Add gh/rg support and optional --gh copilot mount

[laurenceputra]

Summary

• Added gh and ripgrep (rg) to the Docker image so both tools are available inside codex_yolo containers.
• Added a new --gh wrapper flag that mounts host ~/.copilot into the container at ~/.copilot.
• Added host-side prerequisite enforcement for --gh: host gh must be installed, gh auth status must succeed, and ~/.copilot must exist.
• Updated bash/zsh completions to include --gh.
• Updated README and EXAMPLES with --gh usage, prerequisites, and security notes.
• Added/updated integration tests for Dockerfile package coverage and --gh dry-run mount behavior.
• Added implementation spec at .specifications/add-rg-gh-and-gh-flag.md.

Problem

The container did not include rg or gh, and there was no explicit path to run GitHub CLI workflows that need host Copilot state. Users also needed clear guardrails that --gh only works when host-side gh authentication is already configured.

Solution

• Docker image installs gh and ripgrep via apt.
• --gh is parsed as a wrapper-only flag and not forwarded to codex.
• When --gh is set, wrapper now:
  • checks gh exists on host,
  • checks host authentication with gh auth status,
  • checks ~/.copilot exists,
  • mounts ~/.copilot into container home.
• Added actionable error messages for each failed prerequisite.

Validation

• bash -n .codex_yolo.sh .codex_yolo_entrypoint.sh .codex_yolo_diagnostics.sh install.sh tests/integration_tests.sh
• ./tests/integration_tests.sh
  • Result: passed with Docker-dependent tests skipped in this execution environment.

Notes

• --gh is opt-in and can be used alongside --mount-ssh.
• Host must already be logged in with gh auth login for --gh to succeed.

[laurenceputra]

@codex review this PR

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: dca12f3f13

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Mount host .copilot directory as read-only

When --gh is used, this bind mount is currently read-write, so processes inside the container can modify or delete files in the host ~/.copilot directory. In --yolo workflows this expands host-state risk and can corrupt local GitHub/Copilot state, unlike other sensitive mounts here (~/.gitconfig, ~/.ssh) that are intentionally mounted read-only. Adding :ro to this mount would preserve access while reducing credential/state mutation risk.

Useful? React with 👍 / 👎.

[laurenceputra]

@codex, fix this

[chatgpt-codex-connector]

Summary

• Updated the --gh mount to bind host ~/.copilot as read-only (:ro) and updated the runtime warning message accordingly, addressing the security feedback on the PR thread. .codex_yolo.shL304-L307
• Strengthened integration coverage so the --gh dry-run assertion now explicitly checks for .copilot:ro (not just .copilot). tests/integration_tests.shL377-L383
• Updated documentation/examples to state that the ~/.copilot mount is read-only when --gh is enabled. README.mdL153-L158 EXAMPLES.mdL99-L104

Testing

• ✅ bash -n .codex_yolo.sh tests/integration_tests.sh README.md EXAMPLES.md
• ✅ ./tests/integration_tests.sh
• ⚠️ python - <<'PY' ... urllib.request.urlopen('https://duckduckgo.com/html/?q=docker bind mount read-only :ro') ... PY (web search attempt failed due network proxy/tunnel 403 Forbidden in this environment)

Committed as:

• 0736767 — Mount --gh copilot volume read-only

I also created the follow-up PR with title:

• Harden --gh mount by making ~/.copilot read-only

View task →