Open jessehouwing opened 1 year ago
Found a workaround.
In the codespace do the following:
@jessehouwing ➜ /workspaces/training-manual (main ✗) $ unset GITHUB_TOKEN
@jessehouwing ➜ /workspaces/training-manual (main ✗) $ gh auth login
? What account do you want to log into? GitHub.com
? What is your preferred protocol for Git operations? HTTPS
? Authenticate Git with your GitHub credentials? Yes
? How would you like to authenticate GitHub CLI? Login with a web browser
! First copy your one-time code: XXXX-XXXX
Press Enter to open github.com in your browser...
✓ Authentication complete.
- gh config set -h github.com git_protocol https
✓ Configured git protocol
✓ Logged in as jessehouwing
@jessehouwing ➜ /workspaces/training-manual (main ✗) $ gh extension install github/gh-net
Now it's possible to connect using gh net
from the windows side. Looks like the error I'm getting on windows isn't happening on my local machine, but is the error that happens on the Codespaces side.
Ideally the local gh net
extension would ssh-copy the required files to the target codespace or use an anonymous request to download the release bits.
This is an old issue in GH CLI itself - it tries to use existing token for public repos which is failing in some cases. Related issue: https://github.com/cli/cli/issues/6675
The workaround could be to use the local session to download the gh-net resources, instead of having the codespace do it. In case of gh-net
the remote will probably never have the right token configured.
That way the Oauth prompt and authorization can be handled locally. Or the ssh session could wait for the token to be authorized, cause GitHub does send the url to authorize the token, or will it still not work after authorization?
It could also unset the github_token environment variable on the codespace prior to trying to download the extension, that worked for me. I couldn't find the sources for gh-net, but it looks like it remotely runs a shell on codespaces to invoke the download if the release stuff. That looks like it could control the contents of the token prior to invitation...
Ideally though, gh-net wouldn't crash and would relay the error message properly.
Describe the bug when running
gh net
the cli is trying to download the latest release from the github/gh-net repo. To do so it passes the access token that thegh auth login
got or the token in theGH_TOKEN
environmnent variable.That token must be authorized by SSO, if you're a member of the github org on github. Which I now am.
This crashes the
gh-net
extensionReproduce steps Steps to reproduce the behavior:
Be signed in on your
personal
account that's also a member of the github org (I'm a contractor)set the environment variable
GH_TOKEN
with a valid github token. Authorize the token on the Github org using the tokenConfigure SSO
option.run
gh net
Select the codespace
Expected behavior The ssh tunnel is setup correctly
Screenshots If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
Setting a full-scope PAT that's SSO-enabled still won't work. It either throws the above error or this one: