clone/codex
1
0
Fork 0
mirror of https://github.com/openai/codex.git synced 2026-04-28 00:25:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
9e800dc9abee13226d8a1fd7e810af651db738f0
codex/.github/workflows
History
Michael Bolin 2e942ce830 ci: sync Bazel clippy lints and fix uncovered violations (#16351) 
## Why

Follow-up to #16345, the Bazel clippy rollout in #15955, and the cleanup
pass in #16353.

`cargo clippy` was enforcing the workspace deny-list from
`codex-rs/Cargo.toml` because the member crates opt into `[lints]
workspace = true`, but Bazel clippy was only using `rules_rust` plus
`clippy.toml`. That left the Bazel lane vulnerable to drift:
`clippy.toml` can tune lint behavior, but it cannot set
allow/warn/deny/forbid levels.

This PR now closes both sides of the follow-up. It keeps `.bazelrc` in
sync with `[workspace.lints.clippy]`, and it fixes the real clippy
violations that the newly-synced Windows Bazel lane surfaced once that
deny-list started matching Cargo.

## What Changed

- added `.github/scripts/verify_bazel_clippy_lints.py`, a Python check
that parses `codex-rs/Cargo.toml` with `tomllib`, reads the Bazel
`build:clippy` `clippy_flag` entries from `.bazelrc`, and reports
missing, extra, or mismatched lint levels
- ran that verifier from the lightweight `ci.yml` workflow so the sync
check does not depend on a Rust toolchain being installed first
- expanded the `.bazelrc` comment to explain the Cargo `workspace =
true` linkage and why Bazel needs the deny-list duplicated explicitly
- fixed the Windows-only `codex-windows-sandbox` violations that Bazel
clippy reported after the sync, using the same style as #16353: inline
`format!` args, method references instead of trivial closures, removed
redundant clones, and replaced SID conversion `unwrap` and `expect`
calls with proper errors
- cleaned up the remaining cross-platform violations the Bazel lane
exposed in `codex-backend-client` and `core_test_support`

## Testing

Key new test introduced by this PR:

`python3 .github/scripts/verify_bazel_clippy_lints.py`
2026-03-31 17:09:48 -07:00
..
bazel.yml
build: migrate argument-comment-lint to a native Bazel aspect (#16106)
2026-03-28 12:41:56 -07:00
blob-size-policy.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
cargo-deny.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
ci.yml
ci: sync Bazel clippy lints and fix uncovered violations (#16351)
2026-03-31 17:09:48 -07:00
cla.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
close-stale-contributor-prs.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
codespell.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
Dockerfile.bazel
ci(bazel): install Node from node-version.txt in remote image (#12205)
2026-02-20 11:51:17 -08:00
issue-deduplicator.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
issue-labeler.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
README.md
ci: split fast PR Rust CI from full post-merge Cargo CI (#16072)
2026-03-27 21:08:08 -07:00
rust-ci-full.yml
ci: run Windows argument-comment-lint via native Bazel (#16120)
2026-03-30 15:32:04 -07:00
rust-ci.yml
ci: run Windows argument-comment-lint via native Bazel (#16120)
2026-03-30 15:32:04 -07:00
rust-release-argument-comment-lint.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
rust-release-prepare.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
rust-release-windows.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
rust-release-zsh.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
rust-release.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
rusty-v8-release.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
sdk.yml
ci: run SDK tests with a Bazel-built codex (#16046)
2026-03-27 17:17:22 -07:00
v8-canary.yml
[codex] Pin GitHub Actions workflow references (#15828)
2026-03-27 23:00:05 +00:00
zstd
ci(windows): use DotSlash for zstd in rust-release-windows (#11542)
2026-02-11 20:57:11 -08:00

README.md

Workflow Strategy

The workflows in this directory are split so that pull requests get fast, review-friendly signal while main still gets the full cross-platform verification pass.

Pull Requests

  • bazel.yml is the main pre-merge verification path for Rust code. It runs Bazel test and Bazel clippy on the supported Bazel targets.
  • rust-ci.yml keeps the Cargo-native PR checks intentionally small:
    • cargo fmt --check
    • cargo shear
    • argument-comment-lint on Linux, macOS, and Windows
    • tools/argument-comment-lint package tests when the lint or its workflow wiring changes

The PR workflow still keeps the Linux lint lane on the default-targets-only invocation for now, but the released linter runs on Linux, macOS, and Windows before merge.

Post-Merge On main

  • bazel.yml also runs on pushes to main. This re-verifies the merged Bazel path and helps keep the BuildBuddy caches warm.
  • rust-ci-full.yml is the full Cargo-native verification workflow. It keeps the heavier checks off the PR path while still validating them after merge:
    • the full Cargo clippy matrix
    • the full Cargo nextest matrix
    • release-profile Cargo builds
    • cross-platform argument-comment-lint
    • Linux remote-env tests

Rule Of Thumb

  • If a build/test/clippy check can be expressed in Bazel, prefer putting the PR-time version in bazel.yml.
  • Keep rust-ci.yml fast enough that it usually does not dominate PR latency.
  • Reserve rust-ci-full.yml for heavyweight Cargo-native coverage that Bazel does not replace yet.
Reference in New Issue View Git Blame Copy Permalink