feat(core): wire secrets backend config

2026-04-24 14:45:27 +00:00 · 2026-01-28 23:35:47 -08:00
parent 998eb8f32b
commit 54fe586e08
7 changed files with 66 additions and 0 deletions
--- a/codex-rs/Cargo.lock
+++ b/codex-rs/Cargo.lock
@@ -1508,6 +1508,7 @@ dependencies = [
 "codex-otel",
 "codex-protocol",
 "codex-rmcp-client",
+ "codex-secrets",
 "codex-state",
 "codex-utils-absolute-path",
 "codex-utils-cargo-bin",
--- a/codex-rs/core/Cargo.toml
+++ b/codex-rs/core/Cargo.toml
@@ -38,6 +38,7 @@ codex-keyring-store = { workspace = true }
 codex-otel = { workspace = true }
 codex-protocol = { workspace = true }
 codex-rmcp-client = { workspace = true }
+codex-secrets = { workspace = true }
 codex-state = { workspace = true }
 codex-utils-absolute-path = { workspace = true }
 codex-utils-home-dir = { workspace = true }
--- a/codex-rs/core/config.schema.json
+++ b/codex-rs/core/config.schema.json
@@ -881,6 +881,26 @@
      },
      "type": "object"
    },
+    "SecretsBackendKind": {
+      "enum": [
+        "local"
+      ],
+      "type": "string"
+    },
+    "SecretsConfigToml": {
+      "additionalProperties": false,
+      "properties": {
+        "backend": {
+          "allOf": [
+            {
+              "$ref": "#/definitions/SecretsBackendKind"
+            }
+          ],
+          "default": null
+        }
+      },
+      "type": "object"
+    },
    "ShellEnvironmentPolicyInherit": {
      "oneOf": [
        {
@@ -1491,6 +1511,15 @@
      ],
      "description": "Sandbox configuration to apply if `sandbox` is `WorkspaceWrite`."
    },
+    "secrets": {
+      "allOf": [
+        {
+          "$ref": "#/definitions/SecretsConfigToml"
+        }
+      ],
+      "default": null,
+      "description": "Secrets configuration. Defaults to a local encrypted file backend."
+    },
    "shell_environment_policy": {
      "allOf": [
        {
--- a/codex-rs/core/src/config/mod.rs
+++ b/codex-rs/core/src/config/mod.rs
@@ -13,6 +13,7 @@ use crate::config::types::OtelConfig;
 use crate::config::types::OtelConfigToml;
 use crate::config::types::OtelExporterKind;
 use crate::config::types::SandboxWorkspaceWrite;
+use crate::config::types::SecretsConfigToml;
 use crate::config::types::ShellEnvironmentPolicy;
 use crate::config::types::ShellEnvironmentPolicyToml;
 use crate::config::types::SkillsConfig;
@@ -42,6 +43,7 @@ use crate::project_doc::DEFAULT_PROJECT_DOC_FILENAME;
 use crate::project_doc::LOCAL_PROJECT_DOC_FILENAME;
 use crate::protocol::AskForApproval;
 use crate::protocol::SandboxPolicy;
+use crate::secrets::SecretsBackendKind;
 use crate::windows_sandbox::WindowsSandboxLevelExt;
 use codex_app_server_protocol::Tools;
 use codex_app_server_protocol::UserSavedConfig;
@@ -235,6 +237,9 @@ pub struct Config {
    /// auto: Use the OS-specific keyring service if available, otherwise use a file.
    pub cli_auth_credentials_store_mode: AuthCredentialsStoreMode,

+    /// Active secrets backend. Defaults to the local encrypted file backend.
+    pub secrets_backend: SecretsBackendKind,
+
    /// Definition for MCP servers that Codex can reach out to for tool calls.
    pub mcp_servers: Constrained<HashMap<String, McpServerConfig>>,

@@ -854,6 +859,10 @@ pub struct ConfigToml {
    #[serde(default)]
    pub cli_auth_credentials_store: Option<AuthCredentialsStoreMode>,

+    /// Secrets configuration. Defaults to a local encrypted file backend.
+    #[serde(default)]
+    pub secrets: Option<SecretsConfigToml>,
+
    /// Definition for MCP servers that Codex can reach out to for tool calls.
    #[serde(default)]
    // Uses the raw MCP input shape (custom deserialization) rather than `McpServerConfig`.
@@ -1482,6 +1491,11 @@ impl Config {
            });

        let forced_login_method = cfg.forced_login_method;
+        let secrets_backend = cfg
+            .secrets
+            .as_ref()
+            .and_then(|secrets| secrets.backend)
+            .unwrap_or_default();

        let model = model.or(config_profile.model).or(cfg.model);

@@ -1571,6 +1585,7 @@ impl Config {
            // The config.toml omits "_mode" because it's a config file. However, "_mode"
            // is important in code to differentiate the mode from the store implementation.
            cli_auth_credentials_store_mode: cfg.cli_auth_credentials_store.unwrap_or_default(),
+            secrets_backend,
            mcp_servers,
            // The config.toml omits "_mode" because it's a config file. However, "_mode"
            // is important in code to differentiate the mode from the store implementation.
@@ -3797,6 +3812,7 @@ model_verbosity = "high"
                notify: None,
                cwd: fixture.cwd(),
                cli_auth_credentials_store_mode: Default::default(),
+                secrets_backend: SecretsBackendKind::Local,
                mcp_servers: Constrained::allow_any(HashMap::new()),
                mcp_oauth_credentials_store_mode: Default::default(),
                mcp_oauth_callback_port: None,
@@ -3882,6 +3898,7 @@ model_verbosity = "high"
            notify: None,
            cwd: fixture.cwd(),
            cli_auth_credentials_store_mode: Default::default(),
+            secrets_backend: SecretsBackendKind::Local,
            mcp_servers: Constrained::allow_any(HashMap::new()),
            mcp_oauth_credentials_store_mode: Default::default(),
            mcp_oauth_callback_port: None,
@@ -3982,6 +3999,7 @@ model_verbosity = "high"
            notify: None,
            cwd: fixture.cwd(),
            cli_auth_credentials_store_mode: Default::default(),
+            secrets_backend: SecretsBackendKind::Local,
            mcp_servers: Constrained::allow_any(HashMap::new()),
            mcp_oauth_credentials_store_mode: Default::default(),
            mcp_oauth_callback_port: None,
@@ -4068,6 +4086,7 @@ model_verbosity = "high"
            notify: None,
            cwd: fixture.cwd(),
            cli_auth_credentials_store_mode: Default::default(),
+            secrets_backend: SecretsBackendKind::Local,
            mcp_servers: Constrained::allow_any(HashMap::new()),
            mcp_oauth_credentials_store_mode: Default::default(),
            mcp_oauth_callback_port: None,
--- a/codex-rs/core/src/config/types.rs
+++ b/codex-rs/core/src/config/types.rs
@@ -4,6 +4,7 @@
 // definitions that do not contain business logic.

 use crate::config_loader::RequirementSource;
+use crate::secrets::SecretsBackendKind;
 pub use codex_protocol::config_types::AltScreenMode;
 pub use codex_protocol::config_types::ModeKind;
 pub use codex_protocol::config_types::Personality;
@@ -24,6 +25,13 @@ use serde::de::Error as SerdeError;

 pub const DEFAULT_OTEL_ENVIRONMENT: &str = "dev";

+#[derive(Serialize, Deserialize, Debug, Clone, Default, PartialEq, Eq, JsonSchema)]
+#[schemars(deny_unknown_fields)]
+pub struct SecretsConfigToml {
+    #[serde(default)]
+    pub backend: Option<SecretsBackendKind>,
+}
+
 #[derive(Debug, Clone, PartialEq, Eq)]
 pub enum McpServerDisabledReason {
    Unknown,
--- a/codex-rs/core/src/lib.rs
+++ b/codex-rs/core/src/lib.rs
@@ -91,6 +91,7 @@ pub mod project_doc;
 mod rollout;
 pub(crate) mod safety;
 pub mod seatbelt;
+pub mod secrets;
 pub mod shell;
 pub mod shell_snapshot;
 pub mod skills;
--- a/codex-rs/core/src/secrets/mod.rs
+++ b/codex-rs/core/src/secrets/mod.rs
@@ -0,0 +1,7 @@
+pub use codex_secrets::LocalSecretsBackend;
+pub use codex_secrets::SecretListEntry;
+pub use codex_secrets::SecretName;
+pub use codex_secrets::SecretScope;
+pub use codex_secrets::SecretsBackendKind;
+pub use codex_secrets::SecretsManager;
+pub use codex_secrets::environment_id_from_cwd;