Publish Python runtime wheels on release#21784
Merged
Merged
Conversation
Contributor
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 6f2489c859
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Allow runtime package staging to include extra executables beside the bundled Codex binary so Windows runtime wheels can carry sandbox helpers. Co-authored-by: Codex <noreply@openai.com>
41076bd to
5cec2c9
Compare
Contributor
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5cec2c92c3
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Document why helper executables are copied beside the bundled Codex binary during runtime package staging. Co-authored-by: Codex <noreply@openai.com>
5cec2c9 to
69eb91c
Compare
Use generic resource fixture names and comments so runtime package staging can support Linux bwrap as well as Windows helpers. Co-authored-by: Codex <noreply@openai.com>
69eb91c to
b6b23fa
Compare
Collaborator
Author
|
@codex review |
Assert staged runtime resource binaries land under the wheel include path so packaged helpers are not dropped during build. Co-authored-by: Codex <noreply@openai.com>
Build platform-specific openai-codex-cli-bin wheels from signed release binaries and publish them to PyPI using trusted publishing. Co-authored-by: Codex <noreply@openai.com>
Document why the release workflow includes sandbox helper executables in Windows Python runtime wheels. Co-authored-by: Codex <noreply@openai.com>
Pass the release bwrap binary into Linux runtime wheel staging so PyPI installs preserve sandbox fallback behavior. Co-authored-by: Codex <noreply@openai.com>
b6b23fa to
9196541
Compare
Set the Python runtime publish job environment to match the PyPI trusted publisher configuration. Co-authored-by: Codex <noreply@openai.com>
Use the v1.13.0 commit for the PyPI publish action so the pinned action reference has a clear release version. Co-authored-by: Codex <noreply@openai.com>
Allow the Rust release workflow to finish even if the new Python runtime PyPI publish job needs follow-up. Co-authored-by: Codex <noreply@openai.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
Published Python SDK builds depend on an exact
openai-codex-cli-binruntime package, but the release workflow did not publish that runtime package to PyPI. That left the SDK packaging story incomplete: release artifacts could produce Codex binaries, but Python users still needed a matching wheel carrying the platform-specific runtime and helper executables.This PR is stacked on #21787 so release jobs can include helper binaries in runtime wheels: Linux wheels include
bwrapfor sandbox fallback, and Windows wheels include the signed sandbox/elevation helpers besidecodex.exe.What changed
openai-codex-cli-binwheels from signed release binaries on macOS, Linux, and Windows release runners.bwrapinto musllinux runtime wheels.pypiGitHub environment.v1.13.0commit SHA for reproducible release publishing.Testing
ruby -e 'require "yaml"; ARGV.each { |f| YAML.load_file(f); puts "ok #{f}" }' .github/workflows/rust-release.yml .github/workflows/rust-release-windows.ymlgit diff --checkCI is the real end-to-end verification for the release workflow path.