C
Coder.com9mo ago
Zoker

Is the external auth gone?

Hi there, For some reason, the external auth step in the workspace creation is gone for me. As mentioned in the documentation, there should be a "Git authentication" part in the setup of a new workspace. But for some reason it's gone from my instance. I still have this part in my template code: 
data "coder_external_auth" "gitea" {
  id = "gitea"
}
data "coder_external_auth" "gitea" {
  id = "gitea"
}
I also tried the coder_git_auth instead: 
data "coder_git_auth" "gitea" {
  id = "gitea"
}
data "coder_git_auth" "gitea" {
  id = "gitea"
}
but the auth is still missing as you can see in the screenshot. Since I edited the template file a lot, it's possible that I removed something, but I'm not sure what. Or is this maybe a bug in the current coder version? Thanks!
External Auth - Coder v2 Docs
Learn how connect Coder with external auth providers
No description
No description
No description
38 Replies
Phorcys
Phorcys9mo ago
does the access token still get generated properly ?
Zoker
ZokerOP9mo ago
You mean within the workspace? I noticed this first, when I created a new workspace and within the workspace I needed to login to my instance again. Then I realized that the git auth prompt is missing in the creation process
Phorcys
Phorcys9mo ago
can you share your full template ?
Zoker
ZokerOP9mo ago
This is my template file: https://share.zkr.io/code/PCPup8.json Do you see any obvious issue?
Atif
Atif9mo ago
This is most likely a bug. What version of Coder are you on?
Zoker
ZokerOP9mo ago
I'm using the latest version v2.8.3+01c6266. Is there anything else I can test?
No description
Atif
Atif9mo ago
That's very strange. I am not able to reproduce this at my deployment.
Zoker
ZokerOP9mo ago
Is there anything I can test? I can also provide my Dockerfile, if that helps I have two coder instances (one for test), that has the same issue Here is my Dockerfile: https://share.zkr.io/code/EmbyWu.sh
Zoker
ZokerOP9mo ago
I tried the default docker template and added the coder_external_auth, build it and tested it
No description
Zoker
ZokerOP9mo ago
No description
Zoker
ZokerOP9mo ago
@Atif Can I somehow test, if the access token is provided within the container? I saw that the coder_git_auth is deprecated and switched back to coder_external_auth without setting the GITHUB_TOKEN env in the coder_agent Should this work within the container? 
echo $CODER_EXTERNAL_AUTH_ACCESS_TOKEN_gitea
echo $CODER_EXTERNAL_AUTH_ACCESS_TOKEN_gitea
Atif
Atif9mo ago
@Steven can you take a look when you have sometime? I am not able to reproduce this. Could this be reletaed to gitea only? no. These are only the provisioner
Phorcys
Phorcys9mo ago
I think you're supposed to pass the output of the auth as an environment variable to the coder agent maybe try that
Phorcys
Phorcys9mo ago
something like coder_git_auth's example but with external_auth instead https://registry.terraform.io/providers/coder/coder/latest/docs/data-sources/git_auth
Terraform Registry
Emyrk
Emyrk9mo ago
I can take a look today 👍 Use coder_external_auth, the git was is deprecated. If it's not listing on the UI, then something is incorrect with the terraform. @Zoker can you share the settings set on the deployment? At /deployment/external-auth? Or the env vars used to set the external auth? (Scrubbing any secrets)
Zoker
ZokerOP9mo ago
What I found out so far: The listing has changed from version 2.7.x to 2.8.x. The auth is now only shown if not set before the creation of a workspace. What is still strange: Even without setting a env like GITHUB_TOKEN in the terraform file, the git auth worked for me without any issue until it didn't anymore. Now even if I set the env war, git is not authenticated and echo $GITHUB_TOKEN within the workspace does not give me any output. This is what I set on the terraform file 
resource "coder_agent" "main" {
  arch = data.coder_provisioner.me.arch
  os   = "linux"
  dir  = "/home/${local.username}/workspace/"
  env  = {        
    GITHUB_TOKEN : data.coder_external_auth.gitea.access_token        
  }
}
resource "coder_agent" "main" {
  arch = data.coder_provisioner.me.arch
  os   = "linux"
  dir  = "/home/${local.username}/workspace/"
  env  = {        
    GITHUB_TOKEN : data.coder_external_auth.gitea.access_token        
  }
}
Emyrk
Emyrk9mo ago
And confirm the template version you posted is the latest active version (promoted)
No description
Zoker
ZokerOP9mo ago
Should I check this within the workspace?
Emyrk
Emyrk9mo ago
On the template page. This path /templates/docker/versions
Emyrk
Emyrk9mo ago
You can see and change the selected version for a workspace
No description
Zoker
ZokerOP9mo ago
Yes
No description
Emyrk
Emyrk9mo ago
@Zoker and I confirmed external auth is working. It's VSCODE using it's own GIT_ASKPASS 🤔
Zoker
ZokerOP9mo ago
So the question is, how to set a gitea/github token within the current VS Code version, right?
Emyrk
Emyrk9mo ago
I think it's how to make GIT_ASKPASS back to the coder one. Back to the system default 
 // Controls whether GIT_ASKPASS should be overwritten to use the integrated version.
  "git.useIntegratedAskPass": true,
 // Controls whether GIT_ASKPASS should be overwritten to use the integrated version.
  "git.useIntegratedAskPass": true,
I think you can set that to false in vscode settings, and it will work
Zoker
ZokerOP9mo ago
Hmm even after setting this, i'm being asked for my git credentials
Emyrk
Emyrk9mo ago
Did you reload vscode? you can env | grep GIT_ASKPASS to see what it is set to
Zoker
ZokerOP9mo ago
No description
Zoker
ZokerOP9mo ago
Yes I restarted the workspace
Emyrk
Emyrk9mo ago
It's still set to their askpass.sh
Zoker
ZokerOP9mo ago
What should the path be?
Emyrk
Emyrk9mo ago
Something like GIT_ASKPASS=/tmp/coder.cTn36d/coder, run env in a normal terminal outside VSCode
Zoker
ZokerOP9mo ago
Ah yes I see this in my terminal GIT_ASKPASS=/tmp/coder.sCiCfW/coder So I tested this again and now it works 🎉 Do you know if I still need to set the GITHUB_TOKEN env in the template? Thanks! I tested it and I don't need the GITHUB_TOKEN env. So this solves the topic, just set "git.useIntegratedAskPass": false, in the VS Code settings. Thanks @Atif, @Phorcys and especially @Steven for the help! Really appriciate it
Phorcys
Phorcys9mo ago
great! I would've never guessed that was the cause
Atif
Atif9mo ago
What about the issue external auth button not appearing in the workspace creation form? Is that resolved?
Emyrk
Emyrk9mo ago
@Atif It was just moved. The FE changed so now it appears before the workspace creation page.
HoXsan
HoXsan9mo ago
Is it at Account/ external auth?
Emyrk
Emyrk9mo ago
It is still there, just the workspace creation was shifted
HoXsan
HoXsan9mo ago
It does not show on mine. Can only see it in account -> external auth, but without any effect in a workspace. But I dont want to hijack the post. So created my own 🙂
Want results from more Discord servers?
Add your server