Skip to content

[codex] Fast-close Cloudflare stream challenges#239

Merged
KilimiaoSix merged 3 commits into
qxcnm:mainfrom
KilimiaoSix:codex/cloudflare-stream-fast-close
May 18, 2026
Merged

[codex] Fast-close Cloudflare stream challenges#239
KilimiaoSix merged 3 commits into
qxcnm:mainfrom
KilimiaoSix:codex/cloudflare-stream-fast-close

Conversation

@KilimiaoSix
Copy link
Copy Markdown
Collaborator

@KilimiaoSix KilimiaoSix commented May 18, 2026
edited
Loading

Summary

  • Fast-close non-SSE upstream stream errors for /v1/responses when Cloudflare/HTML challenge responses arrive and the upstream body stalls.
  • Preserve stable bridge hints for header-only Cloudflare challenges while keeping existing status semantics.
  • Keep OpenAI account-pool model routing synchronized when accounts are added/removed, prune stale source routes, and fill missing mappings without overriding manual platform mappings.
  • Include all-in-one runtime logging bootstrap, Docker Compose entrypoint config, and GHCR owner normalization in the release workflow.

Verification

  • git diff --check
  • rustfmt --edition 2021 --check crates/service/src/apikey/apikey_models.rs crates/core/src/storage/model_sources.rs crates/core/src/storage/accounts.rs crates/core/tests/storage.rs
  • cargo test -p codexmanager-core
  • cargo test -p codexmanager-core model_source
  • cargo test -p codexmanager-service account_pool_bootstrap -- --nocapture
  • cargo test -p codexmanager-service auto_association -- --nocapture
  • cargo test -p codexmanager-service --test gateway_logs basic::gateway_rewrites_account_pool_model_from_enabled_mapping -- --test-threads=1
  • cargo test -p codexmanager-service gateway::upstream::attempt_flow::transport
  • cargo test -p codexmanager-service cloudflare -- --nocapture
  • cargo test -p codexmanager-service --test app_settings -- --test-threads=1
  • cargo test -p codexmanager-service --test gateway_logs -- --test-threads=1
  • cargo test -p codexmanager-service
  • cd apps && pnpm install --frozen-lockfile && pnpm run build:desktop

@KilimiaoSix KilimiaoSix marked this pull request as ready for review May 18, 2026 11:50
@KilimiaoSix
Copy link
Copy Markdown
Collaborator Author

KilimiaoSix commented May 18, 2026

补充说明:这个 PR 目前包含以下修复范围。

  1. Cloudflare 安全验证页快速释放
  • /v1/responses 上游流式链路遇到 403/401 text/htmlcf-mitigated: challengecf-ray/server: cloudflare 等非 SSE 错误响应时,不再等待上游连接自然 EOF 或全局 stream timeout。
  • 在 stream transport 边界最多读取 64 KiB preview,最多等待 250ms,随后主动向 bridge 发送 preview + EOF 并释放 upstream response。
  • application/json 错误和正常 text/event-stream 不走 fast-close,保持原有语义。
  • header-only Cloudflare challenge 现在也会生成稳定的 Cloudflare 安全验证页 提示,并保留 cf_ray / trace debug metadata。
  1. OpenAI 账号池的平台模型映射同步
  • 新增 active OpenAI 账号后,模型页读取 routing 或 gateway 首次使用平台模型时,会自动为账号池建立缺失的 platform_model -> openai_account -> upstream_model 映射。
  • 删除账号时同步清理该账号的 model_source_modelsmodel_source_mappings,避免模型目录继续显示已经不存在的账号来源。
  • bootstrap 时会收敛已有数据库中的旧脏数据:不存在或非 active 的 OpenAI account source routes 会被清理。
  • 如果模型目录新增了平台模型,已有账号会补齐缺失映射。
  • 保留手工映射优先级:已有 gpt-platform -> gpt-upstream 这类手工映射时,不会自动生成同账号直连映射并抢走路由。
  1. all-in-one Docker 运行支持
  • 新增服务端 logging 初始化,支持 RUST_LOG / CODEXMANAGER_LOG 和日志样式环境变量。
  • 新增根目录 docker-compose.yml,默认使用阿里云 all-in-one 镜像并挂载 /data
  • release workflow 中补齐 GHCR owner 小写化,避免 owner 含大写时 Docker tag/push 失败。

验证覆盖:

  • Cloudflare fast-close、非 SSE 错误 preview、header-only Cloudflare hint。
  • 账号池新增账号补映射、删除账号清理映射、旧脏映射收敛、目录扩展后补缺、手工映射不被覆盖。
  • codexmanager-core / codexmanager-service 全量测试,以及 appspnpm run build:desktop

@KilimiaoSix KilimiaoSix requested a review from qxcnm May 18, 2026 12:54
@KilimiaoSix KilimiaoSix merged commit 72182ed into qxcnm:main May 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@qxcnm qxcnm Awaiting requested review from qxcnm

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@KilimiaoSix