YouTip LogoYouTip

Codex Github

Codex GitHub Integration | Rookie Tutorial

Codex GitHub Integration | Rookie Tutorial

Codex is deeply integrated with GitHub, allowing code reviews directly in pull requests. This section details how to configure and use the GitHub integration.


Feature Overview

Through GitHub integration, you can:

Image 1

  • Request Codex reviews directly in PR comments
  • Automatically review each pull request
  • Have Codex fix CI failure issues
  • View code changes and provide suggestions

Without leaving GitHub, Codex will reply with review comments like a teammate.


Setting Up GitHub Integration

Prerequisites

  • Codex Cloud subscription
  • GitHub account

Configuration Steps

  1. Set up Codex Cloud
  2. Go to Codex Settings
  3. Enable Code review feature for the repository
  4. Authorize Codex to access your repository

You need to grant Codex permission to read repositories and create pull requests.


Requesting Code Review

Manual Review Trigger

Mention @codex review in a pull request comment:

Request Review

Enter in PR comment

@codex review

Or specify review focus

@codex review for security regressions

Codex Response

Codex will:

  1. React to the PR (πŸ‘€)
  2. Analyze code changes
  3. Post review comments
  4. Mark found issues (P0 and P1)

Codex will post review comments on the PR like a human reviewer.

Automatic Review

Enable Automatic reviews in settings:

  1. Go to Codex Settings
  2. Enable Automatic reviews
  3. Automatically post reviews when new PRs are opened

Customizing Review Content

Setting Repository Review Guidelines

Add review guidelines to AGENTS.md in the repository:

Add Review Guidelines

Review guidelines

  • Don't log PII (personally identifiable information)
  • Verify that authentication middleware wraps every route
  • Check for SQL injection vulnerabilities
  • Ensure error messages don't leak sensitive information

Module-Specific Rules

Place more specific review rules in subdirectories:

Module-Specific Rules

src/payment/ module review rules

Payment-specific reviews

  • Verify payment processing follows PCI compliance
  • Check for proper amount validation
  • Ensure transaction logging

More specific rules will be automatically applied to code changes in the corresponding module.

One-Time Review Focus

Specify review focus in comments:

Specify Review Focus

Comment examples

@codex review for security issues

@codex review for performance regressions

@codex review for documentation completeness


Giving Codex Other Tasks

Mentioning @codex (not review) in comments will launch a cloud task:

Other Tasks

Fix CI failures

@codex fix the CI failures

Add tests

@codex add tests for the new API endpoints

Refactor code

@codex refactor this function to use async/await

Using Codex's other features is as simple as @ mentioning it in a comment.


GitHub Actions Integration

You can also use Codex in GitHub Actions:

GitHub Actions Workflow

span style="color: green;">

name: Codex Review

on:

jobs:

codex-review:

runs-on: ubuntu-latest

steps:

- uses: actions/checkout@v4

- name: Run Codex Review

run: |

codex exec "Review code changes in this PR" --output review.md

- name: Post Review

uses: actions/github-script@v7

with:

script: |

const fs = require('fs');

const review = fs.readFileSync('review.md', 'utf8');

github.rest.pulls.createReview({

owner: context.repo.owner,

repo: context.repo.repo,

pull_number: context.issue.number,

body: review,

event: 'COMMENT'

});

Integrating Codex into CI/CD workflows can automate code reviews.


Best Practices

Review Guidelines

  • Clearly define review standards in AGENTS.md
  • Set specific rules for different modules
  • Specify issue priorities (P0/P1)

Automation

  • Enable automatic reviews for regular PRs
  • Use manual triggers for large changes
  • Combine with automated workflows

Good configuration can make Codex's reviews more accurate and efficient.


FAQ

Q: Does Codex review cost money?

GitHub integration requires a Codex Cloud subscription.

Q: Can Codex access private repositories?

You need to authorize Codex to access your private repositories.

Q: Can I limit which repositories Codex reviews?

Yes, you can selectively authorize repositories in settings.

Q: What severity levels does Codex flag?

By default, P0 (critical) and P1 (important) issues are flagged.

← Codex WorktreesCodex Noninteractive β†’