fix(inspector): allow connection to inspector when using engine driver

jog1t · NathanFlurry · commit f87e8aa0784b · 2025-09-24T18:22:10.000-07:00
diff --git a/packages/cloudflare-workers/src/actor-handler-do.ts b/packages/cloudflare-workers/src/actor-handler-do.ts
@@ -4,8 +4,11 @@ import invariant from "invariant";
 import type { ActorKey, ActorRouter, Registry, RunConfig } from "rivetkit";
 import { createActorRouter, createClientWithDriver } from "rivetkit";
 import type { ActorDriver } from "rivetkit/driver-helpers";
-import { serializeEmptyPersistData } from "rivetkit/driver-helpers";
 import { promiseWithResolvers } from "rivetkit/utils";
+import {
+	type ManagerDriver,
+	serializeEmptyPersistData,
+} from "rivetkit/driver-helpers";
 import {
 	CloudflareDurableObjectGlobalState,
 	createCloudflareActorsActorDriverBuilder,
@@ -121,6 +124,8 @@ export function createActorDurableObject(
 				runConfig,
 			);
 
+			configureInspectorAccessToken(registry.config, managerDriver);
+
 			// Create inline client
 			const inlineClient = createClientWithDriver(managerDriver);
 
@@ -187,3 +192,9 @@ export function createActorDurableObject(
 		}
 	};
 }
+function configureInspectorAccessToken(
+	config: any,
+	managerDriver: ManagerDriver,
+) {
+	throw new Error("Function not implemented.");
+}
diff --git a/packages/rivetkit/scripts/dump-openapi.ts b/packages/rivetkit/scripts/dump-openapi.ts
@@ -31,6 +31,7 @@ function main() {
 		proxyRequest: unimplemented,
 		proxyWebSocket: unimplemented,
 		displayInformation: unimplemented,
+		getOrCreateInspectorAccessToken: unimplemented,
 	};
 
 	const { openapi } = createManagerRouter(
diff --git a/packages/rivetkit/src/actor/router.ts b/packages/rivetkit/src/actor/router.ts
@@ -37,7 +37,7 @@ import {
 	type ActorInspectorRouterEnv,
 	createActorInspectorRouter,
 } from "@/inspector/actor";
-import { secureInspector } from "@/inspector/utils";
+import { isInspectorEnabled, secureInspector } from "@/inspector/utils";
 import type { RunConfig } from "@/registry/run-config";
 import type { ActorDriver } from "./driver";
 import { InternalError } from "./errors";
@@ -242,7 +242,7 @@ export function createActorRouter(
 		}
 	});
 
-	if (runConfig.inspector.enabled) {
+	if (isInspectorEnabled(runConfig, "actor")) {
 		router.route(
 			"/inspect",
 			new Hono<ActorInspectorRouterEnv & { Bindings: ActorRouterBindings }>()
diff --git a/packages/rivetkit/src/driver-test-suite/mod.ts b/packages/rivetkit/src/driver-test-suite/mod.ts
@@ -4,6 +4,7 @@ import { bundleRequire } from "bundle-require";
 import invariant from "invariant";
 import { describe } from "vitest";
 import type { Transport } from "@/client/mod";
+import { configureInspectorAccessToken } from "@/inspector/utils";
 import { createManagerRouter } from "@/manager/router";
 import type { DriverConfig, Registry, RunConfig } from "@/mod";
 import { RunConfigSchema } from "@/registry/run-config";
@@ -197,6 +198,7 @@ export async function createTestRuntime(
 
 		// Create router
 		const managerDriver = driver.manager(registry.config, config);
+		configureInspectorAccessToken(config, managerDriver);
 		const { router } = createManagerRouter(
 			registry.config,
 			config,
diff --git a/packages/rivetkit/src/driver-test-suite/test-inline-client-driver.ts b/packages/rivetkit/src/driver-test-suite/test-inline-client-driver.ts
@@ -227,6 +227,10 @@ export function createTestInlineClientDriver(
 		displayInformation(): ManagerDisplayInformation {
 			return { name: "Test Inline", properties: {} };
 		},
+		getOrCreateInspectorAccessToken() {
+			// TODO:
+			return "";
+		},
 
 		// action: async <Args extends Array<unknown> = unknown[], Response = unknown>(
 		// 	_c: HonoContext | undefined,
diff --git a/packages/rivetkit/src/drivers/file-system/manager.ts b/packages/rivetkit/src/drivers/file-system/manager.ts
@@ -57,10 +57,6 @@ export class FileSystemManagerDriver implements ManagerDriver {
 		this.#driverConfig = driverConfig;
 
 		if (runConfig.inspector.enabled) {
-			if (!this.#runConfig.inspector.token()) {
-				this.#runConfig.inspector.token = () =>
-					this.#state.getOrCreateInspectorAccessToken();
-			}
 			const startedAt = new Date().toISOString();
 			function transformActor(actorState: schema.ActorState): Actor {
 				return {
@@ -317,4 +313,8 @@ export class FileSystemManagerDriver implements ManagerDriver {
 			data: this.#state.storagePath,
 		};
 	}
+
+	getOrCreateInspectorAccessToken() {
+		return this.#state.getOrCreateInspectorAccessToken();
+	}
 }
diff --git a/packages/rivetkit/src/inspector/config.ts b/packages/rivetkit/src/inspector/config.ts
@@ -56,7 +56,16 @@ const defaultCors: CorsOptions = {
 
 export const InspectorConfigSchema = z
 	.object({
-		enabled: z.boolean().optional().default(defaultEnabled),
+		enabled: z
+			.boolean()
+			.or(
+				z.object({
+					actor: z.boolean().optional().default(true),
+					manager: z.boolean().optional().default(true),
+				}),
+			)
+			.optional()
+			.default(defaultEnabled),
 		/** CORS configuration for the router. Uses Hono's CORS middleware options. */
 		cors: z
 			.custom<CorsOptions>()
diff --git a/packages/rivetkit/src/inspector/mod.ts b/packages/rivetkit/src/inspector/mod.ts
@@ -1,2 +1,3 @@
 export * from "./protocol/common";
 export * from "./protocol/mod";
+export * from "./utils";
diff --git a/packages/rivetkit/src/inspector/utils.ts b/packages/rivetkit/src/inspector/utils.ts
@@ -1,5 +1,6 @@
 import crypto from "node:crypto";
 import { createMiddleware } from "hono/factory";
+import type { ManagerDriver } from "@/driver-helpers/mod";
 import type { RunConfig } from "@/mod";
 import type { RunConfigInput } from "@/registry/run-config";
 import { inspectorLogger } from "./log";
@@ -28,10 +29,6 @@ export function compareSecrets(providedSecret: string, validSecret: string) {
 
 export const secureInspector = (runConfig: RunConfig) =>
 	createMiddleware(async (c, next) => {
-		if (!runConfig.inspector.enabled) {
-			return c.text("Inspector is not enabled", 503);
-		}
-
 		const userToken = c.req.header("Authorization")?.replace("Bearer ", "");
 		if (!userToken) {
 			return c.text("Unauthorized", 401);
@@ -74,3 +71,25 @@ export function getInspectorUrl(runConfig: RunConfigInput | undefined) {
 
 	return url.href;
 }
+
+export const isInspectorEnabled = (
+	runConfig: RunConfig,
+	context: "actor" | "manager",
+) => {
+	if (typeof runConfig.inspector?.enabled === "boolean") {
+		return runConfig.inspector.enabled;
+	} else if (typeof runConfig.inspector?.enabled === "object") {
+		return runConfig.inspector.enabled[context];
+	}
+	return false;
+};
+
+export const configureInspectorAccessToken = (
+	runConfig: RunConfig,
+	managerDriver: ManagerDriver,
+) => {
+	if (!runConfig.inspector?.token()) {
+		const token = managerDriver.getOrCreateInspectorAccessToken();
+		runConfig.inspector.token = () => token;
+	}
+};
diff --git a/packages/rivetkit/src/manager/driver.ts b/packages/rivetkit/src/manager/driver.ts
@@ -45,6 +45,13 @@ export interface ManagerDriver {
 	 * @internal
 	 */
 	readonly inspector?: ManagerInspector;
+
+	/**
+	 * Get or create the inspector access token.
+	 * @internal
+	 * @returns creates or returns existing inspector access token
+	 */
+	getOrCreateInspectorAccessToken: () => string;
 }
 
 export interface ManagerDisplayInformation {
diff --git a/packages/rivetkit/src/manager/router.ts b/packages/rivetkit/src/manager/router.ts
@@ -27,7 +27,7 @@ import type {
 	TestInlineDriverCallResponse,
 } from "@/driver-test-suite/test-inline-client-driver";
 import { createManagerInspectorRouter } from "@/inspector/manager";
-import { secureInspector } from "@/inspector/utils";
+import { isInspectorEnabled, secureInspector } from "@/inspector/utils";
 import {
 	type ActorsCreateRequest,
 	ActorsCreateRequestSchema,
@@ -436,7 +436,7 @@ export function createManagerRouter(
 		router as unknown as Hono,
 	);
 
-	if (runConfig.inspector?.enabled) {
+	if (isInspectorEnabled(runConfig, "manager")) {
 		if (!managerDriver.inspector) {
 			throw new Unsupported("inspector");
 		}
diff --git a/packages/rivetkit/src/registry/mod.ts b/packages/rivetkit/src/registry/mod.ts
@@ -1,7 +1,11 @@
 import { type Client, createClientWithDriver } from "@/client/client";
 import { configureBaseLogger, configureDefaultLogger } from "@/common/log";
 import { chooseDefaultDriver } from "@/drivers/default";
-import { getInspectorUrl } from "@/inspector/utils";
+import {
+	configureInspectorAccessToken,
+	getInspectorUrl,
+	isInspectorEnabled,
+} from "@/inspector/utils";
 import { createManagerRouter } from "@/manager/router";
 import pkg from "../../package.json" with { type: "json" };
 import {
@@ -58,11 +62,11 @@ export class Registry<A extends RegistryActors> {
 
 		// TODO: Find cleaner way of disabling by default
 		if (driver.name === "engine") {
-			config.inspector.enabled = false;
+			config.inspector.enabled = { manager: false, actor: true };
 			config.disableServer = true;
 		}
 		if (driver.name === "cloudflare-workers") {
-			config.inspector.enabled = false;
+			config.inspector.enabled = { manager: false, actor: true };
 			config.disableServer = true;
 			config.disableActorDriver = true;
 			config.noWelcome = true;
@@ -76,6 +80,7 @@ export class Registry<A extends RegistryActors> {
 
 		// Create router
 		const managerDriver = driver.manager(this.#config, config);
+		configureInspectorAccessToken(config, managerDriver);
 		const { router: hono } = createManagerRouter(
 			this.#config,
 			config,
@@ -92,7 +97,7 @@ export class Registry<A extends RegistryActors> {
 			definitions: Object.keys(this.#config.use).length,
 			...driverLog,
 		});
-		if (config.inspector?.enabled && managerDriver.inspector) {
+		if (isInspectorEnabled(config, "manager") && managerDriver.inspector) {
 			logger().info({ msg: "inspector ready", url: getInspectorUrl(config) });
 		}
 
@@ -106,8 +111,8 @@ export class Registry<A extends RegistryActors> {
 				const padding = " ".repeat(Math.max(0, 13 - k.length));
 				console.log(`  - ${k}:${padding}${v}`);
 			}
-			if (config.inspector?.enabled && managerDriver.inspector) {
-				console.log(`  - Inspector:    ${getInspectorUrl(config)}`);
+			if (isInspectorEnabled(config, "manager") && managerDriver.inspector) {
+				console.log(`  - Inspector:     ${getInspectorUrl(config)}`);
 			}
 			console.log();
 		}
diff --git a/packages/rivetkit/src/remote-manager-driver/mod.ts b/packages/rivetkit/src/remote-manager-driver/mod.ts
@@ -2,6 +2,7 @@ import * as cbor from "cbor-x";
 import type { Context as HonoContext } from "hono";
 import invariant from "invariant";
 import { deserializeActorKey, serializeActorKey } from "@/actor/keys";
+import { generateRandomString } from "@/actor/utils";
 import type { ClientConfig } from "@/client/client";
 import { noopNext } from "@/common/utils";
 import type {
@@ -257,4 +258,8 @@ export class RemoteManagerDriver implements ManagerDriver {
 	displayInformation(): ManagerDisplayInformation {
 		return { name: "Remote", properties: {} };
 	}
+
+	getOrCreateInspectorAccessToken() {
+		return generateRandomString();
+	}
 }
diff --git a/packages/rivetkit/src/test/mod.ts b/packages/rivetkit/src/test/mod.ts
@@ -5,7 +5,10 @@ import { type TestContext, vi } from "vitest";
 import { type Client, createClient } from "@/client/mod";
 import { chooseDefaultDriver } from "@/drivers/default";
 import { createFileSystemOrMemoryDriver } from "@/drivers/file-system/mod";
-import { getInspectorUrl } from "@/inspector/utils";
+import {
+	configureInspectorAccessToken,
+	getInspectorUrl,
+} from "@/inspector/utils";
 import { createManagerRouter } from "@/manager/router";
 import type { Registry } from "@/registry/mod";
 import { RunConfigSchema } from "@/registry/run-config";
@@ -27,6 +30,7 @@ function serve(registry: Registry<any>, inputConfig?: InputConfig): ServerType {
 	const runConfig = RunConfigSchema.parse(inputConfig);
 	const driver = inputConfig.driver ?? createFileSystemOrMemoryDriver(false);
 	const managerDriver = driver.manager(registry.config, config);
+	configureInspectorAccessToken(config, managerDriver);
 	const { router } = createManagerRouter(
 		registry.config,
 		runConfig,

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,3 @@`
`1`	`1`	`export * from "./protocol/common";`
`2`	`2`	`export * from "./protocol/mod";`
	`3`	`+export * from "./utils";`