mirror of
https://github.com/pchuan98/codex.git
synced 2026-07-01 00:31:56 +08:00
c274a83f8b
## Why
Codex can run a remote exec server through the Noise relay, but the
normal
environment-manager path could not establish an
environment-registry-backed
harness connection. Signed rendezvous URLs and harness authorizations
are
short-lived, so reconnects must fetch a fresh bundle instead of
retaining
stale connection credentials. A stalled registry request must also fail
within
the regular remote connection deadline, without exposing these
credentials in
debug logs.
Issue: N/A (internal environment-service integration).
## What Changed
- Add environment-manager configuration for a registry-backed Noise
rendezvous
environment.
- Request a fresh bundle from
`/cloud/environment/{environment_id}/connect` for every physical harness
connection, using the existing 10-second remote connection timeout.
- Share the Environment Registry register, connect, and validate wire
payloads
through `codex-exec-server` and `codex-core-api`.
- Redact the signed rendezvous URL and harness authorization from the
public
connect response's `Debug` output.
- Add focused coverage for registry bundle retrieval, stalled requests,
and
credential redaction.
73 lines
2.0 KiB
TOML
73 lines
2.0 KiB
TOML
[package]
|
|
name = "codex-exec-server"
|
|
version.workspace = true
|
|
edition.workspace = true
|
|
license.workspace = true
|
|
|
|
[lib]
|
|
doctest = false
|
|
|
|
[lints]
|
|
workspace = true
|
|
|
|
[dependencies]
|
|
arc-swap = { workspace = true }
|
|
axum = { workspace = true, features = ["http1", "tokio", "ws"] }
|
|
base64 = { workspace = true }
|
|
bytes = { workspace = true }
|
|
clatter = { workspace = true }
|
|
codex-app-server-protocol = { workspace = true }
|
|
codex-api = { workspace = true }
|
|
codex-client = { workspace = true }
|
|
codex-file-system = { workspace = true }
|
|
codex-protocol = { workspace = true }
|
|
codex-sandboxing = { workspace = true }
|
|
codex-shell-command = { workspace = true }
|
|
codex-utils-absolute-path = { workspace = true }
|
|
codex-utils-path-uri = { workspace = true }
|
|
codex-utils-pty = { workspace = true }
|
|
codex-utils-rustls-provider = { workspace = true }
|
|
futures = { workspace = true }
|
|
http = { workspace = true }
|
|
reqwest = { workspace = true, features = ["json", "rustls-tls", "stream"] }
|
|
prost = "0.14.3"
|
|
serde = { workspace = true, features = ["derive"] }
|
|
serde_json = { workspace = true }
|
|
thiserror = { workspace = true }
|
|
toml = { workspace = true }
|
|
tokio = { workspace = true, features = [
|
|
"fs",
|
|
"io-std",
|
|
"io-util",
|
|
"macros",
|
|
"net",
|
|
"process",
|
|
"rt-multi-thread",
|
|
"sync",
|
|
"time",
|
|
] }
|
|
tokio-util = { workspace = true, features = ["io", "rt"] }
|
|
tokio-tungstenite = { workspace = true }
|
|
tracing = { workspace = true }
|
|
uuid = { workspace = true, features = ["v4"] }
|
|
|
|
[target.'cfg(unix)'.dependencies]
|
|
libc = { workspace = true }
|
|
|
|
[target.'cfg(windows)'.dependencies]
|
|
windows-sys = { version = "0.52", features = [
|
|
"Win32_Foundation",
|
|
"Win32_Storage_FileSystem",
|
|
] }
|
|
|
|
[dev-dependencies]
|
|
anyhow = { workspace = true }
|
|
codex-test-binary-support = { workspace = true }
|
|
ctor = { workspace = true }
|
|
http = { workspace = true }
|
|
pretty_assertions = { workspace = true }
|
|
serial_test = { workspace = true }
|
|
tempfile = { workspace = true }
|
|
test-case = "3.3.1"
|
|
wiremock = { workspace = true }
|