- commit
- 02b3d6a
- parent
- 393dc22
- author
- im_wower
- date
- 2026-03-23 22:29:45 +0800 CST
fix(runtime): wire conductor to codexd launchd env
9 files changed,
+53,
-4
+15,
-0
1@@ -30,6 +30,14 @@ BAA_CODEXD_LOGS_DIR=/Users/george/code/baa-conductor/logs/codexd
2 BAA_CODEXD_STATE_DIR=/Users/george/code/baa-conductor/state/codexd
3 ```
4
5+`conductor` 代理 `/v1/codex*` 时也依赖同一个地址:
6+
7+```text
8+BAA_CODEXD_LOCAL_API_BASE=http://127.0.0.1:4319
9+```
10+
11+如果 `conductor` 的 launchd 安装副本缺这个变量,live `/v1/codex` 会直接返回 `503 codexd_not_configured`,即使 `codexd` 自己的 `4319` 服务已经正常。
12+
13 ## 组件边界
14
15 ### `conductor-daemon`
16@@ -130,3 +138,10 @@ BAA_CODEXD_STATE_DIR=/Users/george/code/baa-conductor/state/codexd
17 ```bash
18 ./scripts/runtime/codexd-e2e-smoke.sh
19 ```
20+
21+mini 上重装 launchd 后,也应至少手工确认:
22+
23+```bash
24+curl -fsSL http://127.0.0.1:4319/v1/codexd/status
25+curl -fsSL http://100.71.210.78:4317/v1/codex
26+```
+7,
-0
1@@ -75,12 +75,19 @@ BAA_CONDUCTOR_ROLE=primary
2 BAA_NODE_ID=mini-main
3 BAA_CONDUCTOR_LOCAL_API=http://100.71.210.78:4317
4 BAA_CONDUCTOR_LOCAL_API_ALLOWED_HOSTS=100.71.210.78
5+BAA_CODEXD_LOCAL_API_BASE=http://127.0.0.1:4319
6 BAA_STATUS_API_HOST=100.71.210.78
7 BAA_CONTROL_API_BASE=https://conductor.makefile.so
8 ```
9
10 最后一项只是兼容旧代码的变量名;默认目标已经与 canonical public host 对齐。
11
12+说明:
13+
14+- `BAA_CODEXD_LOCAL_API_BASE` 不只是 `codexd` 自己使用,`conductor` 也通过它代理 `/v1/codex*`
15+- 这个值必须保持 loopback 地址;当前正式值是 `http://127.0.0.1:4319`
16+- 如果 `conductor` 进程缺这个变量,`/v1/codex` 会返回 `503 codexd_not_configured`
17+
18 Firefox WS 派生规则:
19
20 - 不新增 `BAA_CONDUCTOR_FIREFOX_WS` 之类单独变量
+17,
-1
1@@ -46,6 +46,7 @@
2
3 - `codexd` 独立安装时不需要共享 token
4 - `--control-api-base` 仍然保留,只是为了写入兼容变量 `BAA_CONTROL_API_BASE`
5+- `--codexd-local-api-base` 会同时写给 `codexd` 和 `conductor`
6 - `codexd` 正式运行面只写入 `app-server` 会话链路所需默认值
7 - `codexd` 正式服务面只保留 `/healthz`、`/v1/codexd/status`、`/v1/codexd/sessions`、`/v1/codexd/turn`、`/v1/codexd/events`
8 - install / reload / status / check 脚本都只验这条会话链路
9@@ -86,9 +87,10 @@
10
11 当前运维观察口径:
12
13+- `status-launchd.sh` 会展示 `conductor /v1/codex`,确认代理是否已经指向独立 `codexd`
14 - `status-launchd.sh` 对 `codexd` 只展示 `/healthz` 和 `/v1/codexd/status`
15 - `reload-launchd.sh` 只等待 `codexd /healthz` 恢复
16-- `check-node.sh` 只要求 `codexd /healthz` 和 `/v1/codexd/status` 返回正常
17+- `check-node.sh` 要求 `conductor /v1/codex`、`codexd /healthz` 和 `/v1/codexd/status` 返回正常
18 - 额外会话验收统一走 `./scripts/runtime/codexd-e2e-smoke.sh`
19
20 ## 渲染安装副本
21@@ -133,6 +135,12 @@
22 - `BAA_CODEXD_SERVER_CWD=/Users/george/code/baa-conductor`
23 - `BAA_CODEXD_SERVER_ENDPOINT=stdio://codex-app-server`
24
25+`conductor` 的安装副本也必须拿到:
26+
27+- `BAA_CODEXD_LOCAL_API_BASE=http://127.0.0.1:4319`
28+
29+否则 `conductor` 虽然会正常监听 `4317`,但 `/v1/codex*` 会返回 `503 codexd_not_configured`。
30+
31 ## reload 行为
32
33 `restart-launchd.sh` / `reload-launchd.sh` 不只看 `launchctl` 返回码,还会等待已选服务的 `/healthz` 恢复:
34@@ -141,6 +149,14 @@
35 - `codexd`: 读取 `BAA_CODEXD_LOCAL_API_BASE`
36 - `status-api`: 读取 `BAA_STATUS_API_HOST` 并按默认端口 `4318` 探活
37
38+mini 正确安装后,建议追加一轮代理验证:
39+
40+```bash
41+curl -fsSL http://127.0.0.1:4319/v1/codexd/status
42+curl -fsSL http://100.71.210.78:4317/v1/codex
43+curl -fsSL http://100.71.210.78:4317/v1/codex/sessions
44+```
45+
46 如果服务处于 loaded 但未提供 HTTP,脚本会自动再执行一次:
47
48 ```bash
+3,
-1
1@@ -30,6 +30,7 @@ npx --yes pnpm -r build
2 说明:
3
4 - `--control-api-base` 仍是当前静态检查参数,但只用于校验兼容变量 `BAA_CONTROL_API_BASE`
5+- `check-launchd.sh` 现在也会校验 `conductor` 安装副本里的 `BAA_CODEXD_LOCAL_API_BASE`
6 - `check-launchd.sh` 现在会校验 `codexd` 的监听地址、事件流路径、日志目录、状态目录和 `app-server` child 配置
7 - 这些静态检查不包含 run/exec 路线
8
9@@ -57,7 +58,7 @@ npx --yes pnpm -r build
10 - `launchctl print` 是否成功
11 - 进程命令行是否匹配
12 - `logs/launchd/*.log` 是否存在
13-- `conductor` 是否监听 `4317` 并返回 `/healthz`、`/readyz`、`/rolez`
14+- `conductor` 是否监听 `4317` 并返回 `/healthz`、`/readyz`、`/rolez`、`/v1/codex`
15 - `codexd` 是否监听 `4319` 并返回 `/healthz`、`/v1/codexd/status`
16 - `status-api` 是否监听 `4318` 并返回 `/healthz`、`/v1/status`
17 - 不要求探测 run/exec 路线
18@@ -92,6 +93,7 @@ on-node:
19 ```bash
20 curl -fsSL http://100.71.210.78:4317/healthz
21 curl -fsSL http://100.71.210.78:4317/v1/runtime
22+curl -fsSL http://100.71.210.78:4317/v1/codex
23 curl -fsSL http://127.0.0.1:4319/healthz
24 curl -fsSL http://127.0.0.1:4319/v1/codexd/status
25 curl -fsSL http://100.71.210.78:4318/v1/status
1@@ -4,8 +4,8 @@
2 Source template kept in the repo.
3 Default values target the mini node at /Users/george/code/baa-conductor.
4 Use scripts/runtime/install-launchd.sh to render the actual install copy.
5- Adjust BAA_SHARED_TOKEN and the listen-related variables before loading if
6- the mini node uses a non-default address.
7+ Adjust BAA_SHARED_TOKEN, BAA_CODEXD_LOCAL_API_BASE, and the listen-related
8+ variables before loading if the mini node uses a non-default address.
9 If this file is installed under /Library/LaunchDaemons, add UserName and keep
10 every path absolute; launchd will not read shell rc files for you.
11 -->
12@@ -49,6 +49,8 @@
13 <string>/Users/george/code/baa-conductor/state</string>
14 <key>BAA_NODE_ID</key>
15 <string>mini-main</string>
16+ <key>BAA_CODEXD_LOCAL_API_BASE</key>
17+ <string>http://127.0.0.1:4319</string>
18 <key>BAA_SHARED_TOKEN</key>
19 <string>replace-me</string>
20 </dict>
+1,
-0
1@@ -272,6 +272,7 @@ check_installed_plist() {
2 if [[ "$service" == "conductor" ]]; then
3 check_string_equals "${service}:host-arg" "$(plist_print_value "$plist_path" ":ProgramArguments:4")" "$conductor_host"
4 check_string_equals "${service}:role-arg" "$(plist_print_value "$plist_path" ":ProgramArguments:6")" "$conductor_role"
5+ check_string_equals "${service}:BAA_CODEXD_LOCAL_API_BASE" "$(plist_print_value "$plist_path" ":EnvironmentVariables:BAA_CODEXD_LOCAL_API_BASE")" "$codexd_local_api_base"
6 fi
7
8 if [[ "$service" == "codexd" ]]; then
+2,
-0
1@@ -41,6 +41,7 @@ Options:
2 Notes:
3 The default runtime check set is conductor + codexd + status-api. Use
4 --service to narrow the scope or --all-services to include worker-runner.
5+ conductor HTTP probes include /v1/codex to ensure proxy wiring to codexd.
6 For codexd, the HTTP probes only cover /healthz and /v1/codexd/status.
7 /v1/codexd/runs* and codex exec are not part of node verification.
8 EOF
9@@ -423,6 +424,7 @@ check_conductor_runtime() {
10 if [[ "$skip_http_check" != "1" ]]; then
11 assert_http_equals "conductor /healthz" "${conductor_base_url}/healthz" "200" "ok"
12 assert_http_equals "conductor /readyz" "${conductor_base_url}/readyz" "200" "ready"
13+ assert_http_contains "conductor /v1/codex" "${conductor_base_url}/v1/codex" "200" "\"backend\": \"independent_codexd\""
14
15 http_get "${conductor_base_url}/rolez"
16 if [[ "$HTTP_STATUS" != "200" ]]; then
+1,
-0
1@@ -260,6 +260,7 @@ for service in "${services[@]}"; do
2 if [[ "$service" == "conductor" ]]; then
3 plist_set_string "$install_path" ":ProgramArguments:4" "$conductor_host"
4 plist_set_string "$install_path" ":ProgramArguments:6" "$conductor_role"
5+ plist_set_string "$install_path" ":EnvironmentVariables:BAA_CODEXD_LOCAL_API_BASE" "$codexd_local_api_base"
6 fi
7
8 if [[ "$service" == "codexd" ]]; then
+3,
-0
1@@ -25,6 +25,7 @@ Options:
2
3 Notes:
4 If no service is specified, conductor + codexd + status-api are shown.
5+ conductor HTTP status also reports /v1/codex to surface codexd proxy wiring.
6 codexd HTTP status only reports /healthz and /v1/codexd/status.
7 /v1/codexd/runs* is not treated as a formal runtime probe.
8 EOF
9@@ -153,6 +154,8 @@ if [[ "$skip_http" != "1" ]]; then
10 curl -fsS "${local_api_base%/}/healthz" || true
11 printf '\nrolez: '
12 curl -fsS "${local_api_base%/}/rolez" || true
13+ printf '\n/v1/codex: '
14+ curl -fsS "${local_api_base%/}/v1/codex" || true
15 printf '\n\n'
16 ;;
17 codexd)