sync latest protocol and add file mountable agent secret

Author: yoonsio

cmd/lk/agent.go

@@ -39,6 +39,7 @@ import (
 
 const (
 	cloudAgentsBetaSignupURL = "https://forms.gle/GkGNNTiMt2qyfnu78"
+	maxSecretFileSize        = 1024 * 1024 // 1MB
 )
 
 var (
@@ -69,6 +70,12 @@ var (
 		Required: false,
 	}
 
+	secretsMountFlag = &cli.StringSliceFlag{
+		Name:     "secret-mount",
+		Usage:    "Local path to a secret file to be mounted on agent environment",
+		Required: false,
+	}
+
 	logTypeFlag = &cli.StringFlag{
 		Name:     "log-type",
 		Usage:    "Type of logs to retrieve. Valid values are 'deploy' and 'build'",
@@ -103,6 +110,7 @@ var (
 					Flags: []cli.Flag{
 						secretsFlag,
 						secretsFileFlag,
+						secretsMountFlag,
 						silentFlag,
 						regionFlag,
 						skipSDKCheckFlag,
@@ -146,6 +154,7 @@ var (
 					Flags: []cli.Flag{
 						secretsFlag,
 						secretsFileFlag,
+						secretsMountFlag,
 						skipSDKCheckFlag,
 					},
 					// NOTE: since secrets may contain commas, or indeed any special character we might want to treat as a flag separator,
@@ -171,6 +180,7 @@ var (
 					Flags: []cli.Flag{
 						secretsFlag,
 						secretsFileFlag,
+						secretsMountFlag,
 					},
 					// NOTE: since secrets may contain commas, or indeed any special character we might want to treat as a flag separator,
 					// we disable it entirely here and require multiple --secrets flags to be used.
@@ -263,6 +273,7 @@ var (
 					Flags: []cli.Flag{
 						secretsFlag,
 						secretsFileFlag,
+						secretsMountFlag,
 						idFlag(false),
 						&cli.BoolFlag{
 							Name:     "overwrite",
@@ -1112,17 +1123,39 @@ func requireSecrets(_ context.Context, cmd *cli.Command, required, lazy bool) ([
 	silent := cmd.Bool("silent")
 	secrets := make(map[string]*lkproto.AgentSecret)
 
+	mountableSecretFiles := cmd.StringSlice("secret-mount")
+	for _, filePath := range mountableSecretFiles {
+		fileInfo, err := os.Stat(filePath)
+		if err != nil {
+			return nil, fmt.Errorf("failed to get secret file: %w", err)
+		}
+		if fileInfo.Size() > maxSecretFileSize {
+			return nil, fmt.Errorf("secret file size is too large (must be under %d MB): %s", maxSecretFileSize/(1024*1024), filePath)
+		}
+		fileContent, err := os.ReadFile(filePath)
+		if err != nil {
+			return nil, fmt.Errorf("failed to read secret file: %w", err)
+		}
+		name := fileInfo.Name()
+		agentSecret := &lkproto.AgentSecret{
+			Name:  name,
+			Value: []byte(fileContent),
+			Kind:  lkproto.AgentSecretKind_AGENT_SECRET_KIND_FILE,
+		}
+		secrets[name] = agentSecret
+	}
+
 	if values, err := parseKeyValuePairs(cmd, "secrets"); err != nil {
 		return nil, fmt.Errorf("failed to parse secrets: %w", err)
 	} else {
 		for key, val := range values {
 			agentSecret := &lkproto.AgentSecret{
 				Name:  key,
 				Value: []byte(val),
+				Kind:  lkproto.AgentSecretKind_AGENT_SECRET_KIND_ENVIRONMENT,
 			}
 			secrets[key] = agentSecret
 		}
-
 	}
 
 	shouldReadFromDisk := cmd.IsSet("secrets-file") || !lazy || (required && len(secrets) == 0)
@@ -1143,6 +1176,7 @@ func requireSecrets(_ context.Context, cmd *cli.Command, required, lazy bool) ([
 			secret := &lkproto.AgentSecret{
 				Name:  k,
 				Value: []byte(v),
+				Kind:  lkproto.AgentSecretKind_AGENT_SECRET_KIND_ENVIRONMENT,
 			}
 			secrets[k] = secret
 		}

cmd/lk/replay.go

@@ -160,12 +160,12 @@ func loadReplay(ctx context.Context, cmd *cli.Command) error {
 		return err
 	}
 
-	req := &replay.LoadReplayRequest{
-		ReplayId:    cmd.String("id"),
-		RoomName:    cmd.String("room"),
-		StartingPts: int64(cmd.Int("pts")),
+	req := &replay.PlaybackRequest{
+		ReplayId:  cmd.String("id"),
+		RoomName:  cmd.String("room"),
+		StartTime: int64(cmd.Int("pts")),
 	}
-	res, err := replayClient.LoadReplay(ctx, req)
+	res, err := replayClient.Playback(ctx, req)
 	if err != nil {
 		return err
 	}
@@ -180,11 +180,11 @@ func seek(ctx context.Context, cmd *cli.Command) error {
 		return err
 	}
 
-	req := &replay.RoomSeekRequest{
+	req := &replay.SeekRequest{
 		PlaybackId: cmd.String("id"),
-		Pts:        int64(cmd.Int("pts")),
+		StartTime:  int64(cmd.Int("pts")),
 	}
-	_, err = replayClient.SeekForRoom(ctx, req)
+	_, err = replayClient.Seek(ctx, req)
 	return err
 }
 
@@ -194,10 +194,10 @@ func closeReplay(ctx context.Context, cmd *cli.Command) error {
 		return err
 	}
 
-	req := &replay.CloseReplayRequest{
+	req := &replay.ClosePlaybackRequest{
 		PlaybackId: cmd.String("id"),
 	}
-	_, err = replayClient.CloseReplay(ctx, req)
+	_, err = replayClient.Close(ctx, req)
 	return err
 }
 

go.sum

@@ -274,8 +274,6 @@ github.com/livekit/mageutil v0.0.0-20250511045019-0f1ff63f7731 h1:9x+U2HGLrSw5AT
 github.com/livekit/mageutil v0.0.0-20250511045019-0f1ff63f7731/go.mod h1:Rs3MhFwutWhGwmY1VQsygw28z5bWcnEYmS1OG9OxjOQ=
 github.com/livekit/mediatransportutil v0.0.0-20250825135402-7bc31f107ade h1:lpxPcglwzUWNB4J0S2qZuyMehzmR7vW9whzSwV4IGoI=
 github.com/livekit/mediatransportutil v0.0.0-20250825135402-7bc31f107ade/go.mod h1:mSNtYzSf6iY9xM3UX42VEI+STHvMgHmrYzEHPcdhB8A=
-github.com/livekit/protocol v1.41.0 h1:aCMkM/MEmiZt7LRoZAfo1muZYjlioaw+NbVnkUDpgn8=
-github.com/livekit/protocol v1.41.0/go.mod h1:Scx8arfj5y65w6EYA3ZIKJafoN2xBuV8pauvyrvI4eg=
 github.com/livekit/protocol v1.41.1-0.20250909050443-48ed04737846 h1:J/Ry54lAQShsUZQ74DLxuvVyPl92TCaYi/47eLLKem0=
 github.com/livekit/protocol v1.41.1-0.20250909050443-48ed04737846/go.mod h1:Scx8arfj5y65w6EYA3ZIKJafoN2xBuV8pauvyrvI4eg=
 github.com/livekit/psrpc v0.6.1-0.20250726180611-3915e005e741 h1:KKL1u94l6dF9u4cBwnnfozk27GH1txWy2SlvkfgmzoY=