clone/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-04-28 08:34:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: add integration tests for codex-exec-mcp-server with execpolicy (#7617)

Browse Source 
This PR introduces integration tests that run
[codex-shell-tool-mcp](https://www.npmjs.com/package/@openai/codex-shell-tool-mcp)
as a user would. Note that this requires running our fork of Bash, so we
introduce a [DotSlash](https://dotslash-cli.com/) file for `bash` so
that we can run the integration tests on multiple platforms without
having to check the binaries into the repository. (As noted in the
DotSlash file, it is slightly more heavyweight than necessary, which may
be worth addressing as disk space in CI is limited:
https://github.com/openai/codex/pull/7678.)

To start, this PR adds two tests:

- `list_tools()` makes the `list_tools` request to the MCP server and
verifies we get the expected response
- `accept_elicitation_for_prompt_rule()` defines a `prefix_rule()` with
`decision="prompt"` and verifies the elicitation flow works as expected

Though the `accept_elicitation_for_prompt_rule()` test **only works on
Linux**, as this PR reveals that there are currently issues when running
the Bash fork in a read-only sandbox on Linux. This will have to be
fixed in a follow-up PR.

Incidentally, getting this test run to correctly on macOS also requires
a recent fix we made to `brew` that hasn't hit a mainline release yet,
so getting CI green in this PR required
https://github.com/openai/codex/pull/7680.
This commit is contained in:
Michael Bolin
2025-12-06 22:39:38 -08:00
committed by GitHub
parent 3c087e8fda
commit 3c3d3d1adc
14 changed files with 516 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
codex-rs/exec-server/src/lib.rs
View File

@@ -6,3 +6,6 @@ pub use posix::main_execve_wrapper;
#[cfg(unix)]
pub use posix::main_mcp_server;
#[cfg(unix)]
pub use posix::ExecResult;

2
codex-rs/exec-server/src/posix.rs
View File

@@ -82,6 +82,8 @@ mod mcp_escalation_policy;
mod socket;
mod stopwatch;
pub use mcp::ExecResult;
/// Default value of --execve option relative to the current executable.
/// Note this must match the name of the binary as specified in Cargo.toml.
const CODEX_EXECVE_WRAPPER_EXE_NAME: &str = "codex-execve-wrapper";

2
codex-rs/exec-server/src/posix/mcp.rs
View File

@@ -54,7 +54,7 @@ pub struct ExecParams {
pub login: Option<bool>,
}
#[derive(Debug, serde::Serialize, schemars::JsonSchema)]
#[derive(Debug, serde::Serialize, serde::Deserialize, schemars::JsonSchema)]
pub struct ExecResult {
pub exit_code: i32,
pub output: String,