-
Notifications
You must be signed in to change notification settings - Fork 220
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auto-generate configuration for Visual Studio Code's Remote-Containers extension #628
Comments
You can do either sudo chmod 777 /root or sudo chmod 755 /root
sudo mkdir -m0777 /root/.vscode-server |
@lbssousa Uhm, that works... I wonder then what I've misinterpreted 🤔️ Thanks |
@lbssousa I found your instructions to be very useful. I'm wondering how could we get rid of this root permission issue, but this probably needs to be solved in microsoft/vscode-remote-release side. Also I think toolbox should not generate vscode specific configuration, instead maybe it would be better to have vscode extension for that specific use-case (at least until vscode-remote starts supporting toolbox natively). |
@spikhoff I personally don't believe Microsoft guys will make a Remote Development extension, or just extend Remote Containers one, just to support Toolbox out of box (and Remote Development extensions aren't open source, so we hardly could write our own extension for Toolbox). If attachment to a Toolbox container works without need of touching Remote Containers extension, there's nothing to to on their side (except maybe microsoft/vscode-remote-release#4013 or microsoft/vscode-remote-release#4584). Remember that they only added support to Podman because its CLI supports the same arguments as Docker CLI. |
When I restart my system I get permission error, vscode-server tries to install under /root.
Edit: Also restarting pod triggers this bug.
|
@spikhoff please put here the output of the following commands:
Then, restart your system and put the output of the following commands:
|
@lbssousa, Thanks, that indeed works! |
Aren't you trying to change your host system's /root folder permissions, rather than the one within the container? |
No, but I was bit worried what happens when I change permissions inside container, would they propagate to hosts filesystem or not. So I tested and they don't. I did not know that :) |
I was just experimenting with VSCode Remote Containers + Toolbox some, and came up with a similar configuration to that here. (Should have done some searching first...) Initial impressions with that, and with trying these exact instructions for a different toolbox are that it works quite well. Some imperfections I notice
Would this be better done as some sort of "plugin" where you could drop a script into a directory to be run at container creation time, and avoiding hardcoding details of closed-source software into the toolbox core?. But on the other hand, that would require you to have that installed before you created your toolbox, or delete and recreate your toolboxes. Or a drop-in 'toolbox code' subcommand so that 'toolbox code .' sets things up and launches VSCode on the current folder in the current directory, in the style of 'code .' in WSL.
If you follow through the comments on microsoft/vscode-remote-release#3345, the /root location is coming from HOME 'podman inspect '. Since toolbox is happy with that being /root, it would presumably be happy with that being any other location, including the users $HOME or a directory under that. That being said, I agree with @lbssousa 's conclusion that writing things in /root/.vscode-server is possibly a feature, not a bug. the vscode remote extensionsexpects to set up a vscode server individually in each container, and I'm not sure what would happen if multiple containers shared the same ,vscode-server directory - probably nothing good. It would be worthwhile to compare the Remote-WSL experience to the best we can achieve with Remote-Containers + Toolbox today and keep an issue open for https://github.com/microsoft/vscode-remote-release for what is needed to get to feature-parity. Without actually trying out Remote-WSL, it seems like it's mostly cosmetic UI issues:
There's likely also optimizations that could be done using the shared-$HOME nature of Toolbox, but that's a bigger ask, and may simply not matter. |
There's already an issue open for this: microsoft/vscode-remote-release#4053 |
After experimenting VSCode unofficial Flathub package with Toolbox for a few months, I've observed that the following environment variables may need to be set explictly, because they're not inherited from system host, but are overriden by Flatpak sandbox instead:
UPDATE 2021-03-16: As a workaround, we can inject these values as extra variables to Flatpak's environment:
and then use expansions |
We already handle all this natively in GNOME Builder, so I guess the question is if you think it makes sense for us to switch to using this too? |
Not sure if it fits your case. We're discussing here about what's needed to make Visual Studio Code (installed via RPM or Flatpak package) able to attach to Toolbox containers through Remote-Containers extension + podman container runtime. |
I created a repository: owtaylor/toolbox-vscode - what this contains currently is an implementation of a Currently, this can be dropped somewhere on your path like The upside of it is that it looks simple if you know to start from the command line. The disadvantage is that you have to start that way - there's no reasonable path through the UI to configure a new toolbox container. (If you are already connected to a container, opening a new folder in it works fine.) |
@owtaylor , I've updated the OP of this issue with additional notes to simplify attached-container configuration when VSCode is installed from Flathub. You may want to apply it to your project. |
If I understand, you are referring to using
What do you see as the advantages of the second approach? (An approach to getting actual dynamic values occurs to me: we could manipulate things in the run-podman-on-host wrapper script so that ${containerEnv:HOST_DISPLAY} has the right value. I'm not sure if that involves munging the return value of 'podman inspect' or adding --env options to podman-exec. Would be hacky either way.) |
Tested to work if I entirely omit DISPLAY/SHELL/SSH_AUTH_SOCKET from remoteEnv and then use this podman-host wrapper script: #!/bin/bash
if [ $1 == "exec" ] ; then
shift
env_args=()
while read env ; do
env_args+=("-e" "$env")
done < <(flatpak-spawn --host sh -c 'cat /proc/`pgrep -u $UID -f ^/usr/libexec/flatpak-session-helper`/environ' | \
grep -z -E '^(DISPLAY|SHELL|SSH_AUTH_SOCK)=' | tr '\0' '\n')
exec flatpak-spawn --host podman exec "${env_args[@]}" "$@"
else
exec flatpak-spawn --host podman "$@"
fi Have to think if that's a good idea or not ... :-/ [also affects all podman/docker invocations not just ones targeting a toolbox] |
Much simplified version of the above: #!/bin/bash
if [ $1 == "exec" ] ; then
shift
exec flatpak-spawn --host sh -c \
'exec podman exec -e DISPLAY="$DISPLAY" -e SHELL="$SHELL" -e SSH_AUTH_SOCK="$SSH_AUTH_SOCK" "$@"' \
- "$@"
else
exec flatpak-spawn --host podman "$@"
fi |
@owtaylor I've tested your latest podman-host wrapper script (the simpler one) and it worked as expected for me, provided I remove |
Good catch! I had that modified locally and didn't notice. What if you change "terminal.integrated.shellArgs.linux" to: ["--caps=", "--", "-c", "exec \"$SHELL\" -l"] That seems to work for me. We are already running an intermediate bash process via capsh and have $SHELL set correctly, so why not use it? |
Unfortunately, it seems there is instability here, and depending on the version of podman used to create the container, the container environment might end up with HOME as |
Hmmm. I've just noticed that, too. Running |
I put an attempt at dealing with the diversity in: owtaylor/toolbox-vscode#2 - @lbssousa if you want to take a look and see if it makes sense to you, that would be appreciated! |
Context
Following discussions in microsoft/vscode-remote-release#3345, I would like to suggest that
toolbox
binary receives a feature to auto-generate all the configuration needed for VSCode's Remote-Containers extension to allow attaching to a given Toolbox container, which I'll name${TOOLBOX_CONTAINER_NAME}
from now on.Instructions
The needed steps, based on my personal use case, could be the following (I'll suppose here that
toolbox
would support VSCode as installed from official RPM/DEB repository, but I'll also give alternatives for an eventual support for VSCode as installed from Flathub):${HOME}/.config/Code/User/globalStorage/ms-vscode-remote.remote-containers/nameConfigs
, if it doesn't exist. I'll refer to it as${VSCODE_ATTACHED_CONFIG_DIR}
from now on.${HOME}/.var/app/com.visualstudio.code/config/Code/User/globalStorage/ms-vscode-remote.remote-containers/nameConfigs
${VSCODE_ATTACHED_CONFIG_DIR}/${TOOLBOX_CONTAINER_NAME}.json
with the following contents:Give read/write permissions to
/root
folder within the container for the current user (or, at least, give read permissions to/root
and create a folder/root/.vscode-server
with read/write permissions).For containers created with Toolbox prior to version 0.0.97, run the following command before starting VSCode:
podman
from host system.Additional notes
Properties
terminal.integrated.shell.linux
andterminal.integrated.shellArgs.linux
may need to be reviewed to matchtoolbox enter ${TOOLBOX_CONTAINER_NAME}
behaviour.There are still some discussion in Support Toolbox (a.k.a. Fedora Toolbox) microsoft/vscode-remote-release#3345 about the fact that
.vscode-server
is being installed under/root
folder within the container, rather thanremoteUser
's home folder. I'm personally OK with the current behaviour, because I can keep.vscode-server
folder within the container, but it may not be the desired behaviour for the others.Supersedes: #610
The text was updated successfully, but these errors were encountered: