CLA Assistant Lite bot:
Thank you for your submission, we really appreciate it. Like many open-source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution. You can sign the CLA by just posting a Pull Request Comment same as the below format.

I have read the CLA Document and I hereby sign the CLA

_{You can retrigger this bot by commenting recheck in this Pull Request}

Thanks for the fix @aaronlehmann 🥳

This is a good find, and we should handle this more gracefully. What should the behavior be 🤔?

This does fix the panic, but introduces the possibility of removing lines not added by Coder.

If the headers are out of order:

# Content before coder block
# ------------END-CODER------------
# ------------START-CODER-----------
# Content after coder block

The result is this:

# Content before coder block
# ------------END-CODER------------
# ------------START-CODER-----------
# Content after coder block
# ------------START-CODER-----------
# This section is managed by coder. DO NOT EDIT.
#
# You should not hand-edit this section unless you are removing it, all
# changes will be lost when running "coder config-ssh".
#
# ------------END-CODER------------

Which if I feed back in as input, the first START-CODER is now the first instance, and Content after coder block is removed:

# Content before coder block
# ------------END-CODER------------
# ------------START-CODER-----------
# This section is managed by coder. DO NOT EDIT.
#
# You should not hand-edit this section unless you are removing it, all
# changes will be lost when running "coder config-ssh".
#
# ------------END-CODER------------

I think if we detect these are out of order, we should maybe just return a message to the user that their ssh config is malformed and needs to be fixed by hand?

One option is to make sshConfigGetCoderSection return an error as well if the order is incorrect. If we check for the headers out of order, we should also check the headers appear only once. If sshStartToken or sshEndToken appear more than once, we would also want to warn the user something is wrong with their config, and make them fix it by hand.

It is better than accidentally removing something we did not write imo.

Unit test

We should add this unit test case to configssh_test.go

https://github.com/coder/coder/blob/main/cli/configssh_test.go#L531-L531

		{
			name: "Start/End out of order",
			matches: []match{
				{match: "Continue?", write: "yes"},
			},
			writeConfig: writeConfig{
				ssh: strings.Join([]string{
					"# Content before coder block",
					headerEnd,
					headerStart,
					"# Content after coder block",
				}, "\n"),
			},
			wantConfig: wantConfig{
				ssh: strings.Join([]string{
					// TODO: What is the expected behavior here?
				}, "\n"),
			},
			wantErr: false,
		},

@aaronlehmann what do you think about returning an error if the headers are out of order and return an error if there is more than 1 header in the config?

what do you think about returning an error if the headers are out of order and return an error if there is more than 1 header in the config?

That sounds good to me. I'm currently waiting to confirm my employer doesn't object to me agreeing to the CLA, but if you want to tackle this that's fine with me (or feel free to wait until I hear back about the CLA, then I can take a look).

@aaronlehmann I have some other things going on, so won't be able to touch this for a bit (days). Will keep and eye on this thread and will post here if I do any work on it though 👍

This Pull Request is becoming stale. In order to minimize WIP, prevent merge conflicts and keep the tracker readable, I'm going close to this PR in 3 days if there isn't more activity.

I am making a branch that fixes this by throwing an error if the ssh config is malformed.

Fixed here: #6000

Thanks!