Description
Problem:
DNS entries consist of labels separated by a period (.
), where each label may be up to 64 characters in length.
When exposing a coder_app
, we forward requests that match the DNS label <app_name>.<agent-name>.<workspace_name>.<user_name>
. Unfortunately, this can exceed 63 characters.
Result: confusion as to why a coder_app in one workspace works, and another with a longer name is inaccessible with an NXDOMAIN error.
Possible Solutions
1. Validate at workspace planning stage
When creating a workspace, enforce an upper limit on the length of a coder_app
such that len(app.Name) + len(agent.Name) + len(workspace.Name) + len(user.Username) < 65
. This would be detected at the Terraform plan stage.
Note: There is a pathological case here where one or more of the above fields already add up to more than 64 characters. We could potentially also add upper limits on the length of the component fields, but this becomes problematic in the case of OIDC logins where we automatically generate the username based on claims.