#2991 disables the chainloop auth login mechanism from opening a browser entirely. I am using it over SSH, but would want to maintain opening a browser.
For now the workaround I use is SSH_CLIENT= SSH_TTY= SSH_CONNECTION= chainloop auth login if I want a browser, and SSH_CLIENT= SSH_TTY= SSH_CONNECTION= chainloop auth login. And SSH_TTY=$(tty) chainloop auth login if I explicitly do not want the browser open.
I've seen different approaches to this - gcloud requires DISPLAY to be set, tools like claude and some other commands always attempt to open the browser and provide a fallback URL in place.
I like the auto-discovery mechanism, perhaps it should be that the default is to figure out if a browser should be open or not. But I'd also like a way to configure chainloop to open/not open browser by default. It could be a CLI option, an environment variable or some per-user configuration. Or a combination of all of the above.
This way I can configure my machine to always / never open a browser, based on my default flow.
Also, it would be great to have a full featured --headless mode, so I would not have to copy-paste the token back. Similar to how GitHub CLI does it - a client gets its 8-10 character ID generated. Then link to perform the authentication has that ID, or the web UI expects that ID passed in. I can compare the device ID in the web UI and my console. Then, if I approve it, the flow will pass the token back to the client. Without me having to copy-paste anything.
#2991 disables the
chainloop auth loginmechanism from opening a browser entirely. I am using it over SSH, but would want to maintain opening a browser.For now the workaround I use is
SSH_CLIENT= SSH_TTY= SSH_CONNECTION= chainloop auth loginif I want a browser, andSSH_CLIENT= SSH_TTY= SSH_CONNECTION= chainloop auth login. AndSSH_TTY=$(tty) chainloop auth loginif I explicitly do not want the browser open.I've seen different approaches to this -
gcloudrequiresDISPLAYto be set, tools likeclaudeand some other commands always attempt to open the browser and provide a fallback URL in place.I like the auto-discovery mechanism, perhaps it should be that the default is to figure out if a browser should be open or not. But I'd also like a way to configure
chainloopto open/not open browser by default. It could be a CLI option, an environment variable or some per-user configuration. Or a combination of all of the above.This way I can configure my machine to always / never open a browser, based on my default flow.
Also, it would be great to have a full featured
--headlessmode, so I would not have to copy-paste the token back. Similar to how GitHub CLI does it - a client gets its 8-10 character ID generated. Then link to perform the authentication has that ID, or the web UI expects that ID passed in. I can compare the device ID in the web UI and my console. Then, if I approve it, the flow will pass the token back to the client. Without me having to copy-paste anything.