Skip to content

Commit

Permalink
[gp] Add helpful message in case "gp env --scope=user" fails because …
Browse files Browse the repository at this point in the history 
…of missing create permission (#20227)

* [gp] Add helpful message in case "gp env --scope=user" fails because of missing create permission

* Fix typo

Co-authored-by: Filip Troníček <filip@gitpod.io>

* another typo

---------

Co-authored-by: Filip Troníček <filip@gitpod.io>
  • Loading branch information
@geropl @filiptronicek
geropl and filiptronicek committed Sep 17, 2024
1 parent b0596ee commit 192727f
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 8 deletions.
33 changes: 26 additions & 7 deletions components/gitpod-cli/cmd/env.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,14 @@ import (
"context"
"fmt"
"io"
"net/http"
"os"
"strings"
"sync"
"time"

log "github.com/sirupsen/logrus"
"github.com/sourcegraph/jsonrpc2"
"github.com/spf13/cobra"
"golang.org/x/sync/errgroup"
"golang.org/x/xerrors"
Expand All @@ -36,6 +38,17 @@ var (
envScopeUser envScope = "user"
)

func envScopeFromString(s string) envScope {
switch s {
case string(envScopeRepo):
return envScopeRepo
case string(envScopeUser):
return envScopeUser
default:
return envScopeRepo
}
}

// envCmd represents the env command
var envCmd = &cobra.Command{
Use: "env",
Expand Down Expand Up @@ -75,8 +88,8 @@ delete environment variables with a repository pattern of */foo, foo/* or */*.
if unsetEnvs {
err = deleteEnvs(ctx, args)
} else {
scopeUser := scope == string(envScopeUser)
err = setEnvs(ctx, scopeUser, args)
setEnvScope := envScopeFromString(scope)
err = setEnvs(ctx, setEnvScope, args)
}
} else {
err = getEnvs(ctx)
Expand All @@ -89,14 +102,15 @@ type connectToServerResult struct {
repositoryPattern string
wsInfo *supervisorapi.WorkspaceInfoResponse
client *serverapi.APIoverJSONRPC
gitpodHost string
}

type connectToServerOptions struct {
supervisorClient *supervisor.SupervisorClient
wsInfo *api.WorkspaceInfoResponse
log *log.Entry

setEnvScopeUser bool
setEnvScope envScope
}

func connectToServer(ctx context.Context, options *connectToServerOptions) (*connectToServerResult, error) {
Expand Down Expand Up @@ -133,7 +147,7 @@ func connectToServer(ctx context.Context, options *connectToServerOptions) (*con
repositoryPattern := wsinfo.Repository.Owner + "/" + wsinfo.Repository.Name

operations := "create/get/update/delete"
if options != nil && options.setEnvScopeUser {
if options != nil && options.setEnvScope == envScopeUser {
// Updating user env vars requires a different token with a special scope
repositoryPattern = "*/*"
operations = "update"
Expand Down Expand Up @@ -166,7 +180,7 @@ func connectToServer(ctx context.Context, options *connectToServerOptions) (*con
if err != nil {
return nil, xerrors.Errorf("failed connecting to server: %w", err)
}
return &connectToServerResult{repositoryPattern, wsinfo, client}, nil
return &connectToServerResult{repositoryPattern, wsinfo, client, wsinfo.GitpodHost}, nil
}

func getWorkspaceEnvs(ctx context.Context, options *connectToServerOptions) ([]*serverapi.EnvVar, error) {
Expand All @@ -192,9 +206,9 @@ func getEnvs(ctx context.Context) error {
return nil
}

func setEnvs(ctx context.Context, scopeUser bool, args []string) error {
func setEnvs(ctx context.Context, setEnvScope envScope, args []string) error {
options := connectToServerOptions{
setEnvScopeUser: scopeUser,
setEnvScope: setEnvScope,
}
result, err := connectToServer(ctx, &options)
if err != nil {
Expand All @@ -213,6 +227,11 @@ func setEnvs(ctx context.Context, scopeUser bool, args []string) error {
g.Go(func() error {
err = result.client.SetEnvVar(ctx, v)
if err != nil {
if ferr, ok := err.(*jsonrpc2.Error); ok && ferr.Code == http.StatusForbidden && setEnvScope == envScopeUser {
return fmt.Errorf(""+
"Can't automatically create env var `%s` for security reasons.\n"+
"Please create the var manually under %s/user/variables using Name=%s, Scope=*/*, Value=foobar", v.Name, result.gitpodHost, v.Name)
}
return err
}
printVar(v.Name, v.Value, exportEnvs)
Expand Down
2 changes: 1 addition & 1 deletion components/gitpod-cli/cmd/validate.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -238,7 +238,7 @@ func runRebuild(ctx context.Context, supervisorClient *supervisor.SupervisorClie
serverLog := logrus.NewEntry(logrus.New())
serverLog.Logger.SetLevel(logLevel)
setLoggerFormatter(serverLog.Logger)
workspaceEnvs, err := getWorkspaceEnvs(ctx, &connectToServerOptions{supervisorClient, wsInfo, serverLog, false})
workspaceEnvs, err := getWorkspaceEnvs(ctx, &connectToServerOptions{supervisorClient, wsInfo, serverLog, envScopeRepo})
if err != nil {
return err
}
Expand Down

0 comments on commit 192727f

Please sign in to comment.