mirror of
https://github.com/openai/codex.git
synced 2026-05-19 02:33:10 +00:00
4d201e340e
## Why SQLite state was still being opened from consumer paths, including lazy `OnceCell`-backed thread-store call sites. That let one process construct multiple state DB connections for the same Codex home, which makes SQLite lock contention and `database is locked` failures much easier to hit. State DB lifetime should be chosen by main-like entrypoints and tests, then passed through explicitly. Consumers should use the supplied `Option<StateDbHandle>` or `StateDbHandle` and keep their existing filesystem fallback or error behavior when no handle is available. The startup path also needs to keep the rollout crate in charge of SQLite state initialization. Opening `codex_state::StateRuntime` directly bypasses rollout metadata backfill, so entrypoints should initialize through `codex_rollout::state_db` and receive a handle only after required rollout backfills have completed. ## What Changed - Initialize the state DB in main-like entrypoints for CLI, TUI, app-server, exec, MCP server, and the thread-manager sample. - Pass `Option<StateDbHandle>` through `ThreadManager`, `LocalThreadStore`, app-server processors, TUI app wiring, rollout listing/recording, personality migration, shell snapshot cleanup, session-name lookup, and memory/device-key consumers. - Remove the lazy local state DB wrapper from the thread store so non-test consumers use only the supplied handle or their existing fallback path. - Make `codex_rollout::state_db::init` the local state startup path: it opens/migrates SQLite, runs rollout metadata backfill when needed, waits for concurrent backfill workers up to a bounded timeout, verifies completion, and then returns the initialized handle. - Keep optional/non-owning SQLite helpers, such as remote TUI local reads, as open-only paths that do not run startup backfill. - Switch app-server startup from direct `codex_state::StateRuntime::init` to the rollout state initializer so app-server cannot skip rollout backfill. - Collapse split rollout lookup/list APIs so callers use the normal methods with an optional state handle instead of `_with_state_db` variants. - Restore `getConversationSummary(ThreadId)` to delegate through `ThreadStore::read_thread` instead of a LocalThreadStore-specific rollout path special case. - Keep DB-backed rollout path lookup keyed on the DB row and file existence, without imposing the filesystem filename convention on existing DB rows. - Verify readable DB-backed rollout paths against `session_meta.id` before returning them, so a stale SQLite row that points at another thread's JSONL falls back to filesystem search and read-repairs the DB row. - Keep `debug prompt-input` filesystem-only so a one-off debug command does not initialize or backfill SQLite state just to print prompt input. - Keep goal-session test Codex homes alive only in the goal-specific helper, rather than leaking tempdirs from the shared session test helper. - Update tests and call sites to pass explicit state handles where DB behavior is expected and explicit `None` where filesystem-only behavior is intended. ## Validation - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo check -p codex-rollout -p codex-thread-store -p codex-app-server -p codex-core -p codex-tui -p codex-exec -p codex-cli --tests` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-rollout state_db_` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-rollout find_thread_path` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-rollout find_thread_path -- --nocapture` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-rollout try_init_ -- --nocapture` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-rollout` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo clippy -p codex-rollout --lib -- -D warnings` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-thread-store read_thread_falls_back_when_sqlite_path_points_to_another_thread -- --nocapture` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-thread-store` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-core shell_snapshot` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-core --test all personality_migration` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-core --test all rollout_list_find` - `RUST_MIN_STACK=8388608 CODEX_SKIP_VENDORED_BWRAP=1 CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-core --test all rollout_list_find::find_prefers_sqlite_path_by_id -- --nocapture` - `RUST_MIN_STACK=8388608 CODEX_SKIP_VENDORED_BWRAP=1 CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-core --test all rollout_list_find -- --nocapture` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-core interrupt_accounts_active_goal_before_pausing` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-app-server get_auth_status -- --test-threads=1` - `CODEX_SKIP_VENDORED_BWRAP=1 CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo test -p codex-app-server --lib` - `CODEX_SKIP_VENDORED_BWRAP=1 CARGO_TARGET_DIR=/tmp/codex-target-state-db cargo check -p codex-rollout -p codex-app-server --tests` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db just fix -p codex-rollout -p codex-thread-store -p codex-core -p codex-app-server -p codex-tui -p codex-exec -p codex-cli` - `CODEX_SKIP_VENDORED_BWRAP=1 CARGO_TARGET_DIR=/tmp/codex-target-state-db just fix -p codex-rollout -p codex-app-server` - `CARGO_TARGET_DIR=/tmp/codex-target-state-db just fix -p codex-rollout` - `CODEX_SKIP_VENDORED_BWRAP=1 CARGO_TARGET_DIR=/tmp/codex-target-state-db just fix -p codex-core` - `just argument-comment-lint -p codex-core` - `just argument-comment-lint -p codex-rollout` Focused coverage added in `codex-rollout`: - `recorder::tests::state_db_init_backfills_before_returning` verifies the rollout metadata row exists before startup init returns. - `state_db::tests::try_init_waits_for_concurrent_startup_backfill` verifies startup waits for another worker to finish backfill instead of disabling the handle for the process. - `state_db::tests::try_init_times_out_waiting_for_stuck_startup_backfill` verifies startup does not hang indefinitely on a stuck backfill lease. - `tests::find_thread_path_accepts_existing_state_db_path_without_canonical_filename` verifies DB-backed lookup accepts valid existing rollout paths even when the filename does not include the thread UUID. - `tests::find_thread_path_falls_back_when_db_path_points_to_another_thread` verifies DB-backed lookup ignores a stale row whose existing path belongs to another thread and read-repairs the row after filesystem fallback. Focused coverage updated in `codex-core`: - `rollout_list_find::find_prefers_sqlite_path_by_id` now uses a DB-preferred rollout file with matching `session_meta.id`, so it still verifies that valid SQLite paths win without depending on stale/empty rollout contents. `cargo test -p codex-app-server thread_list_respects_search_term_filter -- --test-threads=1 --nocapture` was attempted locally but timed out waiting for the app-server test harness `initialize` response before reaching the changed thread-list code path. `bazel test //codex-rs/thread-store:thread-store-unit-tests --test_output=errors` was attempted locally after the thread-store fix, but this container failed before target analysis while fetching `v8+` through BuildBuddy/direct GitHub. The equivalent local crate coverage, including `cargo test -p codex-thread-store`, passes. A plain local `cargo check -p codex-rollout -p codex-app-server --tests` also requires system `libcap.pc` for `codex-linux-sandbox`; the follow-up app-server check above used `CODEX_SKIP_VENDORED_BWRAP=1` in this container.
374 lines
14 KiB
Rust
374 lines
14 KiB
Rust
use std::collections::BTreeMap;
|
|
use std::collections::HashMap;
|
|
use std::io::IsTerminal;
|
|
use std::io::Read;
|
|
use std::io::Write;
|
|
use std::sync::Arc;
|
|
|
|
use anyhow::Context;
|
|
use anyhow::bail;
|
|
use clap::Parser;
|
|
use codex_core_api::AbsolutePathBuf;
|
|
use codex_core_api::AltScreenMode;
|
|
use codex_core_api::ApprovalsReviewer;
|
|
use codex_core_api::Arg0DispatchPaths;
|
|
use codex_core_api::AskForApproval;
|
|
use codex_core_api::AuthCredentialsStoreMode;
|
|
use codex_core_api::AuthManager;
|
|
use codex_core_api::CodexThread;
|
|
use codex_core_api::Config;
|
|
use codex_core_api::ConfigLayerStack;
|
|
use codex_core_api::Constrained;
|
|
use codex_core_api::EnvironmentManager;
|
|
use codex_core_api::EnvironmentManagerArgs;
|
|
use codex_core_api::EventMsg;
|
|
use codex_core_api::ExecServerRuntimePaths;
|
|
use codex_core_api::Features;
|
|
use codex_core_api::GhostSnapshotConfig;
|
|
use codex_core_api::History;
|
|
use codex_core_api::MemoriesConfig;
|
|
use codex_core_api::ModelAvailabilityNuxConfig;
|
|
use codex_core_api::MultiAgentV2Config;
|
|
use codex_core_api::NewThread;
|
|
use codex_core_api::Notice;
|
|
use codex_core_api::OAuthCredentialsStoreMode;
|
|
use codex_core_api::OPENAI_PROVIDER_ID;
|
|
use codex_core_api::Op;
|
|
use codex_core_api::OtelConfig;
|
|
use codex_core_api::PermissionProfile;
|
|
use codex_core_api::Permissions;
|
|
use codex_core_api::ProjectConfig;
|
|
use codex_core_api::RealtimeAudioConfig;
|
|
use codex_core_api::RealtimeConfig;
|
|
use codex_core_api::SessionSource;
|
|
use codex_core_api::ShellEnvironmentPolicy;
|
|
use codex_core_api::TerminalResizeReflowConfig;
|
|
use codex_core_api::ThreadManager;
|
|
use codex_core_api::ThreadStoreConfig;
|
|
use codex_core_api::ToolSuggestConfig;
|
|
use codex_core_api::TuiKeymap;
|
|
use codex_core_api::TuiNotificationSettings;
|
|
use codex_core_api::UriBasedFileOpener;
|
|
use codex_core_api::UserInput;
|
|
use codex_core_api::WebSearchMode;
|
|
use codex_core_api::arg0_dispatch_or_else;
|
|
use codex_core_api::built_in_model_providers;
|
|
use codex_core_api::find_codex_home;
|
|
use codex_core_api::init_state_db;
|
|
use codex_core_api::item_event_to_server_notification;
|
|
use codex_core_api::set_default_originator;
|
|
use codex_core_api::thread_store_from_config;
|
|
|
|
#[derive(Debug, Parser)]
|
|
#[command(
|
|
name = "codex-thread-manager-sample",
|
|
about = "Run one Codex turn through ThreadManager and print mapped notifications as newline-delimited JSON."
|
|
)]
|
|
struct Args {
|
|
/// Override the model for this run.
|
|
#[arg(long, value_name = "MODEL")]
|
|
model: Option<String>,
|
|
|
|
/// Prompt text. If omitted, the prompt is read from piped stdin.
|
|
#[arg(value_name = "PROMPT", num_args = 0.., trailing_var_arg = true)]
|
|
prompt: Vec<String>,
|
|
}
|
|
|
|
fn main() -> anyhow::Result<()> {
|
|
arg0_dispatch_or_else(run_main)
|
|
}
|
|
|
|
async fn run_main(arg0_paths: Arg0DispatchPaths) -> anyhow::Result<()> {
|
|
if let Err(err) = set_default_originator("codex_thread_manager_sample".to_string()) {
|
|
tracing::warn!("failed to set originator: {err:?}");
|
|
}
|
|
|
|
let args = Args::parse();
|
|
let prompt = if args.prompt.is_empty() {
|
|
if std::io::stdin().is_terminal() {
|
|
bail!("no prompt provided; pass a prompt argument or pipe one into stdin");
|
|
}
|
|
|
|
let mut prompt = String::new();
|
|
std::io::stdin()
|
|
.read_to_string(&mut prompt)
|
|
.context("read prompt from stdin")?;
|
|
let prompt = prompt.replace("\r\n", "\n").replace('\r', "\n");
|
|
if prompt.trim().is_empty() {
|
|
bail!("no prompt provided via stdin");
|
|
}
|
|
prompt
|
|
} else {
|
|
args.prompt.join(" ")
|
|
};
|
|
|
|
let config = new_config(args.model, arg0_paths)?;
|
|
let state_db = init_state_db(&config).await;
|
|
|
|
let auth_manager =
|
|
AuthManager::shared_from_config(&config, /*enable_codex_api_key_env*/ false).await;
|
|
let local_runtime_paths = ExecServerRuntimePaths::from_optional_paths(
|
|
config.codex_self_exe.clone(),
|
|
config.codex_linux_sandbox_exe.clone(),
|
|
)?;
|
|
let thread_store = thread_store_from_config(&config, state_db.clone());
|
|
let environment_manager =
|
|
Arc::new(EnvironmentManager::new(EnvironmentManagerArgs::new(local_runtime_paths)).await);
|
|
let thread_manager = ThreadManager::new(
|
|
&config,
|
|
auth_manager,
|
|
SessionSource::Exec,
|
|
environment_manager,
|
|
/*analytics_events_client*/ None,
|
|
Arc::clone(&thread_store),
|
|
state_db,
|
|
);
|
|
|
|
let NewThread {
|
|
thread_id, thread, ..
|
|
} = thread_manager
|
|
.start_thread(config)
|
|
.await
|
|
.context("start Codex thread")?;
|
|
|
|
let thread_id_string = thread_id.to_string();
|
|
let turn_output = run_turn(&thread, &thread_id_string, prompt).await;
|
|
let shutdown_result = thread.shutdown_and_wait().await;
|
|
let _ = thread_manager.remove_thread(&thread_id).await;
|
|
|
|
turn_output?;
|
|
shutdown_result.context("shut down Codex thread")?;
|
|
|
|
Ok(())
|
|
}
|
|
|
|
fn new_config(model: Option<String>, arg0_paths: Arg0DispatchPaths) -> anyhow::Result<Config> {
|
|
let codex_home = find_codex_home().context("find Codex home")?;
|
|
let cwd = AbsolutePathBuf::current_dir().context("resolve current directory")?;
|
|
let model_provider_id = OPENAI_PROVIDER_ID.to_string();
|
|
let model_providers = built_in_model_providers(/*openai_base_url*/ None);
|
|
let model_provider = model_providers
|
|
.get(&model_provider_id)
|
|
.context("OpenAI model provider should be available")?
|
|
.clone();
|
|
|
|
let mut config = Config {
|
|
config_layer_stack: ConfigLayerStack::default(),
|
|
startup_warnings: Vec::new(),
|
|
model,
|
|
service_tier: None,
|
|
review_model: None,
|
|
model_context_window: None,
|
|
model_auto_compact_token_limit: None,
|
|
model_provider_id,
|
|
model_provider,
|
|
personality: None,
|
|
permissions: Permissions {
|
|
approval_policy: Constrained::allow_any(AskForApproval::Never),
|
|
permission_profile: Constrained::allow_any(PermissionProfile::read_only()),
|
|
active_permission_profile: None,
|
|
network: None,
|
|
allow_login_shell: true,
|
|
shell_environment_policy: ShellEnvironmentPolicy::default(),
|
|
windows_sandbox_mode: None,
|
|
windows_sandbox_private_desktop: true,
|
|
},
|
|
approvals_reviewer: ApprovalsReviewer::User,
|
|
enforce_residency: Constrained::allow_any(/*initial_value*/ None),
|
|
hide_agent_reasoning: false,
|
|
show_raw_agent_reasoning: false,
|
|
user_instructions: None,
|
|
base_instructions: None,
|
|
developer_instructions: None,
|
|
guardian_policy_config: None,
|
|
include_permissions_instructions: false,
|
|
include_apps_instructions: false,
|
|
include_skill_instructions: false,
|
|
include_environment_context: false,
|
|
compact_prompt: None,
|
|
commit_attribution: None,
|
|
notify: None,
|
|
tui_notifications: TuiNotificationSettings::default(),
|
|
animations: true,
|
|
show_tooltips: true,
|
|
model_availability_nux: ModelAvailabilityNuxConfig::default(),
|
|
tui_alternate_screen: AltScreenMode::Auto,
|
|
tui_status_line: None,
|
|
tui_status_line_use_colors: true,
|
|
tui_terminal_title: None,
|
|
tui_theme: None,
|
|
terminal_resize_reflow: TerminalResizeReflowConfig::default(),
|
|
tui_keymap: TuiKeymap::default(),
|
|
tui_vim_mode_default: false,
|
|
cwd,
|
|
cli_auth_credentials_store_mode: AuthCredentialsStoreMode::File,
|
|
mcp_servers: Constrained::allow_any(HashMap::new()),
|
|
mcp_oauth_credentials_store_mode: OAuthCredentialsStoreMode::File,
|
|
mcp_oauth_callback_port: None,
|
|
mcp_oauth_callback_url: None,
|
|
model_providers,
|
|
project_doc_max_bytes: 32 * 1024,
|
|
project_doc_fallback_filenames: Vec::new(),
|
|
tool_output_token_limit: None,
|
|
agent_max_threads: Some(6),
|
|
agent_job_max_runtime_seconds: None,
|
|
agent_interrupt_message_enabled: false,
|
|
agent_max_depth: 1,
|
|
agent_roles: BTreeMap::new(),
|
|
memories: MemoriesConfig::default(),
|
|
sqlite_home: codex_home.to_path_buf(),
|
|
log_dir: codex_home.join("log").to_path_buf(),
|
|
config_lock_export_dir: None,
|
|
config_lock_allow_codex_version_mismatch: false,
|
|
config_lock_save_fields_resolved_from_model_catalog: true,
|
|
config_lock_toml: None,
|
|
codex_home,
|
|
history: History::default(),
|
|
ephemeral: true,
|
|
file_opener: UriBasedFileOpener::VsCode,
|
|
codex_self_exe: arg0_paths.codex_self_exe,
|
|
codex_linux_sandbox_exe: arg0_paths.codex_linux_sandbox_exe,
|
|
main_execve_wrapper_exe: arg0_paths.main_execve_wrapper_exe,
|
|
zsh_path: None,
|
|
model_reasoning_effort: None,
|
|
plan_mode_reasoning_effort: None,
|
|
model_reasoning_summary: None,
|
|
model_supports_reasoning_summaries: None,
|
|
model_catalog: None,
|
|
model_verbosity: None,
|
|
chatgpt_base_url: "https://chatgpt.com/backend-api/".to_string(),
|
|
apps_mcp_path_override: None,
|
|
realtime_audio: RealtimeAudioConfig::default(),
|
|
experimental_realtime_ws_base_url: None,
|
|
experimental_realtime_ws_model: None,
|
|
realtime: RealtimeConfig::default(),
|
|
experimental_realtime_ws_backend_prompt: None,
|
|
experimental_realtime_ws_startup_context: None,
|
|
experimental_realtime_start_instructions: None,
|
|
experimental_thread_config_endpoint: None,
|
|
experimental_thread_store: ThreadStoreConfig::Local,
|
|
forced_chatgpt_workspace_id: None,
|
|
forced_login_method: None,
|
|
include_apply_patch_tool: false,
|
|
web_search_mode: Constrained::allow_any(WebSearchMode::Disabled),
|
|
web_search_config: None,
|
|
use_experimental_unified_exec_tool: false,
|
|
background_terminal_max_timeout: 300_000,
|
|
ghost_snapshot: GhostSnapshotConfig::default(),
|
|
multi_agent_v2: MultiAgentV2Config::default(),
|
|
features: Default::default(),
|
|
suppress_unstable_features_warning: false,
|
|
active_profile: None,
|
|
active_project: ProjectConfig { trust_level: None },
|
|
windows_wsl_setup_acknowledged: false,
|
|
notices: Notice::default(),
|
|
check_for_update_on_startup: false,
|
|
disable_paste_burst: false,
|
|
analytics_enabled: Some(false),
|
|
feedback_enabled: false,
|
|
tool_suggest: ToolSuggestConfig::default(),
|
|
otel: OtelConfig::default(),
|
|
};
|
|
config
|
|
.features
|
|
.set(Features::with_defaults())
|
|
.context("configure default features")?;
|
|
Ok(config)
|
|
}
|
|
|
|
async fn run_turn(thread: &CodexThread, thread_id: &str, prompt: String) -> anyhow::Result<()> {
|
|
thread
|
|
.submit(Op::UserInput {
|
|
items: vec![UserInput::Text {
|
|
text: prompt,
|
|
text_elements: Vec::new(),
|
|
}],
|
|
environments: None,
|
|
final_output_json_schema: None,
|
|
responsesapi_client_metadata: None,
|
|
})
|
|
.await
|
|
.context("submit user input")?;
|
|
|
|
let mut current_turn_id: Option<String> = None;
|
|
let mut stdout = std::io::stdout().lock();
|
|
loop {
|
|
let event = thread.next_event().await.context("read Codex event")?;
|
|
let notification = match &event.msg {
|
|
EventMsg::TurnStarted(event) => {
|
|
current_turn_id = Some(event.turn_id.clone());
|
|
None
|
|
}
|
|
EventMsg::DynamicToolCallResponse(_)
|
|
| EventMsg::McpToolCallBegin(_)
|
|
| EventMsg::McpToolCallEnd(_)
|
|
| EventMsg::CollabAgentSpawnBegin(_)
|
|
| EventMsg::CollabAgentSpawnEnd(_)
|
|
| EventMsg::CollabAgentInteractionBegin(_)
|
|
| EventMsg::CollabAgentInteractionEnd(_)
|
|
| EventMsg::CollabWaitingBegin(_)
|
|
| EventMsg::CollabWaitingEnd(_)
|
|
| EventMsg::CollabCloseBegin(_)
|
|
| EventMsg::CollabCloseEnd(_)
|
|
| EventMsg::CollabResumeBegin(_)
|
|
| EventMsg::CollabResumeEnd(_)
|
|
| EventMsg::AgentMessageContentDelta(_)
|
|
| EventMsg::PlanDelta(_)
|
|
| EventMsg::ReasoningContentDelta(_)
|
|
| EventMsg::ReasoningRawContentDelta(_)
|
|
| EventMsg::AgentReasoningSectionBreak(_)
|
|
| EventMsg::ItemStarted(_)
|
|
| EventMsg::ItemCompleted(_)
|
|
| EventMsg::PatchApplyBegin(_)
|
|
| EventMsg::PatchApplyUpdated(_)
|
|
| EventMsg::TerminalInteraction(_)
|
|
| EventMsg::ExecCommandBegin(_)
|
|
| EventMsg::ExecCommandOutputDelta(_)
|
|
| EventMsg::ExecCommandEnd(_) => Some(item_event_to_server_notification(
|
|
event.msg.clone(),
|
|
thread_id,
|
|
current_turn_id
|
|
.as_deref()
|
|
.context("mapped notification arrived before turn started")?,
|
|
)),
|
|
_ => None,
|
|
};
|
|
if let Some(notification) = notification {
|
|
serde_json::to_writer(&mut stdout, ¬ification)
|
|
.context("serialize mapped notification")?;
|
|
stdout
|
|
.write_all(b"\n")
|
|
.context("write notification newline")?;
|
|
stdout.flush().context("flush notification output")?;
|
|
}
|
|
|
|
match event.msg {
|
|
EventMsg::TurnComplete(_) => {
|
|
return Ok(());
|
|
}
|
|
EventMsg::Error(event) => {
|
|
bail!(event.message);
|
|
}
|
|
EventMsg::TurnAborted(_) => {
|
|
bail!("turn aborted");
|
|
}
|
|
EventMsg::ExecApprovalRequest(_) => {
|
|
bail!("turn requested exec approval");
|
|
}
|
|
EventMsg::ApplyPatchApprovalRequest(_) => {
|
|
bail!("turn requested patch approval");
|
|
}
|
|
EventMsg::RequestPermissions(_) => {
|
|
bail!("turn requested permissions");
|
|
}
|
|
EventMsg::RequestUserInput(_) => {
|
|
bail!("turn requested user input");
|
|
}
|
|
EventMsg::DynamicToolCallRequest(_) => {
|
|
bail!("turn requested a dynamic tool call");
|
|
}
|
|
_ => {}
|
|
}
|
|
}
|
|
}
|