feat(extensions): add Unix socket transport for StreamableHttp extensions#7631
feat(extensions): add Unix socket transport for StreamableHttp extensions#7631wpfleger96 wants to merge 20 commits intomainfrom
Conversation
wpfleger96
force-pushed
the
wpfleger/socket-support
branch
2 times, most recently
from
d79f656 to
c4c5d23
Compare
wpfleger96
force-pushed
the
wpfleger/socket-support
branch
from
c4c5d23 to
362aca4
Compare
…ions In some service mesh environments (e.g. Kubernetes with an Envoy sidecar), all outbound HTTP must route through a local proxy rather than making direct TCP connections to remote endpoints. Adds an optional `socket` field to `ExtensionConfig::StreamableHttp` so connections can be routed through a Unix domain socket, with `uri` preserved as the HTTP Host header and path. Implements `rmcp::StreamableHttpClient` for a new `UnixSocketHttpClient` using hyper + `tokio::net::UnixStream`, plugging into rmcp's existing `StreamableHttpClientTransport::with_client()` extension point. Supports both filesystem sockets and Linux abstract sockets (`@` prefix). Auth at the transport layer (e.g. mutual TLS via the sidecar) makes OAuth retry unnecessary on this path. Configured via `socket: "@egress.sock"` alongside the existing `uri` field in YAML config or the goosed API — no change for TCP-only deployments.
wpfleger96
force-pushed
the
wpfleger/socket-support
branch
from
362aca4 to
c4289ce
Compare
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c4289ceb88
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
PR #7126 hardcoded self-signed HTTPS as the only server mode, breaking headless deployments (K8s health probes, sidecar proxies, plain HTTP clients) that expect HTTP. TLS is now controlled by the GOOSE_TLS env var (default: true), so existing desktop deployments are unaffected and server deployments can opt out with GOOSE_TLS=false.
When GOOSE_TLS=false the tunnel was still hardcoding "https" in start_tunnel_internal, so proxied requests would hit the plain HTTP listener with a TLS handshake. Adds a scheme field to TunnelManager (derived from the tls setting at construction) and uses it in place of the hardcoded value.
* origin/main: Update to rmcp 1.1.0 (#7619)
* origin/main: (29 commits) Update to rmcp 1.1.0 (#7619) Fix max turns configuration (#7612) feat: add base path field to custom provider configuration (#7614) fix: compare extension configs before skipping add_extension (#7650) chore(release): release version 1.27.0 (minor) (#7611) feat: better private channel detection, bot version debugging (#7680) chore(deps): bump svgo from 3.3.2 to 3.3.3 in /documentation (#7667) fix: only add viewable channels to bot context (#7678) chore: added a recipe to help identify high risk change prs for testing (#7651) fix: make sure platform binary exists (#7676) fix(shell): replace global static output buffer with per-instance TempDir (#7632) opt: remove timestamped config file backup (#7618) chore(deps): bump @hono/node-server from 1.19.9 to 1.19.10 in /ui/desktop (#7662) chore(deps): bump hono from 4.12.3 to 4.12.5 in /evals/open-model-gym/mcp-harness (#7661) chore(deps): bump hono from 4.12.2 to 4.12.5 in /ui/desktop (#7660) fix: resolve parameters in initial message with autosubmit (#7659) fix: this should not be blocked (#7656) Relax the assertion for the model list ACP test (#7653) fix: add analyzer extension in recipe to maintain backwards compatibility (#7652) docs: add GOOSE_INPUT_LIMIT environment variable documentation (#7299) ...
…et-support * origin/wpfleger/tls: fix: thread TLS scheme through TunnelManager fix: make TLS opt-out in goosed agent via GOOSE_TLS env var
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 52ee2b57d6
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
update UnixSocketHttpClient for rmcp 1.1.0 trait changes
rmcp 1.1.0 added `custom_headers` parameter to `delete_session` and
`get_stream` in the `StreamableHttpClient` trait, and now allows
`MCP-Protocol-Version` through the reserved header check (the transport
injects it after init).
- Add `custom_headers` to `delete_session` and `get_stream` signatures
- Extract shared `apply_custom_headers` helper used by all three methods
- Allow `MCP-Protocol-Version` through reserved header check, matching
upstream reqwest implementation behavior
AuthClient<C> is generic over any StreamableHttpClient, so the OAuth retry flow works with UnixSocketHttpClient the same way it does with reqwest. Skipping it meant socket transport silently changed auth semantics, breaking extensions that return 401 during initialization.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 53517de996
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 057a0448eb
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
extract_auth_error only downcasted to StreamableHttpError<reqwest::Error>, so OAuth retry never triggered for Unix socket connections which produce StreamableHttpError<UnixSocketError>. Add a cfg(unix)-gated downcast for the Unix socket error type so 401 responses correctly trigger OAuth flow. Also creates a fresh UnixSocketHttpClient with only User-Agent for the OAuth retry path, preventing stale Authorization headers from user config being sent alongside the fresh OAuth token.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 6c9dad3751
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
Clone default_headers and strip only Authorization for the OAuth retry client, preserving user-configured headers like Host overrides and routing headers that may be required by the upstream server.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 02320d0909
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
* origin/main: (21 commits) fix(ui-desktop): unify path resolution around GOOSE_PATH_ROOT (#7335) fix: pass OAuth scopes to DCR and extract granted_scopes from token response (#7571) fix: write to real file if config.yaml is symlink (#7669) fix: preserve pairings when stopping gateway (#7733) fix: reduce server log verbosity — skip session in instrument, defaul… (#7729) fix: provider test infrastructure (#7738) fix: sanitize streamable HTTP extension names derived from URLs (#7740) refactor: derive GooseMode string conversions with strum (#7706) docs: Add Spraay Batch Payments MCP Extension Tutorial (#7525) fix: flake.nix (#7224) delete goose web (#7696) Add @angiejones as CODEOWNER for documentation (#7711) Add MLflow integration guide (#7563) docs: LM Studio availability (#7698) feat: add Avian as an LLM provider (#7561) Adds `linux-mcp-server` to the goose registry (#6979) fix: add #[serde(default)] to description field on 4 ExtensionConfig variants (#7708) feat: combine TUI UX from alexhancock/tui-goodness with publishing config from jackamadeo/package-tui (#7683) chore: cleanup old sandbox (#7700) Correct windows artifact (#7699) ...
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b5487d8d4c
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c1d7153e73
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
connect_addr is a blocking syscall from std that can stall a tokio worker thread if the sidecar is slow to accept. Move it to spawn_blocking so the async runtime stays responsive.
|
@wpfleger96 this looks cool! What would you think about porting it to https://github.com/modelcontextprotocol/rust-sdk as an optional feature, to allow any client that needs to do streamable http over UDS to do it with the sdk? This would get it working for goose, but also any other MCP host that uses rmcp (codex etc) |
|
@alexhancock great idea, that didn't even cross my mind. I'm down to give it a shot! could I ping you there for a review when I'm ready? |
I am heading on vacation for a week tomorrow, so ping @jamadeo and @DaleSeo |
* origin/main: (72 commits) No Check do Check (#7942) Log 500 errors and also show error for direct download (#7936) fix: retry on authentication failure with credential refresh (#7812) Remove java/.ai-usage-marker directory (#7925) test(acp): add terminal delegation fixtures and fix shell singleton (#7923) fix: bump pctx_code_mode to 0.3.0 for iterator type checking fix (#7892) feat: persist GooseMode per-session via session DB (#7854) feat(otel): propagate session.id to spans and log records (#7490) fix(test): add env_lock to is_openai_reasoning_model tests (#7917) fix(acp): pass session_id when loading extensions so skills are discovered (#7868) updated canonical models (#7920) feat(autovisualiser): Migrate the autovisualiser extension to MCP Apps (#7852) fix: add tool_choice and parallel_tool_calls to chatgpt_codex provider (#7867) fix: tool confirmation handling for multiple requests (#7856) Remove dead OllamaSetup onboarding flow (#7861) fix: resolve tokio::sync::Mutex deadlock in recipe retry path (#7832) Upgrade Electron 40.6.0 → 41.0.0 (#7851) Only show up to 50 lines of source code (#7578) fix: stop writing without error when hitting broken pipe for goose session list (#7858) feat(acp): add session/set_mode handler (#7801) ...
| h | ||
| }; | ||
|
|
||
| let unix_client = UnixSocketHttpClient::new(uri, socket_path, default_headers); |
There was a problem hiding this comment.
would something like
let unix_client = reqwest::Client::builder()
.unix_socket(socket_path)
.build()?;
let transport = StreamableHttpClientTransport::with_client(
unix_client,
StreamableHttpClientTransportConfig {
uri: uri.into(),
..Default::default()
},
);
have worked here?
|
I like the idea of this, if we can bake it a bit more as discussed above. Unrelated but I always wanted the chromium front end to talk socket transport but at the time I couldn't make it work. An under appreciated tool. |
* origin/main: (62 commits) Tweak the release process: no more merge to main (#7994) fix: gemini models via databricks (#8042) feat(apps): Pass toolInfo to MCP Apps via hostContext (#7506) fix: remove configured marker when deleting oauth provider configuration (#7887) docs: add vmware-aiops MCP extension documentation (#8055) Show setup instructions for ACP providers in settings modal (#8065) deps: replace sigstore-verification with sigstore-verify to kill vulns (#8064) feat(acp): add session/set_config and stabilize list, delete and close (#7984) docs: Correct `gosoe` typo to `goose` (#8062) fix: use default provider and model when provider in session no longer exists (#8035) feat: add GOOSE_SHELL env var to configure preferred shell (#7909) fix(desktop): fullscreen header bar + always-visible close controls (#8033) docs: add Claude Code approve mode permission routing documentation (#7949) chatgpt_codex: Support reasoning and gpt-5.4 (#7941) refactor(anthropic): fix N+1 thinking message storage issue (#7958) fix: handle mid-stream error events in OpenAI SSE streaming (#8031) Fix apps extension: coerce string arguments from inner LLM responses (#8030) feat: ability to expand sidebar to see chats names (#7816) Fix config for GOOSE_MAX_BACKGROUND_TASKS (#7940) set MACOSX_DEPLOYMENT_TARGET=12.0 (#7947) ...
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 94b8d10aff
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
… lint CI sets `RUSTFLAGS=-D warnings` which promotes this newer clippy lint to an error.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b884cd1572
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
…ield CI sets RUSTFLAGS=-D warnings which promotes redundant_closure to an error. Also apply substitute_env_vars to the socket field so configs like socket: "$ENVOY_SOCK" resolve correctly, matching how uri and headers are already handled.
* origin/main: fix: handle reasoning content blocks in OpenAI-compat streaming parser (#8078) chore(acp): build native packages on latest mac (#8075) Display delegate sub agents logs in UI (#7519) Update tar version to avoid CVE-2026-33056 (#8073) refactor: consolidate duplicated dependencies into workspace (#8041) tui: set up for publishing via github actions (#8020) feat: feature-gate local inference dependencies (#7976) feat: ability to manage sub recipes in desktop ui (#6360)
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 403b39b335
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| envs: Envs::new(merged), | ||
| env_keys: vec![], | ||
| headers, | ||
| socket, |
There was a problem hiding this comment.
socket env vars in StreamableHttp snapshots
ExtensionConfig::resolve now substitutes env-backed uri and headers, but it carries socket through unchanged. ExtensionManager::add_extension uses the resolved snapshot to detect secret rotation before deciding to skip a restart (existing.resolved_config == resolved_config in crates/goose/src/agents/extension_manager.rs:673-681), so a config like socket: $ENVOY_SOCK with env_keys: [ENVOY_SOCK] will never reconnect when the stored socket path changes. After a sidecar/socket rollover, Goose can stay pinned to a stale UDS until the whole process is restarted.
Useful? React with 👍 / 👎.
* origin/main: fix: use pnpm when publishing (#8092) Alexhancock/publish npm file format fix (#8091) fix: iteration on the publish-npm workflow (#8087) chore: ignore unmaintained warning for proc-macro-error (#8084) chore: clean up stray recipe.yaml (#8086) chore(release): bump version to 1.29.0 (minor) (#8088) Update lockfile references (#8085) Fix version bump (#8083) Add a code review step which uses a short-lived provider token (#7932)
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b3c49b9f17
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| if !response.status().is_success() { | ||
| return Err(StreamableHttpError::UnexpectedServerResponse( | ||
| format!("get_stream returned {}", response.status()).into(), |
There was a problem hiding this comment.
In UnixSocketHttpClient::get_stream, every non-405 non-success status is converted to UnexpectedServerResponse, so a 401/403 from an OAuth-protected SSE endpoint cannot be interpreted by AuthClient as AuthRequired/InsufficientScope and token refresh never triggers. This breaks reconnect/long-lived stream recovery after token expiry in socket-backed deployments. Fresh evidence in this commit is that the new get_stream branch at this location still has only the generic non-success mapping, unlike post_message which handles auth statuses explicitly.
Useful? React with 👍 / 👎.
| envs: Envs::new(merged), | ||
| env_keys: vec![], | ||
| headers, | ||
| socket, |
There was a problem hiding this comment.
ExtensionConfig::resolve substitutes env-backed values for uri and headers but leaves socket unchanged, which means ExtensionManager::add_extension's resolved-config equality check (lines 679-681 in extension_manager.rs) can miss socket-path secret rotation and skip the restart. In environments using socket: $.../env_keys, the client can stay bound to an outdated UDS path until process restart. Fresh evidence here is the new socket field being passed through unchanged at this line in the resolve path.
Useful? React with 👍 / 👎.
|
Superseded by #7860, which uses the upstream rmcp Unix domain socket client (rmcp 1.3.0) instead of the local implementation. |
5 participants
Adds optional Unix domain socket transport for
StreamableHttpMCP extensions, enabling Goose to route HTTP traffic through a local Unix socket rather than direct TCP.Some deployment environments (e.g., Kubernetes pods with a service mesh sidecar) require outbound HTTP to pass through a proxy that is only accessible via a Unix domain socket — DNS-based hostnames do not resolve over the normal network stack in these contexts. Without this,
StreamableHttpextensions targeting service-mesh-only endpoints are unreachable.socketfield toExtensionConfig::StreamableHttp(config file and goosed API; no CLI flag — this is an infrastructure concern, not a user-facing setting)StreamableHttpClienttrait viaUnixSocketHttpClientusinghyper+tokio::net::UnixStream; plugged in throughStreamableHttpClientTransport::with_client()— the reqwest path is unchanged/var/run/proxy.sock) and Linux abstract sockets (@egress.sock→ null-byte prefix)socketis set; all new deps arecfg(unix)-gated