feat: 支持 v0.1 deepseek backend profile

This commit is contained in:
Codex
2026-05-29 18:44:24 +08:00
parent 5375ce37f7
commit 5cc8146800
28 changed files with 303 additions and 50 deletions
+10 -2
View File
@@ -8,6 +8,7 @@ import { renderCodexProviderSecretPlan } from "./secret-render.js";
import type { JsonRecord, JsonValue, RunRecord } from "../../src/common/types.js";
import { AgentRunError, errorToJson } from "../../src/common/errors.js";
import type { RunnerOnceOptions } from "../../src/runner/run-once.js";
import { isBackendProfile } from "../../src/common/backend-profiles.js";
interface ParsedArgs {
positional: string[];
@@ -55,9 +56,14 @@ async function dispatch(args: ParsedArgs): Promise<JsonValue> {
runId,
};
const runnerId = optionalFlag(args, "runner-id");
const backend = optionalFlag(args, "backend");
const codexCommand = optionalFlag(args, "codex-command");
const codexHome = optionalFlag(args, "codex-home") ?? process.env.CODEX_HOME;
if (runnerId) options.runnerId = runnerId;
if (backend) {
if (!isBackendProfile(backend)) throw new AgentRunError("schema-invalid", `runner start --backend ${backend} is not supported in v0.1`, { httpStatus: 2 });
options.backendProfile = backend;
}
if (codexCommand) options.codexCommand = codexCommand;
if (codexHome) options.codexHome = codexHome;
return runOnce(options) as unknown as JsonValue;
@@ -112,11 +118,13 @@ async function renderCodexSecret(args: ParsedArgs): Promise<JsonRecord> {
throw new AgentRunError("schema-invalid", "secrets codex render requires --dry-run", { httpStatus: 2 });
}
const options: Parameters<typeof renderCodexProviderSecretPlan>[0] = { dryRun: true };
const profile = optionalFlag(args, "profile");
const codexHome = optionalFlag(args, "codex-home");
const authFile = optionalFlag(args, "auth-file");
const configFile = optionalFlag(args, "config-file");
const namespace = optionalFlag(args, "namespace");
const secretName = optionalFlag(args, "secret-name");
if (profile) options.profile = profile;
if (codexHome) options.codexHome = codexHome;
if (authFile) options.authFile = authFile;
if (configFile) options.configFile = configFile;
@@ -188,10 +196,10 @@ function help(): JsonRecord {
"runs events <runId> --after-seq <n> --limit <n>",
"commands create <runId> --type turn --json-file <payload.json>",
"commands show <commandId> --run-id <runId>",
"runner start --run-id <runId>",
"runner start --run-id <runId> [--backend codex|deepseek]",
"runner job --run-id <runId> --command-id <commandId> [--image <image>] [--runner-manager-url <url>]",
"runner job --dry-run --run-id <runId> --command-id <commandId> --image <image>",
"secrets codex render --dry-run [--codex-home <dir>] [--namespace agentrun-v01] [--secret-name agentrun-v01-provider-codex]",
"secrets codex render --dry-run [--profile codex|deepseek] [--codex-home <dir>] [--namespace agentrun-v01] [--secret-name <name>]",
"backends list",
"server start|status",
],
+1 -1
View File
@@ -331,7 +331,7 @@ metadata:
rules:
- apiGroups: [""]
resources: ["secrets"]
resourceNames: ["agentrun-v01-provider-codex"]
resourceNames: ["agentrun-v01-provider-codex", "agentrun-v01-provider-deepseek"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
+8 -2
View File
@@ -5,8 +5,10 @@ import os from "node:os";
import path from "node:path";
import type { JsonRecord } from "../../src/common/types.js";
import { AgentRunError } from "../../src/common/errors.js";
import { backendProfileSpec, isBackendProfile } from "../../src/common/backend-profiles.js";
export interface CodexSecretRenderOptions {
profile?: string;
codexHome?: string;
authFile?: string;
configFile?: string;
@@ -30,7 +32,6 @@ interface SecretSourceFile {
}
const defaultNamespace = "agentrun-v01";
const defaultSecretName = "agentrun-v01-provider-codex";
const secretKeys = ["auth.json", "config.toml"] as const;
const credentialKeyPattern = /(?:api[_-]?key|token|password|secret|credential|authorization|auth)/iu;
@@ -39,8 +40,11 @@ export async function renderCodexProviderSecretPlan(options: CodexSecretRenderOp
throw new AgentRunError("schema-invalid", "Codex provider Secret rendering only supports --dry-run in v0.1", { httpStatus: 2 });
}
const profile = nonEmpty(options.profile, "codex");
if (!isBackendProfile(profile)) throw new AgentRunError("schema-invalid", `profile ${profile} is not supported in v0.1`, { httpStatus: 2 });
const spec = backendProfileSpec(profile);
const namespace = nonEmpty(options.namespace, defaultNamespace);
const secretName = nonEmpty(options.secretName, defaultSecretName);
const secretName = nonEmpty(options.secretName, spec?.defaultSecretName ?? "agentrun-v01-provider-codex");
const codexHome = resolvePath(nonEmpty(options.codexHome, path.join(os.homedir(), ".codex")));
const sources: SecretSourceFile[] = [
{ key: "auth.json", path: resolvePath(options.authFile ?? path.join(codexHome, "auth.json")), validate: validateAuthJson },
@@ -76,6 +80,8 @@ export async function renderCodexProviderSecretPlan(options: CodexSecretRenderOp
writeAttempted: false,
namespace,
secretName,
profile,
backendKind: spec?.backendKind ?? "codex-app-server-stdio",
keys: [...secretKeys],
totalBytes: files.reduce((sum, file) => sum + file.bytes, 0),
sha256: hash.digest("hex"),