# Codex: agentic coding in your environment
Codex is OpenAI's agentic coding tool that can read your codebase, plan a change, write the code, and run your tests, then hand you a diff to review before anything ships. You already understand the agent loop in the abstract. This lesson grounds it in a real workflow: you give Codex a task, it works in an isolated environment, and you stay the reviewer who approves or rejects the result.
"Codex" today refers to a family of surfaces, not a single button. There are three you will meet:
All three are powered by Codex-optimized models and share the same core idea: the agent gets read/write access to a real working copy of your project plus a shell, so it can actually run commands instead of just guessing at code.
The official starting point is the Codex documentation. Read the environment and configuration pages before you run anything serious; the defaults around network access and approvals matter.
In Canvas (the previous lesson's tool) you edit one document or file collaboratively. Codex is different: it operates across the whole repo and can execute. That single capability, running a command and reading the output, is what turns a code generator into an agent. It writes a test, runs it, sees it fail, edits the implementation, runs again. You are no longer copy-pasting snippets. You are reviewing a finished, tested change.
Let's use the CLI because it makes the loop most visible. Install and authenticate:
npm install -g @openai/codex
cd ~/projects/billing-service
codexOn first run it authenticates through your ChatGPT account (or an APIAPIApplication Programming Interface: a standardised interface that lets applications communicate and exchange data without knowing each other's internal workings.Voir la définition complète → key) and detects the repo. From here you can type a task in plain language at the prompt.
The single most important file you can add is AGENTS.md at the repo root. Think of it as custom instructions scoped to this codebase: it tells Codex how to build, test, and behave. Codex reads it automatically.
# AGENTS.md
## Commands
- Install: `poetry install`
- Test: `poetry run pytest -q`
- Lint: `poetry run ruff check .`
## Conventions
- Type hints required on all new functions.
- Tests live next to the module they cover, named `test_*.py`.
- Never edit files under `migrations/` without flagging it.This is the difference between an agent that flails and one that fits your project. Spend ten minutes here and every future task gets cheaper.
Here is the scenario. Our billing-service has a discount module. We want a new function that applies a percentage discount to an order total, with validation. We want it tested. Watch the agentic loop.
At the Codex prompt:
Add a function `apply_percentage_discount(total, percent)` to
discount.py. It returns the discounted total. Raise ValueError if
percent is not between 0 and 100. Add unit tests covering valid
input, the boundaries, and invalid input. Run the test suite.Notice what we did and did not specify. We described behavior and edge cases, not implementation. We explicitly asked it to run tests, which is the instruction that activates the loop.
Codex first explores. It greps for discount.py, reads the existing functions to match style, and checks how other tests are structured. This read-before-write step is why a clean AGENTS.md and a tidy repo pay off: the agent imitates what it sees.
It then states a short plan: create the function, add test_discount.py, run pytest.
It produces something like this and writes it to disk:
def apply_percentage_discount(total: float, percent: float) -> float:
if not 0 <= percent <= 100:
raise ValueError(f"percent must be between 0 and 100, got {percent}")
return total * (1 - percent / 100)And a matching test file with the cases you asked for.
This is the part you cannot get from a plain chat. Codex executes poetry run pytest -q in the sandbox. Suppose one boundary test fails because of a floating-point comparison. The agent sees the failing output, edits the test to use pytest.approx, and reruns. Green. It does this without asking you, because the work happened inside an isolated environment, not on your production branch.
You will see each command and its output stream in the terminal. That transparency is the point: you are watching the reasoning, not trusting a black box.
When the loop settles, Codex shows you a unified diff of everything it changed. Nothing is committed yet. You read it like a pull request:
apply_percentage_discount match your rounding expectations? (Maybe you want round(..., 2).)You can approve, ask for a revision in natural language ("round the result to 2 decimal places and add a test for that"), or discard. The review step is non-negotiable. The agent is fast and competent and still sometimes wrong, so you remain the gate.
Codex lets you set how autonomous it is. The exact labels evolve, but the spectrum is consistent:
A good default for real work is the middle mode with network access off. The agent can edit and test freely but cannot reachreachThe number of unique people exposed to your message in a given period. Unlike impressions, reach counts each person once, no matter how often they see it.Voir la définition complète → the internet, which closes off a large class of accidents (and prompt-injection risks if it reads untrusted files). Turn network on only when a task genuinely needs to fetch a dependency.
The CLI is great for working alongside the agent. The cloud Codex in ChatGPT is built for delegation. You connect a GitHub repo, then hand off a task ("fix the flaky test in test_orders.py") and let it run in its own container. You can fire off several tasks in parallel and check back later.
When cloud Codex finishes, it can open a pull request directly on GitHub. Your review step becomes a normal PR review with CI attached, which is exactly where a careful team wants the human checkpoint to live. This is the model for batch work: triage three small bugs on Monday morning by describing each one, then review three PRs over coffee.
Vérification des acquis
1. According to the lesson, what single capability is described as the thing that turns a code generator into an agent?
2. In the Codex cloud workflow described in the lesson, how does each task run?
3. In the broader ChatGPT/OpenAI ecosystem, what is Canvas (the tool referenced in the lesson) primarily used for?
4. Select ALL correct answers about the three Codex surfaces described in the lesson.
Sélectionnez toutes les réponses correctes.
5. Select ALL correct answers about how Codex works and the user's role, per the lesson.
Sélectionnez toutes les réponses correctes.
You now have several agentic surfaces in the OpenAI world. Keeping them straight prevents misuse:
If you are building your own agent in software rather than using these products, that is the Agents SDK and the Responses APIAPIApplication Programming Interface: a standardised interface that lets applications communicate and exchange data without knowing each other's internal workings.Voir la définition complète →, which expose function calling and tool use as primitives. Codex is the productized, coding-specialized version of those same ideas, with the sandbox, the repo integration, and the diff review built for you.
Here is how teams actually use it day to day:
1. Scoped tasks, not vague wishes. "Add input validation to the signup endpoint and tests" works. "Improve the codebase" does not. Small, verifiable tasks keep the loop honest and the diffs reviewable.
2. Let tests be the contract. Because Codex runs them, a strong test suite is your steering wheel. Ask it to write the test first when the behavior is precise.
3. Keep `AGENTS.md` alive. When the agent does something annoying twice, that is a missing instruction, not a model failure. Add the rule.
4. Review every diff like a PR. Treat agent output exactly as you would a junior engineer's first draft: usually solid, occasionally subtly wrong, always your responsibility once you merge.