Skip to content

Commit 2b7cb50

Browse files
g-linvilleg-linville
committed
improvements
Signed-off-by: Grant Linville <grant@acorn.io>
1 parent 94ffd42 commit 2b7cb50

File tree

6 files changed

+27
-34
lines changed

6 files changed

+27
-34
lines changed

pkg/engine/daemon.go

Lines changed: 16 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,8 @@ type Ports struct {
3636

3737
type Certs struct {
3838
daemonCerts map[string]certs.CertAndKey
39-
daemonLock sync.Mutex
39+
clientCert certs.CertAndKey
40+
lock sync.Mutex
4041
}
4142

4243
func IsDaemonRunning(url string) bool {
@@ -157,8 +158,8 @@ func (e *Engine) startDaemon(tool types.Tool) (string, error) {
157158
url = fmt.Sprintf("https://127.0.0.1:%d%s", port, path)
158159

159160
// Generate a certificate for the daemon, unless one already exists.
160-
certificates.daemonLock.Lock()
161-
defer certificates.daemonLock.Unlock()
161+
certificates.lock.Lock()
162+
defer certificates.lock.Unlock()
162163
cert, exists := certificates.daemonCerts[tool.ID]
163164
if !exists {
164165
var err error
@@ -173,12 +174,21 @@ func (e *Engine) startDaemon(tool types.Tool) (string, error) {
173174
certificates.daemonCerts[tool.ID] = cert
174175
}
175176

177+
// Set the client certificate if there isn't one already.
178+
if len(certificates.clientCert.Cert) == 0 {
179+
gptscriptCert, err := certs.GenerateGPTScriptCert()
180+
if err != nil {
181+
return "", fmt.Errorf("failed to generate GPTScript certificate: %v", err)
182+
}
183+
certificates.clientCert = gptscriptCert
184+
}
185+
176186
cmd, stop, err := e.newCommand(ctx, []string{
177187
fmt.Sprintf("PORT=%d", port),
178188
fmt.Sprintf("CERT=%s", base64.StdEncoding.EncodeToString(cert.Cert)),
179189
fmt.Sprintf("PRIVATE_KEY=%s", base64.StdEncoding.EncodeToString(cert.Key)),
180190
fmt.Sprintf("GPTSCRIPT_PORT=%d", port),
181-
fmt.Sprintf("GPTSCRIPT_CERT=%s", base64.StdEncoding.EncodeToString(e.GPTScriptCert.Cert)),
191+
fmt.Sprintf("GPTSCRIPT_CERT=%s", base64.StdEncoding.EncodeToString(certificates.clientCert.Cert)),
182192
},
183193
tool,
184194
"{}",
@@ -241,7 +251,7 @@ func (e *Engine) startDaemon(tool types.Tool) (string, error) {
241251
}()
242252

243253
// Build HTTP client for checking the health of the daemon
244-
clientCert, err := tls.X509KeyPair(e.GPTScriptCert.Cert, e.GPTScriptCert.Key)
254+
tlsClientCert, err := tls.X509KeyPair(certificates.clientCert.Cert, certificates.clientCert.Key)
245255
if err != nil {
246256
return "", fmt.Errorf("failed to create client certificate: %v", err)
247257
}
@@ -254,7 +264,7 @@ func (e *Engine) startDaemon(tool types.Tool) (string, error) {
254264
httpClient := &http.Client{
255265
Transport: &http.Transport{
256266
TLSClientConfig: &tls.Config{
257-
Certificates: []tls.Certificate{clientCert},
267+
Certificates: []tls.Certificate{tlsClientCert},
258268
RootCAs: pool,
259269
InsecureSkipVerify: false,
260270
},
@@ -271,7 +281,6 @@ func (e *Engine) startDaemon(tool types.Tool) (string, error) {
271281
}()
272282
return url, nil
273283
}
274-
_ = resp.Body.Close()
275284
select {
276285
case <-killedCtx.Done():
277286
return url, fmt.Errorf("daemon failed to start: %w", context.Cause(killedCtx))

pkg/engine/engine.go

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,6 @@ import (
77
"strings"
88
"sync"
99

10-
"github.com/gptscript-ai/gptscript/pkg/certs"
1110
"github.com/gptscript-ai/gptscript/pkg/counter"
1211
"github.com/gptscript-ai/gptscript/pkg/types"
1312
"github.com/gptscript-ai/gptscript/pkg/version"
@@ -23,7 +22,6 @@ type RuntimeManager interface {
2322
}
2423

2524
type Engine struct {
26-
GPTScriptCert certs.CertAndKey
2725
Model Model
2826
RuntimeManager RuntimeManager
2927
Env []string

pkg/engine/http.go

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -65,9 +65,10 @@ func (e *Engine) runHTTP(ctx context.Context, prg *types.Program, tool types.Too
6565
toolURL = parsed.String()
6666

6767
// Find the certificate corresponding to this daemon tool
68-
certificates.daemonLock.Lock()
68+
certificates.lock.Lock()
6969
daemonCert, exists := certificates.daemonCerts[referencedTool.ID]
70-
certificates.daemonLock.Unlock()
70+
clientCert := certificates.clientCert
71+
certificates.lock.Unlock()
7172

7273
if !exists {
7374
return nil, fmt.Errorf("missing daemon certificate for [%s]", referencedTool.ID)
@@ -79,14 +80,14 @@ func (e *Engine) runHTTP(ctx context.Context, prg *types.Program, tool types.Too
7980
return nil, fmt.Errorf("failed to append daemon certificate for [%s]", referencedTool.ID)
8081
}
8182

82-
clientCert, err := tls.X509KeyPair(e.GPTScriptCert.Cert, e.GPTScriptCert.Key)
83+
tlsClientCert, err := tls.X509KeyPair(clientCert.Cert, clientCert.Key)
8384
if err != nil {
8485
return nil, fmt.Errorf("failed to create client certificate: %v", err)
8586
}
8687

8788
// Create TLS config for use in the HTTP client later
8889
tlsConfigForDaemonRequest = &tls.Config{
89-
Certificates: []tls.Certificate{clientCert},
90+
Certificates: []tls.Certificate{tlsClientCert},
9091
RootCAs: pool,
9192
InsecureSkipVerify: false,
9293
}

pkg/gptscript/gptscript.go

Lines changed: 4 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,6 @@ import (
1212

1313
"github.com/gptscript-ai/gptscript/pkg/builtin"
1414
"github.com/gptscript-ai/gptscript/pkg/cache"
15-
"github.com/gptscript-ai/gptscript/pkg/certs"
1615
"github.com/gptscript-ai/gptscript/pkg/config"
1716
context2 "github.com/gptscript-ai/gptscript/pkg/context"
1817
"github.com/gptscript-ai/gptscript/pkg/credentials"
@@ -108,12 +107,7 @@ func New(ctx context.Context, o ...Options) (*GPTScript, error) {
108107
opts.Runner.RuntimeManager = runtimes.Default(cacheClient.CacheDir(), opts.SystemToolsDir)
109108
}
110109

111-
gptscriptCert, err := certs.GenerateGPTScriptCert()
112-
if err != nil {
113-
return nil, err
114-
}
115-
116-
simplerRunner, err := newSimpleRunner(cacheClient, opts.Runner.RuntimeManager, opts.Env, gptscriptCert)
110+
simplerRunner, err := newSimpleRunner(cacheClient, opts.Runner.RuntimeManager, opts.Env)
117111
if err != nil {
118112
return nil, err
119113
}
@@ -146,7 +140,7 @@ func New(ctx context.Context, o ...Options) (*GPTScript, error) {
146140
opts.Runner.MonitorFactory = monitor.NewConsole(opts.Monitor, monitor.Options{DebugMessages: *opts.Quiet})
147141
}
148142

149-
runner, err := runner.New(registry, credStore, gptscriptCert, opts.Runner)
143+
runner, err := runner.New(registry, credStore, opts.Runner)
150144
if err != nil {
151145
return nil, err
152146
}
@@ -291,8 +285,8 @@ type simpleRunner struct {
291285
env []string
292286
}
293287

294-
func newSimpleRunner(cache *cache.Client, rm engine.RuntimeManager, env []string, gptscriptCert certs.CertAndKey) (*simpleRunner, error) {
295-
runner, err := runner.New(noopModel{}, credentials.NoopStore{}, gptscriptCert, runner.Options{
288+
func newSimpleRunner(cache *cache.Client, rm engine.RuntimeManager, env []string) (*simpleRunner, error) {
289+
runner, err := runner.New(noopModel{}, credentials.NoopStore{}, runner.Options{
296290
RuntimeManager: rm,
297291
MonitorFactory: simpleMonitorFactory{},
298292
})

pkg/runner/runner.go

Lines changed: 1 addition & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,6 @@ import (
1111
"time"
1212

1313
"github.com/gptscript-ai/gptscript/pkg/builtin"
14-
"github.com/gptscript-ai/gptscript/pkg/certs"
1514
context2 "github.com/gptscript-ai/gptscript/pkg/context"
1615
"github.com/gptscript-ai/gptscript/pkg/credentials"
1716
"github.com/gptscript-ai/gptscript/pkg/engine"
@@ -96,10 +95,9 @@ type Runner struct {
9695
credOverrides []string
9796
credStore credentials.CredentialStore
9897
sequential bool
99-
gptscriptCert certs.CertAndKey
10098
}
10199

102-
func New(client engine.Model, credStore credentials.CredentialStore, gptscriptCert certs.CertAndKey, opts ...Options) (*Runner, error) {
100+
func New(client engine.Model, credStore credentials.CredentialStore, opts ...Options) (*Runner, error) {
103101
opt := complete(opts...)
104102

105103
runner := &Runner{
@@ -111,7 +109,6 @@ func New(client engine.Model, credStore credentials.CredentialStore, gptscriptCe
111109
credStore: credStore,
112110
sequential: opt.Sequential,
113111
auth: opt.Authorizer,
114-
gptscriptCert: gptscriptCert,
115112
}
116113

117114
if opt.StartPort != 0 {
@@ -414,7 +411,6 @@ func (r *Runner) start(callCtx engine.Context, state *State, monitor Monitor, en
414411
RuntimeManager: runtimeWithLogger(callCtx, monitor, r.runtimeManager),
415412
Progress: progress,
416413
Env: env,
417-
GPTScriptCert: r.gptscriptCert,
418414
}
419415

420416
callCtx.Ctx = context2.AddPauseFuncToCtx(callCtx.Ctx, monitor.Pause)
@@ -597,7 +593,6 @@ func (r *Runner) resume(callCtx engine.Context, monitor Monitor, env []string, s
597593
RuntimeManager: runtimeWithLogger(callCtx, monitor, r.runtimeManager),
598594
Progress: progress,
599595
Env: env,
600-
GPTScriptCert: r.gptscriptCert,
601596
}
602597

603598
var contentInput string

pkg/tests/tester/runner.go

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,6 @@ import (
99
"testing"
1010

1111
"github.com/adrg/xdg"
12-
"github.com/gptscript-ai/gptscript/pkg/certs"
1312
"github.com/gptscript-ai/gptscript/pkg/credentials"
1413
"github.com/gptscript-ai/gptscript/pkg/loader"
1514
"github.com/gptscript-ai/gptscript/pkg/repos/runtimes"
@@ -199,10 +198,7 @@ func NewRunner(t *testing.T) *Runner {
199198

200199
rm := runtimes.Default(cacheDir, "")
201200

202-
gptscriptCert, err := certs.GenerateGPTScriptCert()
203-
require.NoError(t, err)
204-
205-
run, err := runner.New(c, credentials.NoopStore{}, gptscriptCert, runner.Options{
201+
run, err := runner.New(c, credentials.NoopStore{}, runner.Options{
206202
Sequential: true,
207203
RuntimeManager: rm,
208204
})

0 commit comments

Comments
 (0)