codex-acp/.github/workflows/codex-update.yml at main · agentclientprotocol/codex-acp · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
name: Codex Update

on:
  schedule:
    - cron: '0 5 * * *'
  workflow_dispatch:

env:
  CODEX_PACKAGE: '@openai/codex'

jobs:
  check:
    runs-on: ubuntu-latest
    outputs:
      should_update: ${{ steps.check.outputs.should_update }}
      version: ${{ steps.check.outputs.version }}
      branch: ${{ steps.check.outputs.branch }}
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Check if update is required
        id: check
        run: |
          RAW=$(jq -r --arg pkg "$CODEX_PACKAGE" '.dependencies[$pkg]' package.json)
          CURRENT="${RAW#[\^~]}"
          LATEST=$(npm view "$CODEX_PACKAGE" version)

          if [ "$CURRENT" = "$LATEST" ]; then
            echo "Package is up to date ($CURRENT)"
            exit 0
          fi

          BRANCH="codex-update/$LATEST"

          if git ls-remote --exit-code --heads origin "refs/heads/$BRANCH" >/dev/null 2>&1; then
            echo "Branch $BRANCH already exists"
            exit 0
          fi

          echo "version=$LATEST" >> "$GITHUB_OUTPUT"
          echo "branch=$BRANCH" >> "$GITHUB_OUTPUT"
          echo "should_update=true" >> "$GITHUB_OUTPUT"

  update:
    needs: check
    if: needs.check.outputs.should_update == 'true'
    runs-on: ubuntu-latest
    env:
      BRANCH: ${{ needs.check.outputs.branch }}
      VERSION: ${{ needs.check.outputs.version }}
    steps:
      - name: Generate GitHub token
        uses: actions/create-github-app-token@v2
        id: generate-token
        with:
          app-id: ${{ secrets.RELEASE_PLZ_APP_ID }}
          private-key: ${{ secrets.RELEASE_PLZ_APP_PRIVATE_KEY }}

      - uses: actions/checkout@v4
        with:
          token: ${{ steps.generate-token.outputs.token }}

      - name: Configure git user and prepare branch
        run: |
          git config user.name "github-actions[bot]"
          git config user.email "github-actions[bot]@users.noreply.github.com"
          git checkout -b "$BRANCH" --

      - name: Install new version of package and commit
        run: |
          npm install "$CODEX_PACKAGE@$VERSION"
          npm run generate-types
          git add package.json package-lock.json src/app-server
          git commit -m "Update codex to $VERSION"

      - name: Finalize update with Codex
        id: codex-finalize
        uses: openai/codex-action@v1
        with:
          openai-api-key: ${{ secrets.OPENAI_API_KEY }}
          codex-version: ${{ env.VERSION }}
          output-file: pr-body.md
          codex-args: >-
            -c sandbox_workspace_write.writable_roots=["${{ github.workspace }}/.git"]
          prompt: >
            Finalize the update using codex-update-compat skill.
            Commit the changes, the message should mention that types or/and tests after the update were fixed.
            When creating the final message do not mention:
            * Validation run details.
            * Commits.
            * Hyperlinks.
            Mention only previously failed tests with failure reasons, also what you changed and why.

      - name: Push branch updates
        run: |
          git push -- origin "$BRANCH"

      - name: Create PR
        env:
          GH_TOKEN: ${{ steps.generate-token.outputs.token }}
        run: |
          echo -e "[What's new](https://github.com/openai/codex/releases/tag/rust-v${VERSION})\n\n$(cat pr-body.md 2>/dev/null || true)" > pr-body.md

          gh pr create \
            --base main \
            --title "Update codex to $VERSION" \
            --body-file pr-body.md \
            --label "codex-update"