yamanin/registry
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add option to disable VS Code Web workspace trust protection (#131)

Browse Source 
for admins with certainty about what is installed in the environment,
this is ideal. otherwise, it's best to get user trust

---------

Co-authored-by: DevelopmentCats <christofer@coder.com>
Co-authored-by: Atif Ali <atif@coder.com>
This commit is contained in:
Ben Potter 2025-06-16 21:24:51 -05:00 committed by GitHub
parent 960ec18d35
commit a8e23647c5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 20 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
registry/coder/modules/vscode-web/README.md
View File

@ -15,7 +15,7 @@ Automatically install [Visual Studio Code Server](https://code.visualstudio.com/
module "vscode-web" { module "vscode-web" {
count = data.coder_workspace.me.start_count count = data.coder_workspace.me.start_count
source = "registry.coder.com/coder/vscode-web/coder" source = "registry.coder.com/coder/vscode-web/coder"
version = "1.2.0" version = "1.3.0"
agent_id = coder_agent.example.id agent_id = coder_agent.example.id
accept_license = true accept_license = true
} }
@ -31,7 +31,7 @@ module "vscode-web" {
module "vscode-web" { module "vscode-web" {
count = data.coder_workspace.me.start_count count = data.coder_workspace.me.start_count
source = "registry.coder.com/coder/vscode-web/coder" source = "registry.coder.com/coder/vscode-web/coder"
version = "1.2.0" version = "1.3.0"
agent_id = coder_agent.example.id agent_id = coder_agent.example.id
install_prefix = "/home/coder/.vscode-web" install_prefix = "/home/coder/.vscode-web"
folder = "/home/coder" folder = "/home/coder"
@ -45,7 +45,7 @@ module "vscode-web" {
module "vscode-web" { module "vscode-web" {
count = data.coder_workspace.me.start_count count = data.coder_workspace.me.start_count
source = "registry.coder.com/coder/vscode-web/coder" source = "registry.coder.com/coder/vscode-web/coder"
version = "1.2.0" version = "1.3.0"
agent_id = coder_agent.example.id agent_id = coder_agent.example.id
extensions = ["github.copilot", "ms-python.python", "ms-toolsai.jupyter"] extensions = ["github.copilot", "ms-python.python", "ms-toolsai.jupyter"]
accept_license = true accept_license = true
@ -60,7 +60,7 @@ Configure VS Code's [settings.json](https://code.visualstudio.com/docs/getstarte
module "vscode-web" { module "vscode-web" {
count = data.coder_workspace.me.start_count count = data.coder_workspace.me.start_count
source = "registry.coder.com/coder/vscode-web/coder" source = "registry.coder.com/coder/vscode-web/coder"
version = "1.2.0" version = "1.3.0"
agent_id = coder_agent.example.id agent_id = coder_agent.example.id
extensions = ["dracula-theme.theme-dracula"] extensions = ["dracula-theme.theme-dracula"]
settings = { settings = {
@ -78,7 +78,7 @@ By default, this module installs the latest. To pin a specific version, retrieve
module "vscode-web" { module "vscode-web" {
count = data.coder_workspace.me.start_count count = data.coder_workspace.me.start_count
source = "registry.coder.com/coder/vscode-web/coder" source = "registry.coder.com/coder/vscode-web/coder"
version = "1.2.0" version = "1.3.0"
agent_id = coder_agent.example.id agent_id = coder_agent.example.id
commit_id = "e54c774e0add60467559eb0d1e229c6452cf8447" commit_id = "e54c774e0add60467559eb0d1e229c6452cf8447"
accept_license = true accept_license = true

7
registry/coder/modules/vscode-web/main.tf
View File

@ -121,6 +121,12 @@ variable "use_cached" {
default = false default = false
} }
variable "disable_trust" {
type = bool
description = "Disables workspace trust protection for VS Code Web."
default = false
}
variable "extensions_dir" { variable "extensions_dir" {
type = string type = string
description = "Override the directory to store extensions in." description = "Override the directory to store extensions in."
@ -169,6 +175,7 @@ resource "coder_script" "vscode-web" {
SETTINGS : replace(jsonencode(var.settings), "\"", "\\\""), SETTINGS : replace(jsonencode(var.settings), "\"", "\\\""),
OFFLINE : var.offline, OFFLINE : var.offline,
USE_CACHED : var.use_cached, USE_CACHED : var.use_cached,
DISABLE_TRUST : var.disable_trust,
EXTENSIONS_DIR : var.extensions_dir, EXTENSIONS_DIR : var.extensions_dir,
FOLDER : var.folder, FOLDER : var.folder,
AUTO_INSTALL_EXTENSIONS : var.auto_install_extensions, AUTO_INSTALL_EXTENSIONS : var.auto_install_extensions,

10
registry/coder/modules/vscode-web/run.sh
View File

@ -16,10 +16,16 @@ if [ -n "${SERVER_BASE_PATH}" ]; then
SERVER_BASE_PATH_ARG="--server-base-path=${SERVER_BASE_PATH}" SERVER_BASE_PATH_ARG="--server-base-path=${SERVER_BASE_PATH}"
fi fi
# Set disable workspace trust
DISABLE_TRUST_ARG=""
if [ "${DISABLE_TRUST}" = true ]; then
DISABLE_TRUST_ARG="--disable-workspace-trust"
fi
run_vscode_web() { run_vscode_web() {
echo "👷 Running $VSCODE_WEB serve-local $EXTENSION_ARG $SERVER_BASE_PATH_ARG --port ${PORT} --host 127.0.0.1 --accept-server-license-terms --without-connection-token --telemetry-level ${TELEMETRY_LEVEL} in the background..." echo "👷 Running $VSCODE_WEB serve-local $EXTENSION_ARG $SERVER_BASE_PATH_ARG $DISABLE_TRUST_ARG --port ${PORT} --host 127.0.0.1 --accept-server-license-terms --without-connection-token --telemetry-level ${TELEMETRY_LEVEL} in the background..."
echo "Check logs at ${LOG_PATH}!" echo "Check logs at ${LOG_PATH}!"
"$VSCODE_WEB" serve-local "$EXTENSION_ARG" "$SERVER_BASE_PATH_ARG" --port "${PORT}" --host 127.0.0.1 --accept-server-license-terms --without-connection-token --telemetry-level "${TELEMETRY_LEVEL}" > "${LOG_PATH}" 2>&1 & "$VSCODE_WEB" serve-local "$EXTENSION_ARG" "$SERVER_BASE_PATH_ARG" "$DISABLE_TRUST_ARG" --port "${PORT}" --host 127.0.0.1 --accept-server-license-terms --without-connection-token --telemetry-level "${TELEMETRY_LEVEL}" > "${LOG_PATH}" 2>&1 &
} }
# Check if the settings file exists... # Check if the settings file exists...