* Kill full server process tree in agent host kill_running_server
The CLI agent host supervisor launches the server via a shell shim
(`<server>/bin/code-server-<quality>`) that spawns `node ... server-main.js`,
which in turn spawns a `bootstrap-fork` agent host process. The previous
`child.kill()` in `kill_running_server` only terminated the shim, leaving
the node descendants reparented to PID 1.
Route the shutdown through `kill_tree` instead, and have the non-Windows
`kill_tree` walk the full descendant tree via `pgrep -P` rather than just
the direct children. Add a depth-3 process-tree unit test on Unix.
Fixes#319516
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix flaky kill_tree test by reaping spawned child process
The previous test relied on `process_exists` to confirm pids were gone,
but on Linux the outer sh remains a zombie until its parent (the test
runtime) reaps it. Await `child.wait()` immediately after `kill_tree`
so the outer sh is reaped, and rely on init to reap the orphaned
descendants. Also bumps the deadline to 10s to absorb init latency.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Bound kill_running_server wait and check pgrep exit status
Addresses Copilot review feedback:
- kill_running_server: bound child reap with a 5s timeout; escalate to
SIGKILL via Child::kill if a process ignores SIGTERM, so a misbehaving
server can't wedge the supervisor's shutdown or upgrade path.
- children_of: distinguish pgrep exit codes — 0/1 are expected (matches
vs no matches), 2/3 are surfaced as CommandFailed.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* cli: support pinning initial agent host version for upgrade testing
- There was no way to exercise the agent host upgrade flow locally, since
the CLI always starts the latest server version and has nothing older to
upgrade from.
- Adds a VSCODE_CLI_INITIAL_AH_VERSION env var that pins the commit the
agent host is first downloaded and started at, while leaving subsequent
upgrades to resolve the real latest version, so the full download +
restart upgrade path can be driven on demand.
(Commit message generated by Copilot)
* cli: restrict initial agent host version override to hex digits
Addresses PR review: the env var value flows into URL and filesystem
paths, so restrict it to hex digits (and trim whitespace) to prevent
path separators or traversal sequences.
* cli: drop ahp-ws dependency in favor of direct tungstenite
- Removes the external ahp-ws crate so the CLI owns its WebSocket
transport directly, avoiding a thin wrapper dependency and keeping the
transport logic alongside the existing tunnel transport.
- Updates the agent commands to the ahp 0.2 API (channel-based params,
optional snapshots, and the two-argument dispatch signature) so the
CLI compiles against the pinned crate versions again.
(Commit message generated by Copilot)
* cli: deduplicate WebSocket transport adapter
- Replaces the separate WsTransport and TunnelWsTransport implementations
with a single generic WsTransport over the stream type plus an optional
keep-alive guard, so the direct and tunnel connections share one
send/recv/close adapter and cannot drift apart.
(Commit message generated by Copilot)
- ensure_supervisor_running now runs as a background task driven by
tokio::spawn, so the tunnel control server and command-shell can
start accepting connections immediately instead of waiting for the
supervisor to come up.
- handle_serve (and the agent-host port forwarder) await the shared
future on demand and mix the bridge endpoint into the per-request
code_server_args. Supervisor failure is logged as a warning so editing
and the extension host keep working; the renderer just misses
agentHostProxy.
- This eliminates the startup stall that was sporadically tripping
remote SSH's 450ms command-shell ready timeout.
Fixes#317714
(Commit message generated by Copilot)
When the VS Code server binary is extracted without execute permissions
or loses them (e.g. on network filesystems, after interrupted downloads,
or when copied without preserving permissions), spawning the server fails
with 'Permission denied'. The previous code treated this as generic
'ServerUnexpectedExit' corruption, triggering a useless re-download loop
that never fixes the actual problem.
Changes:
- Add ensure_executable() helper that checks and restores +x on Unix
before attempting to spawn the server binary.
- Add ServerNotExecutable error variant so permission failures are
reported clearly instead of being lumped into ServerUnexpectedExit.
- Skip the 'evict on corruption' logic for permission errors, since
re-downloading cannot fix a filesystem permission issue.
Fixes the root cause where VS Code Remote-SSH shows generic connection
failure popups while the actual error ('Permission denied on server
binary') is hidden in remote logs.
Replaces the exact-match version check in `ProtocolServerHandler._handleInitialize`
with a semver-caret negotiator (`negotiateProtocolVersion`) that picks the
highest offered version compatible with the server.
When negotiation still fails and the agent host was spawned by a managing
VS Code CLI (signalled by the new `VSCODE_AGENT_HOST_MANAGEMENT_SOCKET`
env var), the `UnsupportedProtocolVersion` error advertises a
`_meta.vscodeUpgradeMethod = "_vscodeUpgrade"` hint. The client can then
invoke that method on the same transport (callable pre-`initialize`) to
request a server upgrade.
The CLI runs a hyper-based HTTP control server on a unix socket / named
pipe. `POST /upgrade` synchronously downloads the latest release, returns
a serde-derived response (`{ok, upgradeNeeded, upgradeStarted,
runningCommit, latestCommit, restartDelayMs, error}`), and then schedules
a kill+respawn after a 3 s drain delay so the response can hop back
through the proxy before the transport drops. Single-flight via
`upgrade_in_progress: AtomicBool`; the listener is started lazily from
`AgentHostManager::start_server`.
UI:
- `RemoteAgentHostConnectionStatus.incompatible` carries `vscodeUpgradeMethod`
(read from `_meta`).
- A `watchForIncompatibleNotifications` autorun on each provider raises a
one-shot warning notification on transition into `incompatible`, with
"Update Server" (when the host advertised it) and "Show Options"
primary actions.
- `runServerUpgrade` is shared between the notification action and the
per-host quickpick. It drives a progress notification with a per-second
"Restarting in Ns..." countdown and observes `connectionStatus` so it
bails out if some other code path is already reconnecting.
The serve-web command's websocket proxy spawned the client-side hyper connection without `.with_upgrades()`, so `hyper::upgrade::on(&mut res)` rejected the upgrade with "upgrade expected but low level API in use" and the websocket failed to establish.
- Spawn `connection.with_upgrades()` in `forward_ws_req_to_server` to mirror the server side and the equivalent agent-host proxy.
Fixes https://github.com/microsoft/vscode/issues/315448
(Commit message generated by Copilot)
When the archive contained fewer than 20 entries, `archive.len() / 20`
evaluated to 0 and the subsequent `i % report_progress_every` operation
panicked with 'attempt to calculate the remainder with a divisor of zero'.
Clamp the divisor to a minimum of 1.
(Written by Copilot)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Shorten background update check interval from 24h to 6h so newly
published server versions are picked up sooner after auto-shutdown.
- Don't store the child into self.running when it exits before signaling
ready. Previously a failed startup left a dead child in running
forever, wedging ensure_server() so it could never restart the server.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Mark agent-host > agent as a native cli command
- Update to final tunnel URI format
- Lock to Github auth for agent host tunnels (matching agents app logic)
* Revert "agentHost: Hook up isRead/isDone (#308107)"
This reverts commit a3d69b7767.
* Revert "agentHost: support connections over tunnels (#307948)"
This reverts commit 75f21d0a8d.
