Prevent variable expansion in header command

[code-asher]

It is better to let them expand when they run in the Coder CLI because one might use $CODER_URL which will not yet be set if it is expanded before the proxy command is actually ran. We should pass the header command literally to the CLI so the expansion happens in that context (where CODER_URL will be set) instead.

I think we can do this by simply wrapping the --header-command value in single quotes, although I am not sure if Windows has a different story.

As far as bash-like shells go, wrapping in single quotes means we should also escape single quotes already in the header command which means using something like '"'"' or '\'', I believe.

Related: #335 (the header command contains $CODER_URL which expands to nothing because it is not set in the context of the Java process making the SSH connection, causing the header command and consequently the proxy command and then the connection itself to fail).

[code-asher]

I am reading that for Windows one way to prevent expansion is to use double quotes: %"var"%. The double quotes would get removed by the shell, then Coder ends up running %var%. Also, with cmd.exe single quotes are treated as part of the value, apparently. So I think we want to only use single quotes on non-Windows machines, or at least when using cmd.exe (Powershell handles them like Bash, supposedly).

So, on Windows we might need to quote environment variables like this, although I think we leave it for now unless we see users actually running into the issue.

I wonder if this can be worked around for now with something like '$'CODER_URL. Nevermind, stuff like this will not work because when the plugin executes the command to add headers to the API calls it will not undergo the same double-expansion. I suppose an alternate solution would be to do double expansion.