update docs and logs

Signed-off-by: Grant Linville <[email protected]>

Author: g-linville

docs/docs/03-tools/04-credentials.md

@@ -8,7 +8,6 @@ directly from user input) and conveniently set them in the environment before ru
 A credential provider tool looks just like any other GPTScript, with the following caveats:
 - It cannot call the LLM and must run a command.
 - It must print contents to stdout in the format `{"env":{"ENV_VAR_1":"value1","ENV_VAR_2":"value2"}}`.
-- Any args defined on the tool will be ignored.
 
 Here is a simple example of a credential provider tool that uses the builtin `sys.prompt` to ask the user for some input:
 
@@ -50,6 +49,30 @@ credentials: credential-tool-1.gpt, credential-tool-2.gpt
 (tool stuff here)
 ```
 
+## Credential Tool Arguments
+
+Your credential tool may define arguments. Here is an example:
+
+```yaml
+name: my-credential-tool
+args: env: the environment variable to set
+args: val: the value to set it to
+
+#!/usr/bin/env bash
+
+echo "{\"env\":{\"$ENV\":\"$VAL\"}}"
+```
+
+When you reference this credential tool in another file, you can use syntax like this to set both arguments:
+
+```yaml
+credential: my-credential-tool.gpt with MY_ENV_VAR as env and "my value" as val
+
+(tool stuff here)
+```
+
+In this example, the tool's output would be `{"env":{"MY_ENV_VAR":"my value"}}`
+
 ## Storing Credentials
 
 By default, credentials are automatically stored in a config file at `$XDG_CONFIG_HOME/gptscript/config.json`.
@@ -67,16 +90,30 @@ is called `gptscript-credential-wincred.exe`.)
 There will likely be support added for other credential stores in the future.
 
 :::note
-Credentials received from credential provider tools that are not on GitHub (such as a local file) will not be stored
-in the credentials store.
+Credentials received from credential provider tools that are not on GitHub (such as a local file) and do not have an alias
+will not be stored in the credentials store.
 :::
 
+## Credential Aliases
+
+When you reference a credential tool in your script, you can give it an alias using the `as` keyword like this:
+
+```yaml
+credentials: my-credential-tool.gpt as myAlias
+
+(tool stuff here)
+```
+
+This will store the resulting credential with the name `myAlias`, rather than using the name of the tool (if it comes from GitHub).
+This is useful when you want to reference the same credential tool in scripts that need to handle different credentials,
+or when you want to store credentials that were provided by a tool that is not on GitHub.
+
 ## Credential Contexts
 
-Each stored credential is uniquely identified by the name of its provider tool and the name of its context. A credential
-context is basically a namespace for credentials. If you have multiple credentials from the same provider tool, you can
-switch between them by defining them in different credential contexts. The default context is called `default`, and this
-is used if none is specified.
+Each stored credential is uniquely identified by the name of its provider tool (or alias, if one was specified) and the name of its context.
+A credential  context is basically a namespace for credentials. If you have multiple credentials from the same provider tool,
+you can switch between them by defining them in different credential contexts. The default context is called `default`,
+and this is used if none is specified.
 
 You can set the credential context to use with the `--credential-context` flag when running GPTScript. For
 example:
@@ -97,13 +134,17 @@ credentials in all contexts with `--all-contexts`.
 You can delete a credential by running the following command:
 
 ```bash
-gptscript credential delete --credential-context <credential context> <credential tool name>
+gptscript credential delete --credential-context <credential context> <credential name>
 ```
 
 The `--show-env-vars` argument will also display the names of the environment variables that are set by the credential.
 This is useful when working with credential overrides.
 
-## Credential Overrides
+## Credential Overrides (Advanced)
+
+:::note
+The syntax for this will change at some point in the future.
+:::
 
 You can bypass credential tools and stored credentials by setting the `--credential-override` argument (or the
 `GPTSCRIPT_CREDENTIAL_OVERRIDE` environment variable) when running GPTScript. To set up a credential override, you

pkg/runner/runner.go

@@ -895,12 +895,12 @@ func (r *Runner) handleCredentials(callCtx engine.Context, monitor Monitor, env
 			// Only store the credential if the tool is on GitHub or has an alias, and the credential is non-empty.
 			if (isGitHubTool(toolName) && callCtx.Program.ToolSet[credToolRefs[0].ToolID].Source.Repo != nil) || credentialAlias != "" {
 				if isEmpty {
-					log.Warnf("Not saving empty credential for tool %s", credToolName)
+					log.Warnf("Not saving empty credential for tool %s", toolName)
 				} else if err := store.Add(*cred); err != nil {
-					return nil, fmt.Errorf("failed to add credential for tool %s: %w", credToolName, err)
+					return nil, fmt.Errorf("failed to add credential for tool %s: %w", toolName, err)
 				}
 			} else {
-				log.Warnf("Not saving credential for local tool %s - credentials will only be saved for tools from GitHub.", credToolName)
+				log.Warnf("Not saving credential for tool %s - credentials will only be saved for tools from GitHub, or tools that use aliases.", toolName)
 			}
 		}