mirror of
https://github.com/openai/codex.git
synced 2026-05-22 20:14:17 +00:00
b200dd1b6f
This updates remote `exec-server` registration to use normal Codex auth instead of a registry-issued credential. The registry request is built from the existing auth-provider path, which preserves the biscuit-only registry contract introduced in [openai/openai#924101](https://github.com/openai/openai/pull/924101) while removing the old remote registry bearer env var and its direct transport assumptions. The default remote flow uses persisted ChatGPT auth from the normal Codex config/storage path. This PR also includes the containerized Agent Identity path needed by [openai/openai#924260](https://github.com/openai/openai/pull/924260): remote `exec-server` accepts `--allow-agent-identity-auth`, permits Agent Identity auth loaded from `CODEX_ACCESS_TOKEN` only when that flag is present, and reuses the existing Agent task registration plus derived `AgentAssertion` header generation. API-key auth remains unsupported, and Agent Identity stays opt-in. Validation performed beyond normal presubmit coverage: - `cargo fmt --all --check` - `cargo check -p codex-cli` - `cargo test -p codex-exec-server` - `cargo test -p codex-cli exec_server_agent_identity_auth_flag_` - `cargo test -p codex-cli remote_exec_server_auth_mode_` I also attempted `cargo test -p codex-cli`. The new CLI tests passed inside that run, but the suite ended on an unrelated local marketplace-state failure in `plugin_list_excludes_unconfigured_repo_local_marketplaces`.
100 lines
3.3 KiB
Rust
100 lines
3.3 KiB
Rust
mod client;
|
|
mod client_api;
|
|
mod client_transport;
|
|
mod connection;
|
|
mod environment;
|
|
mod environment_provider;
|
|
mod environment_toml;
|
|
mod fs_helper;
|
|
mod fs_helper_main;
|
|
mod fs_sandbox;
|
|
mod local_file_system;
|
|
mod local_process;
|
|
mod process;
|
|
mod process_id;
|
|
mod protocol;
|
|
mod relay;
|
|
mod relay_proto;
|
|
mod remote;
|
|
mod remote_file_system;
|
|
mod remote_process;
|
|
mod rpc;
|
|
mod runtime_paths;
|
|
mod sandboxed_file_system;
|
|
mod server;
|
|
|
|
pub use client::ExecServerClient;
|
|
pub use client::ExecServerError;
|
|
pub use client::http_client::HttpResponseBodyStream;
|
|
pub use client::http_client::ReqwestHttpClient;
|
|
pub use client_api::ExecServerClientConnectOptions;
|
|
pub use client_api::HttpClient;
|
|
pub use client_api::RemoteExecServerConnectArgs;
|
|
pub use codex_file_system::CopyOptions;
|
|
pub use codex_file_system::CreateDirectoryOptions;
|
|
pub use codex_file_system::ExecutorFileSystem;
|
|
pub use codex_file_system::FileMetadata;
|
|
pub use codex_file_system::FileSystemResult;
|
|
pub use codex_file_system::FileSystemSandboxContext;
|
|
pub use codex_file_system::ReadDirectoryEntry;
|
|
pub use codex_file_system::RemoveOptions;
|
|
pub use environment::CODEX_EXEC_SERVER_URL_ENV_VAR;
|
|
pub use environment::Environment;
|
|
pub use environment::EnvironmentManager;
|
|
pub use environment::LOCAL_ENVIRONMENT_ID;
|
|
pub use environment::REMOTE_ENVIRONMENT_ID;
|
|
pub use environment_provider::DefaultEnvironmentProvider;
|
|
pub use environment_provider::EnvironmentProvider;
|
|
pub use fs_helper::CODEX_FS_HELPER_ARG1;
|
|
pub use fs_helper_main::main as run_fs_helper_main;
|
|
pub use local_file_system::LOCAL_FS;
|
|
pub use local_file_system::LocalFileSystem;
|
|
pub use process::ExecBackend;
|
|
pub use process::ExecProcess;
|
|
pub use process::ExecProcessEvent;
|
|
pub use process::ExecProcessEventReceiver;
|
|
pub use process::StartedExecProcess;
|
|
pub use process_id::ProcessId;
|
|
pub use protocol::ExecClosedNotification;
|
|
pub use protocol::ExecEnvPolicy;
|
|
pub use protocol::ExecExitedNotification;
|
|
pub use protocol::ExecOutputDeltaNotification;
|
|
pub use protocol::ExecOutputStream;
|
|
pub use protocol::ExecParams;
|
|
pub use protocol::ExecResponse;
|
|
pub use protocol::FsCopyParams;
|
|
pub use protocol::FsCopyResponse;
|
|
pub use protocol::FsCreateDirectoryParams;
|
|
pub use protocol::FsCreateDirectoryResponse;
|
|
pub use protocol::FsGetMetadataParams;
|
|
pub use protocol::FsGetMetadataResponse;
|
|
pub use protocol::FsReadDirectoryEntry;
|
|
pub use protocol::FsReadDirectoryParams;
|
|
pub use protocol::FsReadDirectoryResponse;
|
|
pub use protocol::FsReadFileParams;
|
|
pub use protocol::FsReadFileResponse;
|
|
pub use protocol::FsRemoveParams;
|
|
pub use protocol::FsRemoveResponse;
|
|
pub use protocol::FsWriteFileParams;
|
|
pub use protocol::FsWriteFileResponse;
|
|
pub use protocol::HttpHeader;
|
|
pub use protocol::HttpRequestBodyDeltaNotification;
|
|
pub use protocol::HttpRequestParams;
|
|
pub use protocol::HttpRequestResponse;
|
|
pub use protocol::InitializeParams;
|
|
pub use protocol::InitializeResponse;
|
|
pub use protocol::ProcessOutputChunk;
|
|
pub use protocol::ReadParams;
|
|
pub use protocol::ReadResponse;
|
|
pub use protocol::TerminateParams;
|
|
pub use protocol::TerminateResponse;
|
|
pub use protocol::WriteParams;
|
|
pub use protocol::WriteResponse;
|
|
pub use protocol::WriteStatus;
|
|
pub use remote::RemoteExecutorConfig;
|
|
pub use remote::run_remote_executor;
|
|
pub use runtime_paths::ExecServerRuntimePaths;
|
|
pub use server::DEFAULT_LISTEN_URL;
|
|
pub use server::ExecServerListenUrlParseError;
|
|
pub use server::run_main;
|