Hongming Wang
0f4ed28f62
OpenAI Codex CLI (@openai/codex >=0.72) wrapped as a Molecule workspace runtime, with native MCP-style push parity via persistent codex app-server stdio JSON-RPC. Each session holds one long-lived `codex app-server` child + one thread; A2A messages become turn/start RPCs against the existing thread. Per-thread serialization handles mid-turn arrivals (matches OpenClaw's per-chat sequentializer). Modules: - app_server.py — async JSON-RPC over NDJSON stdio (286 LOC) - executor.py — turn lifecycle, notification accumulation, error surfacing (270 LOC) - adapter.py — thin BaseAdapter shell + preflight Tests: 12/12 pass against Python NDJSON mock + fake AppServerProcess. Validated end-to-end against real codex-cli 0.72.0: - initialize handshake works - thread/start works (returns thread.id, NOT thread.threadId as the generated JSON schema claims; executor accepts both shapes) Scaffolded but not yet end-to-end verified against a real Molecule workspace + peer A2A traffic — that lands separately. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
38 lines
1.5 KiB
Bash
38 lines
1.5 KiB
Bash
#!/usr/bin/env bash
|
|
# Boot script for the codex workspace template.
|
|
#
|
|
# Unlike hermes (which boots a separate gateway daemon on :8642 first),
|
|
# codex's app-server is a stdio child of executor.py — there's no
|
|
# network service to start, no port to wait on, no health endpoint.
|
|
# This script just verifies the binary is installed and exec's
|
|
# molecule-runtime.
|
|
|
|
set -euo pipefail
|
|
|
|
# Fail-fast preflight: codex binary must be on PATH. The Dockerfile
|
|
# installs @openai/codex globally; if it isn't here, something's wrong
|
|
# with the image build.
|
|
if ! command -v codex >/dev/null 2>&1; then
|
|
echo "[start.sh] FATAL: codex binary not on PATH. Image misbuilt?" >&2
|
|
exit 1
|
|
fi
|
|
|
|
CODEX_VERSION="$(codex --version 2>&1 || echo unknown)"
|
|
echo "[start.sh] codex installed: ${CODEX_VERSION}"
|
|
|
|
# OPENAI_API_KEY must be set (codex reads it from env). The adapter's
|
|
# setup() also checks this and fails the workspace at preflight, but
|
|
# surfacing it here gives operators a clearer signal in container logs.
|
|
if [ -z "${OPENAI_API_KEY:-}" ]; then
|
|
echo "[start.sh] WARN: OPENAI_API_KEY not set. Workspace will fail preflight." >&2
|
|
fi
|
|
|
|
# Pre-create ~/.codex so codex doesn't try to mkdir it on first run as
|
|
# the wrong user. Persistent volume mount goes here for thread state.
|
|
install -d -o agent -g agent /home/agent/.codex
|
|
install -d -o agent -g agent /home/agent/.codex/sessions
|
|
|
|
# Hand off to molecule-runtime. From here, every A2A message routes
|
|
# through executor.py → app_server.py → codex app-server child.
|
|
exec gosu agent molecule-runtime
|