } -// val exposedPortsToStopExposingOnClient = perClientPortForwardingManager.getPorts(EXPOSED_PORT_LABEL) -// .map { it.hostPortNumber } -// .filter { portsNumbersFromNonServedPorts.contains(it) || !portsNumbersFromPortsList.contains(it) } -// -// servedPortsToStartForwarding.forEach { startForwarding(it) } -// -// exposedPortsToStartExposingOnClient.forEach { startExposingOnClient(it) } -// -// forwardedPortsToStopForwarding.forEach { stopForwarding(it) } -// -// exposedPortsToStopExposingOnClient.forEach { stopExposingOnClient(it) } -// -// portsList.forEach { updatePortsPresentation(it) } + if (isPortExposingDisabled()) { + thisLogger().warn("gitpod: Port exposing is disabled.") + return + } + val ignoredPorts = ignoredPortsForNotificationService.getIgnoredPorts() + val portsList = response.portsList.filter { !ignoredPorts.contains(it.localPort) } + val portsNumbersFromPortsList = portsList.map { it.localPort } + val servedPorts = portsList.filter { it.served } + val exposedPorts = servedPorts.filter { it.exposed?.url?.isNotBlank() ?: false } + val portsNumbersFromNonServedPorts = portsList.filter { !it.served }.map { it.localPort } + val servedPortsToStartForwarding = servedPorts.filter { + perClientPortForwardingManager.getPorts(it.localPort).none { p -> p.labels.contains(FORWARDED_PORT_LABEL) } + } + val exposedPortsToStartExposingOnClient = exposedPorts.filter { + perClientPortForwardingManager.getPorts(it.localPort).none { p -> p.labels.contains(EXPOSED_PORT_LABEL) } + } + val forwardedPortsToStopForwarding = perClientPortForwardingManager.getPorts(FORWARDED_PORT_LABEL) + .map { it.hostPortNumber } + .filter { portsNumbersFromNonServedPorts.contains(it) || !portsNumbersFromPortsList.contains(it) } + val exposedPortsToStopExposingOnClient = perClientPortForwardingManager.getPorts(EXPOSED_PORT_LABEL) + .map { it.hostPortNumber } + .filter { portsNumbersFromNonServedPorts.contains(it) || !portsNumbersFromPortsList.contains(it) } + + servedPortsToStartForwarding.forEach { startForwarding(it) } + + exposedPortsToStartExposingOnClient.forEach { startExposingOnClient(it) } + + forwardedPortsToStopForwarding.forEach { stopForwarding(it) } + + exposedPortsToStopExposingOnClient.forEach { stopExposingOnClient(it) } + + portsList.forEach { updatePortsPresentation(it) } } private fun startForwarding(portStatus: PortsStatus) { try { perClientPortForwardingManager.forwardPort( - portStatus.localPort, - PortType.TCP, - setOf(FORWARDED_PORT_LABEL), + portStatus.localPort, + PortType.TCP, + setOf(FORWARDED_PORT_LABEL), ) } catch (throwable: Throwable) { if (throwable !is PortAlreadyForwardedException) { @@ -146,22 +154,22 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService private fun stopForwarding(hostPort: Int) { perClientPortForwardingManager.getPorts(hostPort) - .filter { it.labels.contains(FORWARDED_PORT_LABEL) } - .forEach { perClientPortForwardingManager.removePort(it) } + .filter { it.labels.contains(FORWARDED_PORT_LABEL) } + .forEach { perClientPortForwardingManager.removePort(it) } } private fun startExposingOnClient(portStatus: PortsStatus) { perClientPortForwardingManager.exposePort( - portStatus.localPort, - portStatus.exposed.url, - setOf(EXPOSED_PORT_LABEL), + portStatus.localPort, + portStatus.exposed.url, + setOf(EXPOSED_PORT_LABEL), ) } private fun stopExposingOnClient(hostPort: Int) { perClientPortForwardingManager.getPorts(hostPort) - .filter { it.labels.contains(EXPOSED_PORT_LABEL) } - .forEach { perClientPortForwardingManager.removePort(it) } + .filter { it.labels.contains(EXPOSED_PORT_LABEL) } + .forEach { perClientPortForwardingManager.removePort(it) } } private fun updatePortsPresentation(portStatus: PortsStatus) { diff --git a/components/server/src/workspace/workspace-starter.ts b/components/server/src/workspace/workspace-starter.ts index 9ad55f1f4b0fb3..b666a48f6a9dd3 100644 --- a/components/server/src/workspace/workspace-starter.ts +++ b/components/server/src/workspace/workspace-starter.ts @@ -1552,16 +1552,18 @@ export class WorkspaceStarter { sysEnvvars.push(orgIdEnv); const client = getExperimentsClientForBackend(); - const [isSetJavaXmx, isSetJavaProcessorCount] = await Promise.all([ + const [isSetJavaXmx, isSetJavaProcessorCount, disableJetBrainsPortExpose] = await Promise.all([ client .getValueAsync("supervisor_set_java_xmx", false, { user }) .then((v) => newEnvVar("GITPOD_IS_SET_JAVA_XMX", String(v))), client .getValueAsync("supervisor_set_java_processor_count", false, { user }) .then((v) => newEnvVar("GITPOD_IS_SET_JAVA_PROCESSOR_COUNT", String(v))), + client.getValueAsync("disable_jetbrains_local_port_expose", false, { user }).then((v) => newEnvVar("GITPOD_DISABLE_JETBRAINS_LOCAL_PORT_EXPOSE", String(v))) ]); sysEnvvars.push(isSetJavaXmx); sysEnvvars.push(isSetJavaProcessorCount); + sysEnvvars.push(disableJetBrainsPortExpose); const spec = new StartWorkspaceSpec(); await createGitpodTokenPromise; spec.setEnvvarsList(envvars); From f7d94fe7c035ff7d3bcbd912a8628ce0b6d84d46 Mon Sep 17 00:00:00 2001 From: mustard Date: Fri, 11 Oct 2024 03:02:46 +0800 Subject: [PATCH 3/4] Rename to `forwarding` --- .../remote/AbstractGitpodPortForwardingService.kt | 8 ++++---- components/server/src/workspace/workspace-starter.ts | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt b/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt index d342d995735421..b54c59530db86a 100644 --- a/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt +++ b/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt @@ -99,13 +99,13 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService return completableFuture } - private fun isPortExposingDisabled(): Boolean { - return System.getenv("GITPOD_DISABLE_JETBRAINS_LOCAL_PORT_EXPOSE")?.toBoolean() ?: false + private fun isLocalPortForwardingDisabled(): Boolean { + return System.getenv("GITPOD_DISABLE_JETBRAINS_LOCAL_PORT_FORWARDING")?.toBoolean() ?: false } private fun syncPortsListWithClient(response: Status.PortsStatusResponse) { - if (isPortExposingDisabled()) { - thisLogger().warn("gitpod: Port exposing is disabled.") + if (isLocalPortForwardingDisabled()) { + thisLogger().warn("gitpod: Local port forwarding is disabled.") return } val ignoredPorts = ignoredPortsForNotificationService.getIgnoredPorts() diff --git a/components/server/src/workspace/workspace-starter.ts b/components/server/src/workspace/workspace-starter.ts index b666a48f6a9dd3..65db5a34a89175 100644 --- a/components/server/src/workspace/workspace-starter.ts +++ b/components/server/src/workspace/workspace-starter.ts @@ -1559,7 +1559,7 @@ export class WorkspaceStarter { client .getValueAsync("supervisor_set_java_processor_count", false, { user }) .then((v) => newEnvVar("GITPOD_IS_SET_JAVA_PROCESSOR_COUNT", String(v))), - client.getValueAsync("disable_jetbrains_local_port_expose", false, { user }).then((v) => newEnvVar("GITPOD_DISABLE_JETBRAINS_LOCAL_PORT_EXPOSE", String(v))) + client.getValueAsync("disable_jetbrains_local_port_forwarding", false, { user }).then((v) => newEnvVar("GITPOD_DISABLE_JETBRAINS_LOCAL_PORT_FORWARDING", String(v))) ]); sysEnvvars.push(isSetJavaXmx); sysEnvvars.push(isSetJavaProcessorCount); From 1cf6e050307a08fcb2fdb4aeb62786ac3194cc35 Mon Sep 17 00:00:00 2001 From: Huiwen Date: Fri, 11 Oct 2024 12:06:47 +0000 Subject: [PATCH 4/4] disable local ports forwarding only --- .../remote/AbstractGitpodPortForwardingService.kt | 11 +++++++---- components/server/src/workspace/workspace-starter.ts | 8 +++++--- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt b/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt index b54c59530db86a..b17993601bef78 100644 --- a/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt +++ b/components/ide/jetbrains/backend-plugin/src/main/kotlin/io/gitpod/jetbrains/remote/AbstractGitpodPortForwardingService.kt @@ -40,6 +40,10 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService private fun start() { if (application.isHeadlessEnvironment) return + if (isLocalPortForwardingDisabled()) { + thisLogger().warn("gitpod: Local port forwarding is disabled.") + } + observePortsListWhileProjectIsOpen() } @@ -104,10 +108,6 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService } private fun syncPortsListWithClient(response: Status.PortsStatusResponse) { - if (isLocalPortForwardingDisabled()) { - thisLogger().warn("gitpod: Local port forwarding is disabled.") - return - } val ignoredPorts = ignoredPortsForNotificationService.getIgnoredPorts() val portsList = response.portsList.filter { !ignoredPorts.contains(it.localPort) } val portsNumbersFromPortsList = portsList.map { it.localPort } @@ -139,6 +139,9 @@ abstract class AbstractGitpodPortForwardingService : GitpodPortForwardingService } private fun startForwarding(portStatus: PortsStatus) { + if (isLocalPortForwardingDisabled()) { + return + } try { perClientPortForwardingManager.forwardPort( portStatus.localPort, diff --git a/components/server/src/workspace/workspace-starter.ts b/components/server/src/workspace/workspace-starter.ts index 65db5a34a89175..c3f1916c822d1c 100644 --- a/components/server/src/workspace/workspace-starter.ts +++ b/components/server/src/workspace/workspace-starter.ts @@ -1552,18 +1552,20 @@ export class WorkspaceStarter { sysEnvvars.push(orgIdEnv); const client = getExperimentsClientForBackend(); - const [isSetJavaXmx, isSetJavaProcessorCount, disableJetBrainsPortExpose] = await Promise.all([ + const [isSetJavaXmx, isSetJavaProcessorCount, disableJetBrainsLocalPortForwarding] = await Promise.all([ client .getValueAsync("supervisor_set_java_xmx", false, { user }) .then((v) => newEnvVar("GITPOD_IS_SET_JAVA_XMX", String(v))), client .getValueAsync("supervisor_set_java_processor_count", false, { user }) .then((v) => newEnvVar("GITPOD_IS_SET_JAVA_PROCESSOR_COUNT", String(v))), - client.getValueAsync("disable_jetbrains_local_port_forwarding", false, { user }).then((v) => newEnvVar("GITPOD_DISABLE_JETBRAINS_LOCAL_PORT_FORWARDING", String(v))) + client + .getValueAsync("disable_jetbrains_local_port_forwarding", false, { user }) + .then((v) => newEnvVar("GITPOD_DISABLE_JETBRAINS_LOCAL_PORT_FORWARDING", String(v))), ]); sysEnvvars.push(isSetJavaXmx); sysEnvvars.push(isSetJavaProcessorCount); - sysEnvvars.push(disableJetBrainsPortExpose); + sysEnvvars.push(disableJetBrainsLocalPortForwarding); const spec = new StartWorkspaceSpec(); await createGitpodTokenPromise; spec.setEnvvarsList(envvars);