Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[supervisor] Replace dropbear with openssh #6348

Merged
merged 6 commits into from
Oct 29, 2021
Merged

[supervisor] Replace dropbear with openssh #6348

merged 6 commits into from
Oct 29, 2021

Conversation

aledbf
Copy link
Member

@aledbf aledbf commented Oct 21, 2021
edited by csweichel
Loading

Description

This PR switches to OpenSSH instead of dropbear, and starts sshd only when a connection to the SSH service is made.
This should drastically improve workspace startup time, and subsequently image build and prebuild stability.

Related Issue(s)

Fixes #4848

How to test

  1. start a workspace
  2. try local companion app
  3. try to ssh from within the workspace into the workspace
  4. check after closing the local companion app there are no sshd: gitpod [priv] process running in the workspace after a couple of seconds

Release Notes

Switch from dropbear to OpenSSH

Documentation

@codecov
Copy link

codecov bot commented Oct 21, 2021
edited
Loading

Codecov Report

Merging #6348 (1f467a3) into main (1d7c6ca) will increase coverage by 19.10%.
The diff coverage is 0.00%.

Impacted file tree graph

@@             Coverage Diff             @@
##             main    #6348       +/-   ##
===========================================
+ Coverage   19.04%   38.14%   +19.10%     
===========================================
  Files           2       18       +16     
  Lines         168     4375     +4207     
===========================================
+ Hits           32     1669     +1637     
- Misses        134     2576     +2442     
- Partials        2      130      +128
Flag Coverage Δ
components-local-app-app-linux-amd64 ?
components-local-app-app-linux-arm64 ?
components-local-app-app-windows-386 ?
components-local-app-app-windows-amd64 ?
components-local-app-app-windows-arm64 ?
components-supervisor-app 38.14% <0.00%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
components/supervisor/pkg/supervisor/ssh.go 0.00% <0.00%> (ø)
components/supervisor/pkg/supervisor/supervisor.go 6.57% <0.00%> (ø)
components/local-app/pkg/auth/auth.go
components/local-app/pkg/auth/pkce.go
components/supervisor/pkg/supervisor/config.go 4.51% <0.00%> (ø)
components/supervisor/pkg/terminal/service.go 32.38% <0.00%> (ø)
components/supervisor/pkg/supervisor/git.go 0.00% <0.00%> (ø)
components/supervisor/pkg/dropwriter/dropwriter.go 73.46% <0.00%> (ø)
components/supervisor/pkg/supervisor/services.go 24.90% <0.00%> (ø)
components/supervisor/pkg/terminal/terminal.go 64.19% <0.00%> (ø)
... and 11 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1d7c6ca...1f467a3. Read the comment docs.

@aledbf aledbf force-pushed the aledbf/ssh2 branch 2 times, most recently from 4b83a30 to 911754b Compare October 22, 2021 00:29
@aledbf aledbf removed the request for review from akosyakov October 22, 2021 02:37
@aledbf aledbf force-pushed the aledbf/ssh2 branch 2 times, most recently from 68001cc to cb6b6a4 Compare October 22, 2021 03:32
@aledbf aledbf changed the title [supervisor] Start dropbear on-demand [supervisor] Replace dropbear with openssh Oct 22, 2021
@aledbf aledbf requested a review from csweichel October 22, 2021 03:57
@akosyakov
Copy link
Member

akosyakov commented Oct 22, 2021
edited
Loading

Why do we do it? Please test that it does not introduce regressions in VS Code Desktop. Especially for things which we had to patch in dropbear.

@csweichel
Copy link
Contributor

csweichel commented Oct 22, 2021
edited by werft-gitpod-dev-com bot
Loading

/werft run

👍 started the job as gitpod-build-aledbf-ssh2.17

@csweichel
Copy link
Contributor

csweichel commented Oct 22, 2021
edited
Loading

Why do we do it? Please test that it does not introduce regressions in VS Code Desktop. Especially for things which we had to patch in dropbear.

Good points - I've updated the description of the PR to answer those questions.

W.r.t. to regression, once we find that this approach actually provides the benefits we hope it does, we'll need some support from @gitpod-io/engineering-ide to ensure we're not missing some case.

@iQQBot
Copy link
Contributor

iQQBot commented Oct 22, 2021

mark

@roboquat roboquat added size/XL and removed size/L labels Oct 22, 2021
@aledbf aledbf force-pushed the aledbf/ssh2 branch 7 times, most recently from cf4cd34 to 50de4e5 Compare October 22, 2021 22:02
@aledbf aledbf force-pushed the aledbf/ssh2 branch 6 times, most recently from 0033510 to 6a62a69 Compare October 28, 2021 18:50
@csweichel csweichel force-pushed the aledbf/ssh2 branch 3 times, most recently from e109037 to a6e7ab0 Compare October 29, 2021 07:38
@csweichel csweichel force-pushed the aledbf/ssh2 branch 2 times, most recently from 7fa2bd3 to a36e3f2 Compare October 29, 2021 08:08
@csweichel
Copy link
Contributor

It does not look like env vars are propagated properly to VS Code Server:

Language support and terminals are broken in VS Code Desktop. The was an internal thread about it: https://gitpod.slack.com/archives/C01V4DL9Q2Z/p1631006119029300

Also #5768 is happening again. We had to patch dropbear to be less picky. It will break some users setup.

@akosyakov both issues should be fixed now

akosyakov
akosyakov approved these changes Oct 29, 2021
View reviewed changes
Copy link
Member

@akosyakov akosyakov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

everything works, that's awesome guys ❤️

@roboquat roboquat added the lgtm label Oct 29, 2021
@roboquat
Copy link
Contributor

LGTM label has been added.

Git tree hash: c83b334f9296f82c8633d23453f808b4d116ccab

@roboquat
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: akosyakov

Associated issue: #4848

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@akosyakov akosyakov mentioned this pull request Oct 29, 2021
Closed
@roboquat roboquat merged commit d75a880 into main Oct 29, 2021
@roboquat roboquat deleted the aledbf/ssh2 branch October 29, 2021 09:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akosyakov akosyakov akosyakov approved these changes

@csweichel csweichel Awaiting requested review from csweichel

Assignees

@akosyakov akosyakov

@csweichel csweichel

Labels
approved release-note size/XXL team: IDE
Projects
No open projects
🌌 Workspace Team
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[local app] Do not always start dropbear
5 participants
@aledbf @akosyakov @csweichel @iQQBot @roboquat