chore: bump upstream Codex to 26.325.31654 #34
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Release (DEB + AppImage + APT Repo) | |
| on: | |
| push: | |
| tags: | |
| - "v*" | |
| workflow_dispatch: | |
| inputs: | |
| tag: | |
| description: "Existing git tag to build and publish (e.g. v26.311.21342)" | |
| required: true | |
| type: string | |
| permissions: | |
| contents: write | |
| jobs: | |
| build-and-publish: | |
| runs-on: ${{ matrix.runner }} | |
| strategy: | |
| fail-fast: false | |
| max-parallel: 1 | |
| matrix: | |
| include: | |
| - arch: x64 | |
| runner: ubuntu-latest | |
| cli_package: "@openai/codex-linux-x64@npm:@openai/codex@0.112.0-linux-x64" | |
| - arch: arm64 | |
| runner: ubuntu-latest | |
| cli_package: "@openai/codex-linux-arm64@npm:@openai/codex@0.112.0-linux-arm64" | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.tag || github.ref }} | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v5 | |
| with: | |
| node-version: "20" | |
| cache: npm | |
| cache-dependency-path: package.json | |
| - name: Cache electron-builder toolchains | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cache/electron | |
| ~/.cache/electron-builder | |
| key: ${{ runner.os }}-ebuilder-${{ matrix.arch }}-${{ hashFiles('package.json', 'electron-builder.yml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-ebuilder-${{ matrix.arch }}- | |
| - name: Install APT tooling | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y 7zip dmg2img dpkg-dev | |
| - name: Install npm dependencies | |
| run: npm install | |
| - name: Download Codex DMG | |
| run: curl -fL "https://persistent.oaistatic.com/codex-app-prod/Codex.dmg" -o Codex.dmg | |
| - name: Setup app payload for packaging | |
| run: SKIP_APP_INSTALL=1 bash scripts/setup.sh ./Codex.dmg | |
| - name: Install Linux Codex CLI payload | |
| run: npm install --force --no-save "${{ matrix.cli_package }}" | |
| - name: Resolve Linux Codex CLI binary path | |
| id: linux_cli | |
| run: | | |
| set -euo pipefail | |
| find_cli_bin_for_arch() { | |
| find node_modules/@openai -type f -name codex \ | |
| | grep -E "/@openai/codex-linux-${{ matrix.arch }}(-[^/]+)?/vendor/.+/(codex/codex|path/codex)$" \ | |
| | head -n 1 || true | |
| } | |
| CLI_BIN="$(find_cli_bin_for_arch)" | |
| if [[ -z "${CLI_BIN}" ]]; then | |
| echo "Could not locate Linux codex binary under node_modules/@openai." >&2 | |
| exit 1 | |
| fi | |
| echo "path=${CLI_BIN}" >> "${GITHUB_OUTPUT}" | |
| file "${CLI_BIN}" | |
| - name: Replace bundled CLI with Linux binary | |
| run: | | |
| set -euo pipefail | |
| cp -f "${{ steps.linux_cli.outputs.path }}" app_resources/bin/codex | |
| chmod +x app_resources/bin/codex | |
| - name: Verify CLI payload extracted | |
| run: | | |
| test -x app_resources/bin/codex | |
| ls -l app_resources/bin/codex | |
| file app_resources/bin/codex | |
| file app_resources/bin/codex | grep -E "ELF" | |
| - name: Build DEB and AppImage | |
| run: | | |
| npx electron-builder \ | |
| --config electron-builder.yml \ | |
| --publish never \ | |
| --linux deb AppImage \ | |
| --${{ matrix.arch }} | |
| - name: Normalize artifact names | |
| env: | |
| TAG_NAME: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.tag || github.ref_name }} | |
| run: | | |
| set -euo pipefail | |
| VERSION="${TAG_NAME#v}" | |
| if [[ "${{ matrix.arch }}" == "x64" ]]; then | |
| CANON_ARCH="amd64" | |
| elif [[ "${{ matrix.arch }}" == "arm64" ]]; then | |
| CANON_ARCH="arm64" | |
| else | |
| echo "Unsupported matrix arch: ${{ matrix.arch }}" >&2 | |
| exit 1 | |
| fi | |
| DEB_FILE="$(ls -1 dist/*.deb | head -n1)" | |
| APPIMAGE_FILE="$(ls -1 dist/*.AppImage | head -n1)" | |
| mv -f "${DEB_FILE}" "dist/codex-desktop-${VERSION}-linux-${CANON_ARCH}.deb" | |
| mv -f "${APPIMAGE_FILE}" "dist/codex-desktop-${VERSION}-linux-${CANON_ARCH}.AppImage" | |
| - name: Verify packaged CLI binary | |
| env: | |
| APP_OUT_DIR: ${{ matrix.arch == 'arm64' && 'dist/linux-arm64-unpacked' || 'dist/linux-unpacked' }} | |
| run: | | |
| test -x "${APP_OUT_DIR}/resources/codex" | |
| ls -l "${APP_OUT_DIR}/resources/codex" | |
| file "${APP_OUT_DIR}/resources/codex" | |
| file "${APP_OUT_DIR}/resources/codex" | grep -E "ELF" | |
| test -x "${APP_OUT_DIR}/resources/bin/codex" | |
| ls -l "${APP_OUT_DIR}/resources/bin/codex" | |
| file "${APP_OUT_DIR}/resources/bin/codex" | |
| file "${APP_OUT_DIR}/resources/bin/codex" | grep -E "ELF" | |
| - name: Create or update GitHub release | |
| uses: softprops/action-gh-release@v2 | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.tag || github.ref_name }} | |
| files: | | |
| dist/*.deb | |
| dist/*.AppImage | |
| - name: Check DEB size for gh-pages | |
| if: matrix.arch == 'x64' | |
| id: deb_size | |
| run: | | |
| set -euo pipefail | |
| LIMIT_BYTES=$((100 * 1024 * 1024)) | |
| DEB_FILE="$(ls -1 dist/*.deb | head -n 1)" | |
| DEB_SIZE_BYTES="$(stat -c%s "${DEB_FILE}")" | |
| echo "deb_file=${DEB_FILE}" >> "${GITHUB_OUTPUT}" | |
| echo "deb_size_bytes=${DEB_SIZE_BYTES}" >> "${GITHUB_OUTPUT}" | |
| if [[ "${DEB_SIZE_BYTES}" -lt "${LIMIT_BYTES}" ]]; then | |
| echo "publish_apt=true" >> "${GITHUB_OUTPUT}" | |
| else | |
| echo "publish_apt=false" >> "${GITHUB_OUTPUT}" | |
| fi | |
| - name: Build APT repository files | |
| if: matrix.arch == 'x64' && steps.deb_size.outputs.publish_apt == 'true' | |
| run: | | |
| mkdir -p apt-public | |
| cp dist/*.deb apt-public/ | |
| bash scripts/build-apt-repo.sh apt-public | |
| bash scripts/generate-apt-install-script.sh "${{ github.repository_owner }}" "${{ github.event.repository.name }}" apt-public | |
| REPO_URL="https://${{ github.repository_owner }}.github.io/${{ github.event.repository.name }}" | |
| cat > apt-public/index.html <<EOF | |
| <!doctype html> | |
| <html lang="en"> | |
| <head> | |
| <meta charset="utf-8" /> | |
| <meta name="viewport" content="width=device-width, initial-scale=1" /> | |
| <title>Codex Desktop APT Repository</title> | |
| </head> | |
| <body> | |
| <h1>Codex Desktop APT Repository</h1> | |
| <p>Install:</p> | |
| <pre><code>curl -fsSL ${REPO_URL}/install.sh | sudo bash</code></pre> | |
| <p>Or manually:</p> | |
| <pre><code>echo "deb [trusted=yes] ${REPO_URL}/ stable main" | sudo tee /etc/apt/sources.list.d/codex-desktop.list | |
| sudo apt update | |
| sudo apt install codex-desktop</code></pre> | |
| </body> | |
| </html> | |
| EOF | |
| - name: Skip APT publish (DEB exceeds GitHub 100MB file limit) | |
| if: matrix.arch == 'x64' && steps.deb_size.outputs.publish_apt != 'true' | |
| run: | | |
| echo "Skipping gh-pages APT publish." | |
| echo "DEB file: ${{ steps.deb_size.outputs.deb_file }}" | |
| echo "Size bytes: ${{ steps.deb_size.outputs.deb_size_bytes }}" | |
| echo "Reason: GitHub blocks files >= 100MB on git pushes (gh-pages branch)." | |
| - name: Publish APT repo to gh-pages | |
| if: matrix.arch == 'x64' && steps.deb_size.outputs.publish_apt == 'true' | |
| uses: peaceiris/actions-gh-pages@v4 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| publish_branch: gh-pages | |
| publish_dir: ./apt-public |