ci: add condition on codex trigger to avoid error

[JoJoJoJoJoJoJo]

User description

only trigger for right label

---

PR Type

Other

---

Description

• Add conditional trigger to codex workflow job

• Prevent workflow execution without proper labels

• Filter for specific codex-related labels only

---

Diagram Walkthrough

flowchart LR
  A["GitHub Event"] --> B["Condition Check"]
  B --> C["workflow_dispatch OR codex labels"]
  C --> D["Execute Codex Job"]
  B --> E["Skip Execution"]

Loading

File Walkthrough

	Relevant files
Configuration changes	codex.yml Add conditional execution to codex job                                      .github/workflows/codex.yml Added conditional if statement to codex job Filters for workflow_dispatch or specific codex labels Prevents job execution without proper triggers +1/-0

---

Summary by CodeRabbit

• Chores
  • Adjusted CI to run Codex checks only when manually triggered or when specific labels are applied, reducing noise and conserving resources. All existing steps remain unchanged. Expect clearer signals during labeled reviews and more predictable runs.
  • No user-facing changes; app functionality and behavior are unaffected.

[coderabbitai]

Walkthrough

Adds a conditional to the Codex GitHub Actions job so it runs only for workflow_dispatch events or when the event includes one of the labels: codex-review, codex-attempt, or codex-triage. No other job configuration changed.

Changes

Cohort / File(s)	Summary of Changes
GitHub Actions gating \.github/workflows/codex.yml	Added job-level conditional to run only on workflow_dispatch or when labels include codex-review, codex-attempt, or codex-triage; other job settings unchanged.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    participant GH as GitHub Event
    participant WF as Workflow: codex.yml
    participant JOB as Job: codex

    GH->>WF: Trigger (push/PR/label/workflow_dispatch)
    WF->>JOB: Evaluate condition
    alt Allowed triggers/labels
        Note over JOB: event is workflow_dispatch<br/>OR labels include codex-review / codex-attempt / codex-triage
        JOB->>JOB: Run steps (unchanged)
    else Not allowed
        Note over JOB: Skip job
    end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

I tap my paw on CI’s gate,
Only special knocks dictate—
“codex-review?” I hop right through!
“attempt or triage?” welcome too.
Else I nap, tail neatly curled,
Awaiting summons from your world. 🐇✨

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch jonathan/ci-avoid-codex-error

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[qodo-merge-pro]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 1 🔵⚪⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Possible Null Access Accessing github.event.label.name assumes label exists; for non-labeled events (e.g., issues opened, pull_request labeled payload shape differences), this may evaluate to null and fail the condition. Consider using contains() on labels array or guarding for event.action == 'labeled'. if: github.event_name == 'workflow_dispatch' || github.event.label.name == 'codex-review' || github.event.label.name == 'codex-attempt' || github.event.label.name == 'codex-triage' runs-on: ubuntu-latest Missing workflow_dispatch The job checks for workflow_dispatch but the workflow 'on:' block does not include workflow_dispatch. Add 'workflow_dispatch:' to triggers if manual runs are desired. on: issues: types: [opened, labeled] pull_request: branches: [main] types: [labeled] jobs: codex: if: github.event_name == 'workflow_dispatch' || github.event.label.name == 'codex-review' || github.event.label.name == 'codex-attempt' || github.event.label.name == 'codex-triage'

[qodo-merge-pro]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Safely check labels across events Guard against missing event.label to prevent runtime evaluation errors on events without labels (e.g., issues opened). Use contains(github.event.*) helpers to safely check labels across both issues and PRs. This ensures the job only runs when any of the codex labels are present or on workflow_dispatch. .github/workflows/codex.yml [12] -if: github.event_name == 'workflow_dispatch' || github.event.label.name == 'codex-review' || github.event.label.name == 'codex-attempt' || github.event.label.name == 'codex-triage' +if: | + github.event_name == 'workflow_dispatch' || + contains(join(github.event.issue.labels.*.name, ' '), 'codex-review') || + contains(join(github.event.issue.labels.*.name, ' '), 'codex-attempt') || + contains(join(github.event.issue.labels.*.name, ' '), 'codex-triage') || + contains(join(github.event.pull_request.labels.*.name, ' '), 'codex-review') || + contains(join(github.event.pull_request.labels.*.name, ' '), 'codex-attempt') || + contains(join(github.event.pull_request.labels.*.name, ' '), 'codex-triage') Apply / Chat Suggestion importance[1-10]: 10 __ Why: The suggestion correctly identifies a critical issue where accessing github.event.label.name will cause a workflow failure on triggers like issues:opened that do not have a label context, and it provides a robust solution.	High
More

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

.github/workflows/codex.yml (2)

26-26: Pin the action to a commit SHA for supply-chain safety.

Using @main is mutable and risky for CI determinism. Pin to a vetted commit or a trusted tag.

-        uses: openai/codex/.github/actions/codex@main
+        uses: openai/codex/.github/actions/codex@<commit-sha>

Replace with the exact commit you trust.

---

14-17: Confirm least-privilege permissions.

contents: write may be broader than needed if the action only comments on issues/PRs. If pushes aren’t required, reduce to contents: read.

 permissions:
-  contents: write
+  contents: read
   issues: write
   pull-requests: write

Please verify the Codex action’s requirements before changing.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between ec3a2d5 and 4219848.

📒 Files selected for processing (1)

• .github/workflows/codex.yml (1 hunks)

[coderabbitai]

🛠️ Refactor suggestion

Make label gating action-safe and actually enable manual runs.

• workflow_dispatch will never trigger because it’s not listed under on:.
• Guard github.event.label.name behind action == 'labeled' so issues.opened events don’t evaluate a missing label field.

Apply:

 on:
+  workflow_dispatch:
   issues:
     types: [opened, labeled]
   pull_request:
     branches: [main]
     types: [labeled]

 jobs:
   codex:
-    if: github.event_name == 'workflow_dispatch' || github.event.label.name == 'codex-review' || github.event.label.name == 'codex-attempt' || github.event.label.name == 'codex-triage'
+    if: |
+      github.event_name == 'workflow_dispatch' ||
+      (github.event.action == 'labeled' &&
+        contains(fromJSON('["codex-review","codex-attempt","codex-triage"]'), github.event.label.name))

Also applies to: 3-9

🤖 Prompt for AI Agents

.github/workflows/codex.yml around line 12 (also apply same fix to lines 3-9):
the if condition uses github.event_name == 'workflow_dispatch' which will never
be true because workflow_dispatch isn't declared under on:, and it checks
github.event.label.name without ensuring the event is 'labeled' which can cause
issues for other events; update the workflow to include workflow_dispatch under
on: so manual runs are allowed, and change the if to gate label checks behind
github.event_name == 'labeled' (e.g. github.event_name == 'workflow_dispatch' ||
(github.event_name == 'labeled' && (github.event.label.name == 'codex-review' ||
github.event.label.name == 'codex-attempt' || github.event.label.name ==
'codex-triage'))), then apply the same corrections to the other condition blocks
on lines 3-9.

[mcpm-semantic-release]

🎉 This PR is included in version 2.7.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀