chore: override codersdk.SessionTokenCookie in develop.sh (#18991)

Updates `develop.sh`, `coder-dev.sh` and `build_go.sh` to conditionally override `codersdk.SessionTokenCookie` for usage in nested development scenario.
2026-06-02 20:48:20 +00:00 · 2025-07-23 12:48:15 +01:00
parent f41275eb39
commit bb83071b5f
7 changed files with 35 additions and 10 deletions
@@ -29,9 +29,11 @@ import (
 // These cookies are Coder-specific. If a new one is added or changed, the name
 // shouldn't be likely to conflict with any user-application set cookies.
 // Be sure to strip additional cookies in httpapi.StripCoderCookies!
+// SessionTokenCookie represents the name of the cookie or query parameter the API key is stored in.
+// NOTE: This is declared as a var so that we can override it in `develop.sh` if required.
+var SessionTokenCookie = "coder_session_token"
+
 const (
-	// SessionTokenCookie represents the name of the cookie or query parameter the API key is stored in.
-	SessionTokenCookie = "coder_session_token"
 	// SessionTokenHeader is the custom header to use for authentication.
 	SessionTokenHeader = "Coder-Session-Token"
 	// OAuth2StateCookie is the name of the cookie that stores the oauth2 state.
@@ -49,6 +49,7 @@ boringcrypto=${CODER_BUILD_BORINGCRYPTO:-0}
 dylib=0
 windows_resources="${CODER_WINDOWS_RESOURCES:-0}"
 debug=0
+develop_in_coder="${DEVELOP_IN_CODER:-0}"

 bin_ident="com.coder.cli"

@@ -149,6 +150,13 @@ if [[ "$debug" == 0 ]]; then
 	ldflags+=(-s -w)
 fi

+if [[ "$develop_in_coder" == 1 ]]; then
+	echo "INFO : Overriding codersdk.SessionTokenCookie as we are developing inside a Coder workspace."
+	ldflags+=(
+		-X "'github.com/coder/coder/v2/codersdk.SessionTokenCookie=dev_coder_session_token'"
+	)
+fi
+
 # We use ts_omit_aws here because on Linux it prevents Tailscale from importing
 # github.com/aws/aws-sdk-go-v2/aws, which adds 7 MB to the binary.
 TS_EXTRA_SMALL="ts_omit_aws,ts_omit_bird,ts_omit_tap,ts_omit_kube"
@@ -10,6 +10,8 @@ source "${SCRIPT_DIR}/lib.sh"

 GOOS="$(go env GOOS)"
 GOARCH="$(go env GOARCH)"
+CODER_AGENT_URL="${CODER_AGENT_URL:-}"
+DEVELOP_IN_CODER="${DEVELOP_IN_CODER:-0}"
 DEBUG_DELVE="${DEBUG_DELVE:-0}"
 BINARY_TYPE=coder-slim
 if [[ ${1:-} == server ]]; then
@@ -35,6 +37,10 @@ CODER_DEV_DIR="$(realpath ./.coderv2)"
 CODER_DELVE_DEBUG_BIN=$(realpath "./build/coder_debug_${GOOS}_${GOARCH}")
 popd

+if [ -n "${CODER_AGENT_URL}" ]; then
+	DEVELOP_IN_CODER=1
+fi
+
 case $BINARY_TYPE in
 coder-slim)
 	# Ensure the coder slim binary is always up-to-date with local
@@ -42,9 +48,9 @@ coder-slim)
 	# NOTE: we send all output of `make` to /dev/null so that we do not break
 	# scripts that read the output of this command.
 	if [[ -t 1 ]]; then
-		make -j "${RELATIVE_BINARY_PATH}"
+		DEVELOP_IN_CODER="${DEVELOP_IN_CODER}" make -j "${RELATIVE_BINARY_PATH}"
 	else
-		make -j "${RELATIVE_BINARY_PATH}" >/dev/null 2>&1
+		DEVELOP_IN_CODER="${DEVELOP_IN_CODER}" make -j "${RELATIVE_BINARY_PATH}" >/dev/null 2>&1
 	fi
 	;;
 coder)
@@ -14,6 +14,7 @@ source "${SCRIPT_DIR}/lib.sh"
 set -euo pipefail

 CODER_DEV_ACCESS_URL="${CODER_DEV_ACCESS_URL:-http://127.0.0.1:3000}"
+DEVELOP_IN_CODER="${DEVELOP_IN_CODER:-0}"
 debug=0
 DEFAULT_PASSWORD="SomeSecurePassword!"
 password="${CODER_DEV_ADMIN_PASSWORD:-${DEFAULT_PASSWORD}}"
@@ -66,6 +67,10 @@ if [ "${CODER_BUILD_AGPL:-0}" -gt "0" ] && [ "${multi_org}" -gt "0" ]; then
 	echo '== ERROR: cannot use both multi-organizations and APGL build.' && exit 1
 fi

+if [ -n "${CODER_AGENT_URL}" ]; then
+	DEVELOP_IN_CODER=1
+fi
+
 # Preflight checks: ensure we have our required dependencies, and make sure nothing is listening on port 3000 or 8080
 dependencies curl git go make pnpm
 curl --fail http://127.0.0.1:3000 >/dev/null 2>&1 && echo '== ERROR: something is listening on port 3000. Kill it and re-run this script.' && exit 1
@@ -75,7 +80,7 @@ curl --fail http://127.0.0.1:8080 >/dev/null 2>&1 && echo '== ERROR: something i
 # node_modules if necessary.
 GOOS="$(go env GOOS)"
 GOARCH="$(go env GOARCH)"
-make -j "build/coder_${GOOS}_${GOARCH}"
+DEVELOP_IN_CODER="${DEVELOP_IN_CODER}" make -j "build/coder_${GOOS}_${GOARCH}"

 # Use the coder dev shim so we don't overwrite the user's existing Coder config.
 CODER_DEV_SHIM="${PROJECT_ROOT}/scripts/coder-dev.sh"
@@ -150,7 +155,7 @@ fatal() {
 	trap 'fatal "Script encountered an error"' ERR

 	cdroot
-	DEBUG_DELVE="${debug}" start_cmd API "" "${CODER_DEV_SHIM}" server --http-address 0.0.0.0:3000 --swagger-enable --access-url "${CODER_DEV_ACCESS_URL}" --dangerous-allow-cors-requests=true --enable-terraform-debug-mode "$@"
+	DEBUG_DELVE="${debug}" DEVELOP_IN_CODER="${DEVELOP_IN_CODER}" start_cmd API "" "${CODER_DEV_SHIM}" server --http-address 0.0.0.0:3000 --swagger-enable --access-url "${CODER_DEV_ACCESS_URL}" --dangerous-allow-cors-requests=true --enable-terraform-debug-mode "$@"

 	echo '== Waiting for Coder to become ready'
 	# Start the timeout in the background so interrupting this script
@@ -107,6 +107,13 @@ const getMissingParameters = (
 	return missingParameters;
 };

+/**
+ * Originally from codersdk/client.go.
+ * The below declaration is required to stop Knip from complaining.
+ * @public
+ */
+export const SessionTokenCookie = "coder_session_token";
+
 /**
 * @param agentId
 * @returns {OneWayWebSocket} A OneWayWebSocket that emits Server-Sent Events.
@@ -2700,9 +2700,6 @@ export interface SessionLifetime {
 	readonly max_admin_token_lifetime?: number;
 }

-// From codersdk/client.go
-export const SessionTokenCookie = "coder_session_token";
-
 // From codersdk/client.go
 export const SessionTokenHeader = "Coder-Session-Token";

@@ -116,7 +116,7 @@ export default defineConfig({
 				secure: process.env.NODE_ENV === "production",
 			},
 		},
-		allowedHosts: [".coder"],
+		allowedHosts: [".coder", ".dev.coder.com"],
 	},
 	resolve: {
 		alias: {