Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Git credential helper does not work during workspace initialization in postCreateCommand on devpod 0.6 and newer #1719

Open
ArtElin opened this issue Mar 6, 2025 · 0 comments
Open

Git credential helper does not work during workspace initialization in postCreateCommand on devpod 0.6 and newer #1719

ArtElin opened this issue Mar 6, 2025 · 0 comments
Labels
kind/bug

Comments

@ArtElin
Copy link

ArtElin commented Mar 6, 2025

What happened?

My devcontainer runs script /opt/workspace/.devcontainer/init-container.sh as postCreateCommand, the script includes initializing git submodules inside main git repo

cd /opt/workspace
git submodule init
git submodule update --remote --merge

Creation of workspace fails with

[10:44:51] debug Incoming client connection at /git-credentials
[10:44:51] debug Received git credentials post data: {"protocol":"https","host":"gitlab.my.domain"}
[10:44:51] info panic: runtime error: invalid memory address or nil pointer dereference
[10:44:51] info [signal SIGSEGV: segmentation violation code=0x2 addr=0x80 pc=0x10274aa60]
[10:44:51] info goroutine 278 [running]:
[10:44:51] info github.com/loft-sh/devpod/pkg/agent/tunnelserver.(*tunnelServer).GitCredentials(0x140009ba080, {0x103a0b8e8, 0x140006cf860}, 0x140008943c0)
[10:44:51] info /Users/runner/work/devpod/devpod/pkg/agent/tunnelserver/tunnelserver.go:221 +0xf0
[10:44:51] info github.com/loft-sh/devpod/pkg/agent/tunnel._Tunnel_GitCredentials_Handler({0x1038b4480, 0x140009ba080}, {0x103a0b8e8, 0x140006cf860}, 0x14000880300, 0x0)
[10:44:51] info /Users/runner/work/devpod/devpod/pkg/agent/tunnel/tunnel_grpc.pb.go:420 +0x1c0
[10:44:51] info google.golang.org/grpc.(*Server).processUnaryRPC(0x14000243200, {0x103a0b8e8, 0x140006cf7d0}, {0x103a1dfc0, 0x1400054cea0}, 0x14000019e60, 0x14000a802a0, 0x105712b80, 0x0)
[10:44:51] info /Users/runner/work/devpod/devpod/vendor/google.golang.org/grpc/server.go:1394 +0xb78
[10:44:51] info google.golang.org/grpc.(*Server).handleStream(0x14000243200, {0x103a1dfc0, 0x1400054cea0}, 0x14000019e60)
[10:44:51] info /Users/runner/work/devpod/devpod/vendor/google.golang.org/grpc/server.go:1805 +0xb20
[10:44:51] info google.golang.org/grpc.(*Server).serveStreams.func2.1()
[10:44:51] info /Users/runner/work/devpod/devpod/vendor/google.golang.org/grpc/server.go:1029 +0x8c
[10:44:51] info created by google.golang.org/grpc.(*Server).serveStreams.func2 in goroutine 274
[10:44:51] info /Users/runner/work/devpod/devpod/vendor/google.golang.org/grpc/server.go:1040 +0x13c
[10:44:51] debug Connection to SSH Server closed
[10:44:51] debug Done creating devcontainer
[10:44:51] debug Done executing ssh server helper command
[10:44:51] fatal Process exited with status 2
run agent command
github.com/loft-sh/devpod/pkg/devcontainer/sshtunnel.ExecuteCommand.func2
        /Users/runner/work/devpod/devpod/pkg/devcontainer/sshtunnel/sshtunnel.go:129
runtime.goexit
        /Users/runner/go/pkg/mod/golang.org/toolchain@v0.0.1-go1.22.6.darwin-arm64/src/runtime/asm_arm64.s:1222

It seems like credential helper receives null instead of credentials.

If I then run the workspace again, it launches vscode after throwing an error

[10:57:02] error unset system credential helper exit status 5
[10:57:02] debug Connection to SSH Server closed
[10:57:02] info Error piping stdin: write |1: file already closed

I can then update and pull submodule from bash, which works

root@devpod-default-st-3a768:/opt/workspace# git submodule update --remote --merge
Cloning into '/opt/workspace/devDirectory'...
Error retrieving credentials: Post "http://localhost:13070/git-credentials": dial tcp [::1]:13070: connect: connection refused
Error retrieving credentials: Post "http://localhost:15696/git-credentials": dial tcp [::1]:15696: connect: connection refused
warning: redirecting to https://gitlab.my.domain/myRepo.git/
Error retrieving credentials: Post "http://localhost:13070/git-credentials": dial tcp [::1]:13070: connect: connection refused
Error retrieving credentials: Post "http://localhost:15696/git-credentials": dial tcp [::1]:15696: connect: connection refused
warning: redirecting to https://gitlab.my.domain/myRepo.git/
Submodule path 'myRepo': checked out 'dfae8f9fce5bb0e58c5ff68477a9c3924081012f'

What did you expect to happen instead?
Workspace is created and git submodules are initiated as usual

How can we reproduce the bug? (as minimally and precisely as possible)
Have a devpod workspace created from repository that has a submodule that needs authentication and a script that pulls that submodule on postCreateCommand.

My devcontainer.json:

{
  "name": "devcontainer",
  "image": "myImage:tag",
  "remoteUser": "root",
  "containerUser": "root",
  "postCreateCommand": "/opt/workspace/.devcontainer/init-container.sh",
  "workspaceMount": "source=${localWorkspaceFolder},target=/opt/workspace,type=bind,consistency=cached",
  "workspaceFolder": "/opt/workspace/devDirectory",
  "privileged": true
}

Local Environment:

  • DevPod Version: v0.6.14
  • Operating System: windows, mac
  • ARCH of the OS: ARM64, AMD64

DevPod Provider:

  • Kubernetes Provider: v0.1.19, kubectl v1.31.0

Anything else we need to know?
Problem exists both on macos and windows devpod clients and was introduced in devpod 0.6, devpod 0.5 works with the same environment, current workaround for me is to use devpod v0.5.
Also tested with other lifecycle hooks like postStartCommand.
Ssh authentication also does not work.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ArtElin