Skip to main content

OpenAI Codex CLI Integration

Complete guide for using Bob the Fixer with OpenAI Codex CLI.

Overview

OpenAI Codex CLI supports MCP servers, enabling Bob the Fixer to provide code quality analysis through conversational AI. The installer automatically configures Codex when detected.

Prerequisites

  • Node.js 18+ and npm
  • OpenAI API access
  • Bob the Fixer installed
  • SonarQube running

Installation

If OpenAI Codex CLI is detected during Bob the Fixer installation, it's configured automatically:

cd /path/to/bob-the-fixer
./install.sh

The installer will:

  1. Detect Codex CLI
  2. Register the MCP server with extended timeouts
  3. Configure environment variables
  4. Update Codex config for long-running operations

Option 2: Install Codex CLI

If not already installed:

npm install -g @openai/codex

Then authenticate:

codex auth login

Option 3: Manual Registration

If automatic setup didn't work:

# Get the MCP server path
MCP_SERVER_PATH="/path/to/bob-the-fixer/packages/core/dist/universal-mcp-server.js"

# Generate encryption key
ENCRYPTION_KEY=$(openssl rand -hex 32)

# Remove any existing registration
codex mcp remove bob-the-fixer 2>/dev/null || true

# Register Bob the Fixer with extended timeouts
codex mcp add bob-the-fixer \
  --env SONAR_URL=http://localhost:9000 \
  --env SONAR_TOKEN="your-token-here" \
  --env NODE_ENV=development \
  --env LOG_LEVEL=info \
  --env MCP_REQUEST_TIMEOUT=300000 \
  --env SCAN_TIMEOUT=600000 \
  --env HEALTH_CHECK_INTERVAL=30000 \
  --env LOG_FILE_PATH=/tmp/bobthefixer-mcp.log \
  --env TOKEN_ENCRYPTION_KEY="$ENCRYPTION_KEY" \
  -- node "$MCP_SERVER_PATH"

Configure Timeouts

SonarQube scans can take time. Update Codex config for proper timeout handling:

CODEX_CONFIG="$HOME/.codex/config.toml"

# Create config if it doesn't exist
mkdir -p "$(dirname "$CODEX_CONFIG")"

# Add timeout settings
cat >> "$CODEX_CONFIG" << 'EOF'

[mcp]
request_timeout_ms = 300000
startup_timeout_ms = 60000
EOF

Configuration

Environment Variables

VariableRequiredDefaultDescription
SONAR_URLYes-SonarQube server URL
SONAR_TOKENYes-Authentication token
NODE_ENVNodevelopmentNode environment
LOG_LEVELNoinfoLogging verbosity
MCP_REQUEST_TIMEOUTNo300000Request timeout (ms)
SCAN_TIMEOUTNo600000Scan timeout (ms)
HEALTH_CHECK_INTERVALNo30000Health check interval (ms)
LOG_FILE_PATHNo/tmp/bobthefixer-mcp.logLog file location
TOKEN_ENCRYPTION_KEYNo-Token encryption key

Verify Installation

codex mcp list

You should see bob-the-fixer in the list with its configuration.

Usage

Starting Codex

cd /your/project
codex

First Scan

Analyze this project with SonarQube

Codex will:

  1. Auto-detect project configuration
  2. Set up SonarQube project
  3. Run the analysis
  4. Present the findings

Code Quality Analysis

What code quality issues exist in this codebase?
Show me the security vulnerabilities
What's our technical debt situation?

Fixing Issues

Fix the critical bug in the authentication module
Help me resolve all the code smells in utils.ts
Show me the recommended fix for this issue and apply it

Quality Gates

Check if we pass the quality gate
What do we need to fix to pass quality checks?
Generate a quality report

Available Tools

All 20 Bob the Fixer MCP tools are available in Codex:

CategoryTools
Scanningsonar_scan_project, sonar_auto_setup
Analysissonar_get_issue_details, sonar_analyze_patterns, sonar_get_security_hotspots, sonar_get_security_hotspot_details
Metricssonar_get_project_metrics, sonar_get_quality_gate, sonar_get_technical_debt, sonar_get_coverage_gaps
Duplicationsonar_get_duplication_summary, sonar_get_duplication_details
Reportingsonar_generate_report
Managementsonar_project_discovery, sonar_config_manager, sonar_link_existing_project, sonar_generate_config, sonar_cleanup, sonar_diagnose_permissions, sonar_delete_project

Example Workflow

User: Set up code analysis for this Node.js project

Codex: I'll configure SonarQube for your project...
[Uses sonar_auto_setup with balanced template]
Project configured. Running initial scan...
[Uses sonar_scan_project]

Analysis complete:
- 5 bugs (2 critical)
- 3 vulnerabilities
- 45 code smells
- 72% coverage

User: Show me the critical bugs

Codex: [Uses sonar_get_issue_details]
1. Null pointer dereference in src/api/handler.ts:45
2. Resource leak in src/services/db.ts:123

User: Fix the first one

Codex: [Reads file, analyzes context, applies fix]
Added null check before accessing the property...

User: Verify the fix worked

Codex: [Uses sonar_scan_project with autoSetup: false]
Critical bugs reduced from 2 to 1. Fix verified.

Timeout Considerations

SonarQube analysis can take several minutes for large projects. Bob the Fixer is configured with extended timeouts:

OperationDefault Timeout
MCP request5 minutes (300s)
Scan operation10 minutes (600s)
Health check30 seconds

For very large projects, you may need to increase these:

codex mcp remove bob-the-fixer
codex mcp add bob-the-fixer \
  --env MCP_REQUEST_TIMEOUT=600000 \
  --env SCAN_TIMEOUT=1200000 \
  ... other env vars ...
  -- node "$MCP_SERVER_PATH"

Troubleshooting

"MCP server not found"

# Check registration
codex mcp list

# Re-register
codex mcp add bob-the-fixer \
  --env SONAR_URL=http://localhost:9000 \
  --env SONAR_TOKEN="your-token" \
  -- node "/path/to/universal-mcp-server.js"

"Request timeout"

  1. Increase timeout in config:

    # Edit ~/.codex/config.toml
    [mcp]
    request_timeout_ms = 600000

  2. Or re-register with higher timeout:

    codex mcp add bob-the-fixer \
      --env MCP_REQUEST_TIMEOUT=600000 \
      ...

"Authentication failed"

# Re-authenticate
codex auth login

# Verify
codex auth status

"SonarQube connection failed"

  1. Check SonarQube is running:

    curl http://localhost:9000/api/system/status

  2. Run diagnostics in Codex:

    Diagnose my SonarQube connection

Viewing Logs

# Check the log file
cat /tmp/bobthefixer-mcp.log

# Or tail for real-time logs
tail -f /tmp/bobthefixer-mcp.log

Updating

When you update Bob the Fixer:

cd /path/to/bob-the-fixer
./update.sh

The update will re-register the MCP server with current settings.

Removing

To remove Bob the Fixer from Codex:

codex mcp remove bob-the-fixer

Next Steps