Coder.comC
Coder.comโ€ข5mo agoโ€ข
10 replies
Tom

coder_agent.main.token is not valid in windows workspace

Hey guys, I'm working on setting up coder with GitLab external-auth on a windows workspace, provisioned via Azure. After a lot of reading, I've found that I need to pipe in CODER_AGENT_TOKEN and CODER_AGENT_URL so I can have the my GIT_ASKPASS script dyamically fetch the token for GitLab - I've done that as follows in my tf file:

...
resource "coder_agent" "main" {
  arch          = "amd64"
  auth          = "azure-instance-identity"
  os            = "windows"
  api_key_scope = "all"
}

resource "azurerm_windows_virtual_machine" "main" {
  ...
  custom_data = base64encode(
    templatefile("${path.module}/Initialize.ps1.tftpl", {
      ...
      coder_agent_token         = coder_agent.main.token
      coder_agent_url           = data.coder_workspace.me.access_url
    })
  )
...


And then inside of Initialize.ps1.tftpl:

...
[System.Environment]::SetEnvironmentVariable("CODER_AGENT_TOKEN", "${coder_agent_token}", "User")
[System.Environment]::SetEnvironmentVariable("CODER_AGENT_URL", "${coder_agent_url}", "User")
# I also tried setting the above at "Machine" scope, results the same as desribed below


When I RDP into my workspace, I can run Get-ChildItem Env: and see that both of those variables are in fact set. However, when I run coder external-auth access-token gitlab, I hit the following error:

Encountered an error running "coder external-auth access-token", see "coder external-auth access-token --help" for more information
error: Trace=[get external auth token: ]
Workspace agent not authorized.


It seems that the value of coder_agent.main.token is not valid for whatever reason. If you have any pointers as to why that might be, I'd be super grateful. Thank you so much!
Was this page helpful?