From 041ac774d06fd39007c6a28d9c62ed710ea0ac0f Mon Sep 17 00:00:00 2001 From: Pigbibi <20649888+Pigbibi@users.noreply.github.com> Date: Sun, 24 May 2026 13:56:41 +0800 Subject: [PATCH] chore: default monthly review provider to auto --- .github/workflows/monthly_publish.yml | 2 +- README.md | 6 +++--- README.zh-CN.md | 6 +++--- docs/operator_runbook.md | 2 +- tests/test_monthly_publish_workflow_config.py | 1 + 5 files changed, 9 insertions(+), 8 deletions(-) diff --git a/.github/workflows/monthly_publish.yml b/.github/workflows/monthly_publish.yml index f776ff7..14b6c6a 100644 --- a/.github/workflows/monthly_publish.yml +++ b/.github/workflows/monthly_publish.yml @@ -31,7 +31,7 @@ jobs: SELFHOSTED_CODEX_REVIEW_ENABLED: ${{ vars.SELFHOSTED_CODEX_REVIEW_ENABLED || 'true' }} SELFHOSTED_CODEX_REVIEW_REPOSITORY: ${{ vars.SELFHOSTED_CODEX_REVIEW_REPOSITORY || 'QuantStrategyLab/CryptoCodexAuditBridge' }} SELFHOSTED_CODEX_REVIEW_MODE: ${{ vars.SELFHOSTED_CODEX_REVIEW_MODE || 'review_and_fix' }} - SELFHOSTED_CODEX_REVIEW_PROVIDER: ${{ vars.SELFHOSTED_CODEX_REVIEW_PROVIDER || 'codex' }} + SELFHOSTED_CODEX_REVIEW_PROVIDER: ${{ vars.SELFHOSTED_CODEX_REVIEW_PROVIDER || 'auto' }} SELFHOSTED_CODEX_REVIEW_AUTO_MERGE: ${{ vars.SELFHOSTED_CODEX_REVIEW_AUTO_MERGE || 'false' }} steps: diff --git a/README.md b/README.md index 29198a1..3a79d74 100644 --- a/README.md +++ b/README.md @@ -535,9 +535,9 @@ Behavior: After the monthly report bundle is assembled, the workflow creates a GitHub Issue containing the full `ai_review_input.md` content. The automated review route dispatches `QuantStrategyLab/CryptoCodexAuditBridge`. The bridge owns provider selection through `SELFHOSTED_CODEX_REVIEW_PROVIDER`: -- `codex` (default): run Codex on the self-hosted VPS runner, post the audit result, and open a PR directly for safe low-risk fixes. +- `auto` (default): run Codex first; if Codex fails and the bridge has `OPENAI_API_KEY`, post the API review fallback from the bridge. If the API fallback is not configured, fail loudly. +- `codex`: run Codex on the self-hosted VPS runner, post the audit result, and open a PR directly for safe low-risk fixes without API fallback. - `openai`: run an API review inside the bridge and post a review comment only. -- `auto`: try Codex first; if Codex fails and the bridge has `OPENAI_API_KEY`, post the API review fallback from the bridge. If the bridge dispatch itself fails, the monthly publish workflow fails loudly instead of silently skipping review. @@ -553,7 +553,7 @@ Review output is posted back to the monthly issue. ### Optional Bridge API Fallback -- `SELFHOSTED_CODEX_REVIEW_PROVIDER`: set to `openai` or `auto` in this source repository. +- `SELFHOSTED_CODEX_REVIEW_PROVIDER`: defaults to `auto`; set to `codex` to disable API fallback or `openai` for API-only review. - `OPENAI_API_KEY`: configure in `CryptoCodexAuditBridge`, not this source repository. - `OPENAI_MODEL`: optional bridge repository variable, default `gpt-5.4-mini`. diff --git a/README.zh-CN.md b/README.zh-CN.md index baaa8b8..0d0faa8 100644 --- a/README.zh-CN.md +++ b/README.zh-CN.md @@ -382,9 +382,9 @@ make monthly-review-briefing 月报 bundle 组装完成后,workflow 会自动创建一个 GitHub Issue,内容为完整的 `ai_review_input.md`。自动审阅路径会 dispatch `QuantStrategyLab/CryptoCodexAuditBridge`,由 bridge 统一决定 provider: -- `codex`(默认):由 self-hosted VPS runner 上已登录的 Codex CLI 读取月报 Issue、回帖审计结果,并在发现安全、低风险的问题时直接创建修复 PR。 +- `auto`(默认):先跑 Codex;如果 Codex 失败且 bridge 配置了 `OPENAI_API_KEY`,由 bridge 回落到 OpenAI API 审阅;如果 API fallback 没配置则明确失败。 +- `codex`:只跑 Codex,不使用 API fallback。 - `openai`:在 bridge 内运行 API 审阅,只回帖,不改代码。 -- `auto`:先跑 Codex;如果 Codex 失败且 bridge 配置了 `OPENAI_API_KEY`,由 bridge 回落到 OpenAI API 审阅。 如果 bridge dispatch 本身失败,monthly publish workflow 会直接失败,而不是静默跳过审阅。 @@ -400,7 +400,7 @@ AI 审阅覆盖范围: ### 可选 Bridge API Fallback -- `SELFHOSTED_CODEX_REVIEW_PROVIDER`:在当前 source repo 设置为 `openai` 或 `auto`。 +- `SELFHOSTED_CODEX_REVIEW_PROVIDER`:默认 `auto`;设置为 `codex` 可关闭 API fallback,设置为 `openai` 可只跑 API 审阅。 - `OPENAI_API_KEY`:配置在 `CryptoCodexAuditBridge`,不要配置在当前 source repo。 - `OPENAI_MODEL`:可选 bridge repo variable,默认 `gpt-5.4-mini`。 diff --git a/docs/operator_runbook.md b/docs/operator_runbook.md index 21ed8ec..8334c02 100644 --- a/docs/operator_runbook.md +++ b/docs/operator_runbook.md @@ -76,7 +76,7 @@ Boundary rules: ## Monthly Codex Remediation -The monthly publish workflow creates a `monthly-review` issue, then dispatches `CryptoCodexAuditBridge` as the automated review and remediation path. The bridge owns provider selection through `SELFHOSTED_CODEX_REVIEW_PROVIDER`: `codex` runs self-hosted Codex and may open focused PRs, `openai` posts an API review comment only, and `auto` falls back to OpenAI review when Codex fails and the bridge has `OPENAI_API_KEY`. +The monthly publish workflow creates a `monthly-review` issue, then dispatches `CryptoCodexAuditBridge` as the automated review and remediation path. The bridge owns provider selection through `SELFHOSTED_CODEX_REVIEW_PROVIDER`: `auto` is the default and runs self-hosted Codex first, falls back to OpenAI review when Codex fails and the bridge has `OPENAI_API_KEY`, and fails loudly when the API fallback is not configured. `codex` disables API fallback; `openai` posts an API review comment only. If the bridge dispatch fails, the monthly publish workflow fails loudly. The older source-local `ai_review.yml` workflow remains only as a manual compatibility path. diff --git a/tests/test_monthly_publish_workflow_config.py b/tests/test_monthly_publish_workflow_config.py index ad86134..2297af0 100644 --- a/tests/test_monthly_publish_workflow_config.py +++ b/tests/test_monthly_publish_workflow_config.py @@ -49,6 +49,7 @@ def test_monthly_review_issue_creation_does_not_require_gh_cli(self) -> None: self.assertIn("Trigger Monthly Review Automation", workflow) self.assertIn("CODEX_AUDIT_DISPATCH_TOKEN", workflow) self.assertIn("SELFHOSTED_CODEX_REVIEW_PROVIDER", workflow) + self.assertIn("SELFHOSTED_CODEX_REVIEW_PROVIDER || 'auto'", workflow) self.assertIn("REVIEW_PROVIDER", workflow) self.assertIn('"provider": provider', workflow) self.assertNotIn("ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}", workflow)