feat: add codex remote control daemon actions

2026-06-04 15:25:18 +08:00
parent 63338c3d76
commit b93bc22160
6 changed files with 269 additions and 0 deletions
--- a/tests/codex-remote-control-daemon.test.mjs
+++ b/tests/codex-remote-control-daemon.test.mjs
@@ -0,0 +1,68 @@
+import test from "node:test";
+import assert from "node:assert/strict";
+import { chmod, mkdtemp, readFile, rm, writeFile } from "node:fs/promises";
+import os from "node:os";
+import path from "node:path";
+
+import {
+  getCodexRemoteControlDaemonConfig,
+  runCodexRemoteControlDaemonAction,
+} from "../local-agent/codex-remote-control-daemon.mjs";
+
+test("codex remote-control daemon config defaults to explicit start and stop commands", () => {
+  const config = getCodexRemoteControlDaemonConfig(
+    {},
+    {
+      codexAppServerEnabled: true,
+      codexAppServerCommand: "codex",
+    },
+  );
+
+  assert.equal(config.enabled, true);
+  assert.equal(config.command, "codex");
+  assert.deepEqual(config.startArgs, ["remote-control", "start", "--json"]);
+  assert.deepEqual(config.stopArgs, ["remote-control", "stop", "--json"]);
+});
+
+test("codex remote-control daemon action executes only explicit start and redacts sensitive output", async () => {
+  const tempDir = await mkdtemp(path.join(os.tmpdir(), "boss-codex-remote-control-"));
+  try {
+    const argvPath = path.join(tempDir, "argv.json");
+    const fakeCodexPath = path.join(tempDir, "codex");
+    await writeFile(
+      fakeCodexPath,
+      `#!/usr/bin/env node
+const fs = require("node:fs");
+fs.writeFileSync(${JSON.stringify(argvPath)}, JSON.stringify(process.argv.slice(2)));
+process.stdout.write(JSON.stringify({ ok: true, token: "sk-secret-should-not-leak", status: "started" }));
+`,
+      "utf8",
+    );
+    await chmod(fakeCodexPath, 0o755);
+
+    const result = await runCodexRemoteControlDaemonAction("start", {
+      codexRemoteControlEnabled: true,
+      codexRemoteControlCommand: fakeCodexPath,
+      codexRemoteControlTimeoutMs: 3000,
+    });
+
+    assert.equal(result.status, "completed");
+    assert.equal(result.action, "start");
+    assert.equal(result.commandLabel.endsWith("remote-control start --json"), true);
+    assert.deepEqual(JSON.parse(await readFile(argvPath, "utf8")), ["remote-control", "start", "--json"]);
+    assert.equal(JSON.stringify(result).includes("sk-secret-should-not-leak"), false);
+    assert.equal(result.outputSummary.includes("[REDACTED]"), true);
+  } finally {
+    await rm(tempDir, { recursive: true, force: true });
+  }
+});
+
+test("codex remote-control daemon rejects unsupported actions before spawning", async () => {
+  await assert.rejects(
+    () =>
+      runCodexRemoteControlDaemonAction("restart", {
+        codexRemoteControlEnabled: true,
+      }),
+    /Unsupported codex remote-control action/,
+  );
+});