Skip to content

feat: saved api_key to keychain for user#104

Merged
lifeizhou-ap merged 7 commits intomainfrom
lifei/keychain
Oct 6, 2024
Merged

feat: saved api_key to keychain for user#104
lifeizhou-ap merged 7 commits intomainfrom
lifei/keychain

Conversation

@lifeizhou-ap
Copy link
Collaborator

@lifeizhou-ap lifeizhou-ap commented Oct 1, 2024

Why
Enable users to store api key in keychain for convenience

What

Rules
When the api key environment variable does not exist,

  • it looks up the api key from keychain. if it does not exist, then
  • the users are prompted to enter the api key and
  • the users are prompted whether they want to save the api key in the keychain

Changes

  • Implemented rules as above
  • Extract create_exchange into a util file
  • Moved SessionNotifier to a separate file

Screenshot 2024-10-01 at 4 08 35 PM
Screenshot 2024-10-01 at 4 09 20 PM
Screenshot 2024-10-01 at 4 09 44 PM

Screenshot 2024-10-04 at 3 17 32 PM

@lamchau
Copy link
Contributor

lamchau commented Oct 1, 2024

very cool! how would a user update the keychain with the same prompts (typo, rotation, etc)?

just had a thought! what do you think of a goose config (and maybe even a goose check)? that way we can use it as a catch all to do things

  • check latest version
  • check profiles
  • check api keys of each providers (both environment variables and keychain)?

@michaelneale
Copy link
Collaborator

cc @alecthomas

* main:
  fix: exit the goose and show the error message when provider environment variable is not set (#103)
  fix: Update OpenAI pricing per https://openai.com/api/pricing/ (#110)
  fix: update developer tool prompts to use plan task status to match allowable statuses update_plan tool call (#107)
  fix: removed the panel in the output so that the user won't have unnecessary pane borders in the copied content (#109)
  docs: update links to exchange to the new location (#108)
  chore: setup workspace for exchange (#105)
return profile


class SessionNotifier(Notifier):
Copy link
Collaborator Author

@lifeizhou-ap lifeizhou-ap Oct 4, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

moved to a seperate file


self.prompt_session = GoosePromptSession()

def _create_exchange(self) -> Exchange:
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

exacted to a util function

@lifeizhou-ap
Copy link
Collaborator Author

lifeizhou-ap commented Oct 4, 2024

just had a thought! what do you think of a goose config (and maybe even a goose check)? that way we can use it as a catch all to do things

  • check latest version
  • check profiles
  • check api keys of each providers (both environment variables and keychain)?

Yes, that could be useful.

@lifeizhou-ap
Copy link
Collaborator Author

lifeizhou-ap commented Oct 4, 2024

how would a user update the keychain with the same prompts (typo, rotation, etc)?

I think we can enhance this later. When we load the api key from keychain, the console prints the message about the api_key source. If it is not correct, the user still can update by themselves.

@lifeizhou-ap lifeizhou-ap marked this pull request as ready for review October 4, 2024 05:18
@alecthomas
Copy link
Contributor

This is awesome!

@lifeizhou-ap lifeizhou-ap merged commit f3aab12 into main Oct 6, 2024
@lifeizhou-ap lifeizhou-ap deleted the lifei/keychain branch October 7, 2024 03:13
lily-de pushed a commit that referenced this pull request Oct 7, 2024
lukealvoeiro added a commit that referenced this pull request Oct 9, 2024
* main: (41 commits)
  chore: Add goose providers list command (#116)
  docs: working ollama for desktop (#125)
  docs: format and clean up warnings/errors (#120)
  docs: update deploy workflow (#124)
  feat: Implement a goose run command (#121)
  feat: saved api_key to keychain for user (#104)
  docs: add callout plugin (#119)
  chore: add a page to docs for Goose application examples (#117)
  fix: exit the goose and show the error message when provider environment variable is not set (#103)
  fix: Update OpenAI pricing per https://openai.com/api/pricing/ (#110)
  fix: update developer tool prompts to use plan task status to match allowable statuses update_plan tool call (#107)
  fix: removed the panel in the output so that the user won't have unnecessary pane borders in the copied content (#109)
  docs: update links to exchange to the new location (#108)
  chore: setup workspace for exchange (#105)
  fix: resolve uvx when using a git client or IDE (#98)
  ci: add include-markdown for mkdocs (#100)
  chore: fix broken badge on readme (#102)
  feat: add global optional user goosehints file (#73)
  docs: update docs (#99)
  chore(release): release 0.9.3 (#97)
  ...
cbruyndoncx pushed a commit to cbruyndoncx/goose that referenced this pull request Jul 20, 2025
dianed-square added a commit that referenced this pull request Dec 4, 2025
- Use environment variables instead of direct GitHub context interpolation
  in shell scripts to prevent potential shell injection attacks
- Pin peter-evans/create-pull-request to commit SHA (v6)

Resolves code scanning alerts #103, #104, #105
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants

Comments