chore: migrate audit bridge to AIAuditBridge#102
Conversation
Co-Authored-By: Codex <noreply@openai.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: f27341fe25
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true" | ||
| CODEX_AUDIT_ENABLED: ${{ vars.CODEX_AUDIT_ENABLED || 'true' }} | ||
| CODEX_AUDIT_BRIDGE_REPOSITORY: ${{ vars.CODEX_AUDIT_BRIDGE_REPOSITORY || 'QuantStrategyLab/CodexAuditBridge' }} | ||
| CODEX_AUDIT_BRIDGE_REPOSITORY: ${{ vars.CODEX_AUDIT_BRIDGE_REPOSITORY || 'QuantStrategyLab/AIAuditBridge' }} |
There was a problem hiding this comment.
Scope the app token to AIAuditBridge
With this new default, monthly publishes dispatch to QuantStrategyLab/AIAuditBridge, but the earlier actions/create-github-app-token step is still hard-coded to request a token for CodexAuditBridge, and the dispatch code prefers APP_TOKEN over CODEX_AUDIT_DISPATCH_TOKEN. In environments where CROSS_REPO_GITHUB_APP_* credentials are configured, the workflow will therefore use an app token scoped to the old bridge repo and fail the dispatch to AIAuditBridge instead of falling back; update the token repository list or derive it from CODEX_AUDIT_BRIDGE_REPOSITORY as part of this default change.
Useful? React with 👍 / 👎.
| FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true" | ||
| CODEX_AUDIT_ENABLED: ${{ vars.CODEX_AUDIT_ENABLED || 'true' }} | ||
| CODEX_AUDIT_BRIDGE_REPOSITORY: ${{ vars.CODEX_AUDIT_BRIDGE_REPOSITORY || 'QuantStrategyLab/CodexAuditBridge' }} | ||
| CODEX_AUDIT_BRIDGE_REPOSITORY: ${{ vars.CODEX_AUDIT_BRIDGE_REPOSITORY || 'QuantStrategyLab/AIAuditBridge' }} |
There was a problem hiding this comment.
Point operator docs at AIAuditBridge
After this default changes the dispatch target to QuantStrategyLab/AIAuditBridge, the operator-facing docs still tell maintainers that provider secrets and fallback logic live in CodexAuditBridge (README.zh-CN.md:35-37, docs/operator_runbook.md:85-87). In a migration where operators follow those docs for the default path, they will configure the old bridge repository while this workflow now dispatches to AIAuditBridge, so the monthly review can fail due to missing service/provider configuration in the actual target repo.
Useful? React with 👍 / 👎.
Co-Authored-By: Codex <noreply@openai.com>
Summary
Validation