refactor: update goose2 credential management behind provider-scoped ACP/core API#8887
refactor: update goose2 credential management behind provider-scoped ACP/core API#8887kalvinnchau merged 9 commits intomainfrom
Conversation
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 27c38359f7
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
kalvinnchau
force-pushed
the
kalvin/model-reload
branch
from
27c3835 to
5595c0e
Compare
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5595c0e329
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 6d25926ba4
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
crates/goose/src/acp/server.rs (Lines 1047-1130) The session-init refresh path (lines ~1046-1130) duplicates the same This comment was generated by AI |
matt2e
left a comment
matt2e
left a comment
There was a problem hiding this comment.
Added some comments that looked worthwhile to fix before merging, but I'm stamping it
added provider-scoped ACP methods for config read/status/save/delete moved provider credential UI off Tauri commands and onto generated SDK calls removed the duplicate desktop provider config table and Tauri GooseConfig service batched secret writes/deletes in base.rs, with docstrings restored kept dictation separate, but moved its API-key save/delete off the removed Tauri commands and onto generic ACP secret methods added Rust and frontend coverage for the new flow
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 0e94e54a1a
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
Signed-off-by: morgmart <98432065+morgmart@users.noreply.github.com>
kalvinnchau
force-pushed
the
kalvin/model-reload
branch
from
0e94e54 to
25c5d4e
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 25c5d4e3be
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
suppress stale refresh warnings after provider disconnects and refresh native oauth status when the initial inventory refresh request fails.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 57bedefffb
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
* main: (24 commits) fix: copy and content improvements in goose2 (#8886) feat: make ollama host configurable in goose2 (#8912) polish sidebar navigation and project icons (#8896) fix: model picker stays usable during provider loading (#8900) feat: update provider row after saving credentials (#8914) feat: support google model inventory refresh (#8913) chore: Added goose 2 UI refactor review skill (#8903) blog: goose with peekaboo (#8884) blog: Built-in Local Inference blogpost. (#8808) perf: parallelize provider resolution and eagerly init SQLite pool (#8899) refactor: update goose2 credential management behind provider-scoped ACP/core API (#8887) fix: handle acp requests concurrently (#8781) build: set LLAMA_STATIC_CRT for Windows CUDA (#8901) perf: deduplicate _goose/providers/list RPC call at startup (#8873) chore: add a bit more instructions in the release pr (#8890) chore: disable spellcheck in model search (#8889) add skills to the chat composer (#8881) mergeable configs + cleanup (#8378) refactor: agent provider to use explicit type states (#8879) [goose2] MCP Apps: hydrate and replay app payloads in Goose2 (#8632) ...
3 participants
Category: improvement
User Impact: Users can update model provider credentials in Goose2 settings and see updated model availability without restarting the app.
Problem: Goose2 provider credential changes were handled in the Tauri shell with duplicated provider metadata, so saved credentials required a restart and could leave model inventory stale. That made provider setup feel disconnected from
the runtime state Goose actually uses.
Solution: Move provider-scoped credential read/status/save/delete into ACP/core, invalidate secret caches when credentials change, and refresh provider inventory as part of the save/delete flow. The UI now talks through the generated SDK,
shows per-provider save/sync state, and keeps the provider list usable while status checks are loading.
File changes
crates/goose-sdk/src/custom_requests.rs
Adds ACP request/response DTOs for provider config read, status, save, and delete.
crates/goose/acp-meta.json
Registers the new provider config ACP methods.
crates/goose/acp-schema.json
Updates the ACP schema for provider config methods and response shapes.
crates/goose/src/acp/server.rs
Implements provider config ACP handlers, masks secret reads, batches secret writes/deletes, invalidates secret caches, and starts identity-safe inventory refresh jobs.
crates/goose/src/config/base.rs
Adds shared secret mutation helpers plus batched secret set/delete operations.
crates/goose/src/providers/inventory/mod.rs
Captures refresh identities at plan time, guards refreshing keys, and stores refresh results against the planned identity.
crates/goose/tests/acp_secret_cache_invalidation_test.rs
Covers ACP secret/cache invalidation, provider config save/delete behavior, masked secret reads, and plan-time inventory identity storage.
documentation/docs/guides/config-files.md
Clarifies that Goose2 settings saves refresh through ACP without requiring an app restart.
ui/goose2/AGENTS.md
Documents that provider config mutations should go through React, SDK, ACP, and goose core instead of Tauri commands.
ui/goose2/src-tauri/Cargo.lock
Removes now-unused dependencies from the Tauri lockfile.
ui/goose2/src-tauri/Cargo.toml
Removes the unused
etceteradependency.ui/goose2/src-tauri/src/commands/credentials.rs
Deletes the old Tauri provider credential commands.
ui/goose2/src-tauri/src/commands/mod.rs
Stops exporting the removed credential command module.
ui/goose2/src-tauri/src/lib.rs
Stops managing the removed GooseConfig service and unregisters credential commands.
ui/goose2/src-tauri/src/services/goose_config.rs
Deletes duplicated shell-side config and secret storage logic.
ui/goose2/src-tauri/src/services/mod.rs
Removes deleted provider config services from the service module.
ui/goose2/src-tauri/src/services/provider_defs.rs
Deletes duplicated provider config metadata from the Tauri layer.
ui/goose2/src/app/hooks/useAppStartup.ts
Uses the shared provider inventory sync helper during startup.
ui/goose2/src/features/providers/api/credentials.test.ts
Adds SDK wiring coverage for provider config read/status/save/delete.
ui/goose2/src/features/providers/api/credentials.ts
Replaces Tauri invokes with generated ACP SDK provider config calls.
ui/goose2/src/features/providers/api/inventorySync.test.ts
Covers inventory sync polling, initial refresh reuse, already-refreshing providers, and skipped entries.
ui/goose2/src/features/providers/api/inventorySync.ts
Adds shared refresh-and-poll logic for provider inventory updates.
ui/goose2/src/features/providers/hooks/useCredentials.test.tsx
Covers no-restart credential saves, inventory warnings, and native OAuth refresh ordering.
ui/goose2/src/features/providers/hooks/useCredentials.ts
Tracks per-provider saving/syncing/warning state and starts inventory sync after save, delete, or native auth.
ui/goose2/src/features/settings/ui/ModelProviderPanels.tsx
Adds reusable loading and warning messages for inventory sync state.
ui/goose2/src/features/settings/ui/ModelProviderRow.tsx
Saves provider fields in one batch and shows per-provider inventory loading/warning state.
ui/goose2/src/features/settings/ui/ProvidersSettings.tsx
Removes the restart banner, renders providers while status loads, and passes per-provider save/sync state into rows.
ui/goose2/src/features/settings/ui/tests/ModelProviderRow.test.tsx
Covers batched setup saves plus inventory loading and warning rendering.
ui/goose2/src/features/settings/ui/tests/ProvidersSettings.test.tsx
Covers removal of the restart banner, loading-state rendering, and connected-provider ordering.
ui/goose2/src/shared/api/tests/dictation.test.ts
Adds coverage for dictation provider secret save/delete SDK calls.
ui/goose2/src/shared/api/dictation.ts
Moves dictation secret save/delete off Tauri invokes and onto ACP secret methods.
ui/goose2/src/shared/i18n/locales/en/settings.json
Adds English status/warning strings and removes restart copy.
ui/goose2/src/shared/i18n/locales/es/settings.json
Adds Spanish warning/loading strings and removes restart copy.
ui/sdk/src/generated/client.gen.ts
Regenerates the TypeScript SDK client for provider config ACP methods.
ui/sdk/src/generated/index.ts
Exports new provider config types and method metadata.
ui/sdk/src/generated/types.gen.ts
Regenerates provider config request/response TypeScript types.
ui/sdk/src/generated/zod.gen.ts
Regenerates Zod validators for provider config request/response payloads.
Reproduction Steps