Codex belongs in GitHub Actions when a pull request review, release check, or repeatable repository task should run from CI instead of a developer laptop. A workflow file gives the run one trigger, one checkout, one prompt source, and one captured response that maintainers can review with the rest of the pull request.
The openai/codex-action@v1 action installs the Codex CLI, starts a Responses API proxy when an API key is provided, and runs codex exec with the inputs defined in the workflow. Keeping the prompt in .github/codex/prompts/ makes the CI task reviewable, while output-file and the final-message output give later workflow steps one handoff value.
Treat pull request text, branch names, commits, and repository instruction files as untrusted input whenever Codex reads them from a CI run. Keep the OpenAI key in a GitHub Actions secret, check out code with read-only permissions for review jobs, avoid unsafe safety mode on shared runners, and move any GitHub write action into a separate job that receives only the final Codex message.
Related: How to run Codex exec with a prompt
Related: How to save the last Codex response to a file
Related: How to enable JSON output in Codex
Steps to run Codex in GitHub Actions:
- Add an OpenAI API key as a repository Actions secret.
$ gh secret set OPENAI_API_KEY --body "$OPENAI_API_KEY" ✓ Set Actions secret OPENAI_API_KEY for owner/example-app
The command requires an authenticated GitHub CLI session with permission to edit repository secrets. Keep the secret value out of workflow files and logs.
- Create .github/codex/prompts/review.md for the CI task.
Review this pull request for correctness risks, missing tests, and security-sensitive changes. Focus on changes between the pull request branch and the base branch. Report only findings that a maintainer should review before merge. Do not modify files.
Use a committed prompt file when maintainers should review changes to the CI task itself. Use the action's prompt input only for short inline instructions.
- Create .github/workflows/codex-pr-review.yml with a pull request workflow that runs Codex with a read-only sandbox.
name: Codex pull request review on: pull_request: types: [opened, synchronize, reopened] jobs: codex: runs-on: ubuntu-latest permissions: contents: read outputs: final_message: RUN_CODEX_FINAL_MESSAGE_OUTPUT steps: - uses: actions/checkout@v5 with: persist-credentials: false - name: Run Codex id: run_codex uses: openai/codex-action@v1 with: openai-api-key: REPOSITORY_OPENAI_API_KEY_SECRET prompt-file: .github/codex/prompts/review.md output-file: codex-output.md sandbox: read-only codex-args: '["--ephemeral"]' post_feedback: runs-on: ubuntu-latest needs: codex if: needs.codex.outputs.final_message != '' permissions: issues: write pull-requests: write steps: - name: Post Codex feedback env: GH_TOKEN: WORKFLOW_GITHUB_TOKEN PR_NUMBER: PULL_REQUEST_NUMBER CODEX_FINAL_MESSAGE: CODEX_JOB_FINAL_MESSAGE run: | gh pr comment "$PR_NUMBER" \ --body "$CODEX_FINAL_MESSAGE"Replace RUN_CODEX_FINAL_MESSAGE_OUTPUT with the steps.run_codex.outputs.final-message expression, REPOSITORY_OPENAI_API_KEY_SECRET with the secrets.OPENAI_API_KEY expression, WORKFLOW_GITHUB_TOKEN with the github.token expression, PULL_REQUEST_NUMBER with the github.event.pull_request.number expression, and CODEX_JOB_FINAL_MESSAGE with the needs.codex.outputs.final_message expression before committing.
The codex job keeps repository permissions read-only and exposes the action's final-message output. The post_feedback job receives GitHub write permissions only after Codex finishes.
- Check the workflow file before committing it.
$ actionlint .github/workflows/codex-pr-review.yml
No output means actionlint did not find workflow syntax or expression errors. The check does not call OpenAI or GitHub.
- Stage the prompt and workflow files.
$ git add .github/codex/prompts/review.md \ .github/workflows/codex-pr-review.yml
- Commit the GitHub Actions change.
$ git commit -m "Run Codex on pull requests" [feature/codex-review 6f4a7d2] Run Codex on pull requests 2 files changed, 52 insertions(+) create mode 100644 .github/codex/prompts/review.md create mode 100644 .github/workflows/codex-pr-review.yml
- Push the branch that contains the workflow.
$ git push -u origin HEAD Enumerating objects: 8, done. Counting objects: 100% (8/8), done. Writing objects: 100% (5/5), 1.64 KiB | 1.64 MiB/s, done. branch 'feature/codex-review' set up to track 'origin/feature/codex-review'.
- Open or update a pull request so the pull_request trigger starts the workflow.
$ gh pr create --fill https://github.com/owner/example-app/pull/42
If the pull request already exists, pushing another commit to the branch triggers the same workflow through the synchronize event.
- Check that the newest Codex workflow run completed.
$ gh run view 9812345670 \ --json status,conclusion {"conclusion":"success","status":"completed"} - Inspect the completed run when the status is not success.
$ gh run view 9812345670 --log-failed codex Run Codex responses-api-proxy started codex Run Codex codex exec completed post_feedback Post Codex feedback RequestError [HttpError]: Resource not accessible by integration
The codex job can succeed while the feedback job fails if repository permissions or fork restrictions block pull request comments.
- Confirm that the pull request received the Codex final message.
$ gh pr view 42 --comments author: github-actions[bot] -- Codex reviewed the pull request and found no blocking correctness issues. --
The comment is posted from the final-message output. The configured output-file is written inside the runner job for the same final Codex message.
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
