cabbage/codex-telegram-bot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Codex app-server upgrade skill

Browse Source
This commit is contained in:
Codex
2026-05-25 04:39:06 +00:00
parent 09ff990468
commit 41f1e2e1d0
4 changed files with 72 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
.codex/skills/codex-app-server-upgrade/SKILL.md Normal file
View File

@@ -0,0 +1,64 @@
---
name: codex-app-server-upgrade
description: Safely check, update, or self-upgrade the host Codex app-server and Codex CLI binary for this project. Use when asked to upgrade Codex, run app-server update checks, restart Codex after an update, or let Codex invoke its own app-server upgrade through the project script.
---
# Codex App Server Upgrade
Use the project app-server script instead of manually replacing binaries. It is designed to be portable and self-upgrade-safe.
## Locate the Script
Work from the current project root when possible. The script is:
```bash
scripts/start-codex-app-server
```
If the current directory is not the project root, find the nearest repository containing `scripts/start-codex-app-server` and run commands from that directory. Do not hardcode absolute paths.
## Commands
Check status:
```bash
scripts/start-codex-app-server status
```
Check for updates without changing anything:
```bash
scripts/start-codex-app-server check-updates
```
Apply an upgrade non-interactively:
```bash
scripts/start-codex-app-server check-updates -y
```
`check-upgrade` is accepted as an alias for `check-updates`.
## Self-Upgrade Behavior
When the app-server is running, `check-updates -y` downloads and validates the new Codex binary first, then starts a detached worker to stop the app-server process group, replace the binary, and start the app-server again. This is the correct path even when Codex itself initiated the command.
Expect the current Codex connection or tool call to be interrupted after the handoff. After a short delay, verify the outcome with:
```bash
scripts/start-codex-app-server status
```
If needed, inspect the portable project-local upgrade log:
```bash
sed -n '1,160p' run/codex-app-server-upgrade.log
```
## Safety Rules
- Do not manually `kill`, `mv`, or overwrite the Codex binary for this workflow.
- Do not assume `/usr/local/bin/codex`, a specific home directory, or any machine-specific path.
- Use `CODEX_BIN=/absolute/path/to/codex` only when the user or environment explicitly requires a non-default binary.
- If the script reports that it cannot replace the binary without write permission, stop and report that non-interactive privileges or a writable `CODEX_BIN` are required.
- Do not run `check-updates -y` unless the user explicitly asked to upgrade or auto-approve the update.

4
.codex/skills/codex-app-server-upgrade/agents/openai.yaml Normal file
View File

@@ -0,0 +1,4 @@
interface:
display_name: "Codex App Server Upgrade"
short_description: "Safely self-upgrade Codex app-server."
default_prompt: "Safely check for and apply a Codex app-server upgrade using the project script."

2
README.md
View File

@@ -11,7 +11,7 @@ Docker Compose runs only the Go Telegram bot. Codex runs on the host through `co
scripts/start-codex-app-server start
```
The script supports `start`, `stop`, `status`, and `check-updates [-y]`. `start` launches Codex detached, writes `run/codex-app-server.pid`, logs to `run/codex-app-server.log`, and is idempotent if the socket is already live. `check-updates` compares the local `codex` binary with the latest OpenAI Codex GitHub release. With `-y`, it downloads and validates the matching platform archive before stopping a running app-server. If the app-server is running, the final stop/replace/start step is handed to a detached worker so the upgrade can complete even when invoked from Codex itself. If the upgraded server fails to start, the worker restores the previous binary and starts it again.
The script supports `start`, `stop`, `status`, `check-updates [-y]`, and the alias `check-upgrade [-y]`. `start` launches Codex detached, writes `run/codex-app-server.pid`, logs to `run/codex-app-server.log`, and is idempotent if the socket is already live. `check-updates` compares the local `codex` binary with the latest OpenAI Codex GitHub release. With `-y`, it downloads and validates the matching platform archive before stopping a running app-server. If the app-server is running, the final stop/replace/start step is handed to a detached worker so the upgrade can complete even when invoked from Codex itself. If the upgraded server fails to start, the worker restores the previous binary and starts it again.
3. Add at least one Telegram user and workspace:

5
scripts/start-codex-app-server
View File

@@ -26,13 +26,14 @@ chmod 700 "$RUN_DIR"
usage() {
cat <<USAGE
Usage: $0 <start|stop|status|check-updates> [options]
Usage: $0 <start|stop|status|check-updates|check-upgrade> [options]
Commands:
start Start codex app-server if it is not already running.
stop Stop codex app-server and remove stale runtime files.
status Print whether codex app-server is running.
check-updates [-y] Check GitHub releases and optionally install the latest Codex binary.
check-upgrade [-y] Alias for check-updates.
Environment:
CODEX_BIN Codex executable to replace. Defaults to the codex found on PATH.
@@ -565,7 +566,7 @@ case "$cmd" in
if [[ $# -ne 0 ]]; then usage; exit 2; fi
status_server
;;
check-updates)
check-updates|check-upgrade)
shift || true
check_updates "$@"
;;