52 52
53## Automate reviews in CI/CD53## Automate reviews in CI/CD
54 54
55You can run a change review from any CI/CD system that can check out the target55Run the same `$codex-security:security-diff-scan` skill from CI when the runner
56revisions and invoke the Codex CLI without interaction. Resolve the exact base56can invoke the Codex CLI without interaction. The runner must already have
57and head revisions, use a read-only sandbox, save the Markdown result, and57Codex Security installed in the `CODEX_HOME` used by `codex exec`. A fresh
58publish it through your CI/CD system.58runner doesn't have marketplace plugins installed by default, and
59 59`openai/codex-action` doesn't install the plugin.
60### GitHub Actions example60
61 61Before running the scan:
62The following GitHub Actions workflow is one implementation of this pattern. It62
63uses `openai/codex-action` to install the Codex CLI and run `codex exec` with a631. Provision Codex Security in the runner's `CODEX_HOME`.
64read-only sandbox. It produces a Markdown review for every in-scope pull642. Check out the exact base and head revisions with their Git history.
65request.653. Set the runner's platform temporary directory, such as `TMPDIR`, to a
66 66 writable artifact location. The diff-scan workflow reviews the checkout
67Before you add the workflow:67 without changing it, but it writes its sealed scan bundle and final report
68 68 outside the repository.
691. Create an `OPENAI_API_KEY` repository or organization secret.694. Start with advisory results. Review scan quality and runtime before making
702. Save the workflow as `.github/workflows/codex-security-review.yml`.70 the job a required check.
713. Start with advisory comments. Tune the prompt and review the results before71
72 making the workflow a required check.72Then invoke the plugin explicitly:
73 73
74```yaml74```bash
75name: Codex Security pull request review75export CODEX_HOME=/path/to/provisioned-codex-home
76 76export TMPDIR=/path/to/writable/temp
77on:77
78 pull_request:78codex exec \
79 types: [opened, synchronize, reopened]79 --sandbox workspace-write \
80 80 --output-last-message "$TMPDIR/codex-security-review.md" \
81jobs:81 'Use $codex-security:security-diff-scan to review changes from <base-revision> to <head-revision> for security regressions. Do not modify the checkout. Return the final report path, findings summary, reviewed surfaces, deferred coverage, and open questions.'
82 security_review:
83 if: github.event.pull_request.head.repo.full_name == github.repository
84 runs-on: ubuntu-latest
85 permissions:
86 contents: read
87 outputs:
88 final_message: ${{ steps.run_codex.outputs.final-message }}
89
90 steps:
91 - uses: actions/checkout@v5
92 with:
93 ref: refs/pull/${{ github.event.pull_request.number }}/merge
94 fetch-depth: 0
95 persist-credentials: false
96
97 - name: Fetch pull request refs
98 env:
99 PR_BASE_REF: ${{ github.event.pull_request.base.ref }}
100 PR_NUMBER: ${{ github.event.pull_request.number }}
101 run: |
102 git fetch --no-tags origin \
103 "$PR_BASE_REF" \
104 "+refs/pull/$PR_NUMBER/head"
105
106 - name: Run Codex Security review
107 id: run_codex
108 uses: openai/codex-action@v1
109 with:
110 openai-api-key: ${{ secrets.OPENAI_API_KEY }}
111 sandbox: read-only
112 output-file: codex-security-review.md
113 prompt: |
114 Review the pull request changes from
115 ${{ github.event.pull_request.base.sha }} to
116 ${{ github.event.pull_request.head.sha }} for security regressions.
117
118 Focus on authentication, authorization, input handling, filesystem
119 access, network requests, secrets, and changes to shared security
120 controls. Return a concise Markdown review with affected paths and
121 lines, evidence, impact, and remediation guidance. If there are no
122 findings, summarize the security-sensitive surfaces reviewed and
123 any coverage gaps.
124
125 - name: Upload the review
126 uses: actions/upload-artifact@v4
127 with:
128 name: codex-security-review
129 path: codex-security-review.md
130
131 post_review:
132 needs: security_review
133 if: needs.security_review.outputs.final_message != ''
134 runs-on: ubuntu-latest
135 permissions:
136 issues: write
137 pull-requests: write
138
139 steps:
140 - name: Post the review
141 uses: actions/github-script@v7
142 env:
143 CODEX_FINAL_MESSAGE: ${{ needs.security_review.outputs.final_message }}
144 with:
145 github-token: ${{ github.token }}
146 script: |
147 await github.rest.issues.createComment({
148 owner: context.repo.owner,
149 repo: context.repo.repo,
150 issue_number: context.payload.pull_request.number,
151 body: process.env.CODEX_FINAL_MESSAGE,
152 });
153```82```
154 83
155This workflow checks out the pull request merge commit and fetches the base and84Archive the generated scan bundle and final report, then publish the Markdown
156head refs so Codex can resolve the exact change. The security review job has85summary through your CI/CD system. If you use `openai/codex-action`, point its
157read-only repository permissions. A separate job receives permission to post86`codex-home` input at the same provisioned directory and pass the skill prompt
158the final Markdown review, but it never receives the OpenAI API key.87above. The action can install and run the Codex CLI, but plugin provisioning is
88a separate prerequisite.
159 89
160For action inputs, privilege controls, and troubleshooting, see the [Codex90For API-key handling, sandbox controls, fork protections, and a GitHub Actions
161GitHub Action guide](https://developers.openai.com/codex/github-action).91workflow, see the [Codex GitHub Action guide](https://developers.openai.com/codex/github-action).
