feat: load defaults into Config and introduce ConfigOverrides (#677)

This changes how instantiating `Config` works and also adds `approval_policy` and `sandbox_policy` as fields. The idea is: * All fields of `Config` have appropriate default values. * `Config` is initially loaded from `~/.codex/config.toml`, so values in `config.toml` will override those defaults. * Clients must instantiate `Config` via `Config::load_with_overrides(ConfigOverrides)` where `ConfigOverrides` has optional overrides that are expected to be settable based on CLI flags. The `Config` should be defined early in the program and then passed down. Now functions like `init_codex()` take fewer individual parameters because they can just take a `Config`. Also, `Config::load()` used to fail silently if `~/.codex/config.toml` had a parse error and fell back to the default config. This seemed really bad because it wasn't clear why the values in my `config.toml` weren't getting picked up. I changed things so that `load_with_overrides()` returns `Result<Config>` and verified that the various CLIs print a reasonable error if `config.toml` is malformed. Finally, I also updated the TUI to show which **sandbox** value is being used, as we do for other key values like **model** and **approval**. This was also a reminder that the various values of `--sandbox` are honored on Linux but not macOS today, so I added some TODOs about fixing that.
2025-04-27 21:47:50 -07:00
parent e9d16d3c2b
commit 4eda4dd772
23 changed files with 234 additions and 139 deletions
--- a/codex-rs/repl/src/cli.rs
+++ b/codex-rs/repl/src/cli.rs
@@ -34,14 +34,14 @@ pub struct Cli {
    pub no_ansi: bool,

    /// Configure when the model requires human approval before executing a command.
-    #[arg(long = "ask-for-approval", short = 'a', value_enum, default_value_t = ApprovalModeCliArg::OnFailure)]
-    pub approval_policy: ApprovalModeCliArg,
+    #[arg(long = "ask-for-approval", short = 'a')]
+    pub approval_policy: Option<ApprovalModeCliArg>,

    /// Configure the process restrictions when a command is executed.
    ///
    /// Uses OS-specific sandboxing tools; Seatbelt on OSX, landlock+seccomp on Linux.
-    #[arg(long = "sandbox", short = 's', value_enum, default_value_t = SandboxModeCliArg::NetworkAndFileWriteRestricted)]
-    pub sandbox_policy: SandboxModeCliArg,
+    #[arg(long = "sandbox", short = 's')]
+    pub sandbox_policy: Option<SandboxModeCliArg>,

    /// Allow running Codex outside a Git repository.  By default the CLI
    /// aborts early when the current working directory is **not** inside a
--- a/codex-rs/repl/src/lib.rs
+++ b/codex-rs/repl/src/lib.rs
@@ -4,6 +4,7 @@ use std::io::Write;
 use std::sync::Arc;

 use codex_core::config::Config;
+use codex_core::config::ConfigOverrides;
 use codex_core::protocol;
 use codex_core::protocol::FileChange;
 use codex_core::util::is_inside_git_repo;
@@ -75,12 +76,18 @@ pub async fn run_main(cli: Cli) -> anyhow::Result<()> {
    // Initialize logging before any other work so early errors are captured.
    init_logger(cli.verbose, !cli.no_ansi);

-    let config = Config::load().unwrap_or_default();
+    // Load config file and apply CLI overrides (model & approval policy)
+    let overrides = ConfigOverrides {
+        model: cli.model.clone(),
+        approval_policy: cli.approval_policy.map(Into::into),
+        sandbox_policy: cli.sandbox_policy.map(Into::into),
+    };
+    let config = Config::load_with_overrides(overrides)?;

    codex_main(cli, config, ctrl_c).await
 }

-async fn codex_main(mut cli: Cli, cfg: Config, ctrl_c: Arc<Notify>) -> anyhow::Result<()> {
+async fn codex_main(cli: Cli, cfg: Config, ctrl_c: Arc<Notify>) -> anyhow::Result<()> {
    let mut builder = Codex::builder();
    if let Some(path) = cli.record_submissions {
        builder = builder.record_submissions(path);
@@ -93,10 +100,10 @@ async fn codex_main(mut cli: Cli, cfg: Config, ctrl_c: Arc<Notify>) -> anyhow::R
    let init = protocol::Submission {
        id: init_id.clone(),
        op: protocol::Op::ConfigureSession {
-            model: cli.model.or(cfg.model),
+            model: cfg.model,
            instructions: cfg.instructions,
-            approval_policy: cli.approval_policy.into(),
-            sandbox_policy: cli.sandbox_policy.into(),
+            approval_policy: cfg.approval_policy,
+            sandbox_policy: cfg.sandbox_policy,
            disable_response_storage: cli.disable_response_storage,
        },
    };
@@ -133,8 +140,8 @@ async fn codex_main(mut cli: Cli, cfg: Config, ctrl_c: Arc<Notify>) -> anyhow::R
    // run loop
    let mut reader = InputReader::new(ctrl_c.clone());
    loop {
-        let text = match cli.prompt.take() {
-            Some(input) => input,
+        let text = match &cli.prompt {
+            Some(input) => input.clone(),
            None => match reader.request_input().await? {
                Some(input) => input,
                None => {