From 9753f390cbe80adf6eef30903957c44363bbd16c Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 4 Jun 2026 02:21:41 +0000 Subject: [PATCH 1/2] Initial plan From b1d48130b62cc020e1abccfa01acf882788c920c Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 4 Jun 2026 02:31:09 +0000 Subject: [PATCH 2/2] optimize smoke and failure investigator prompt surfaces Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .../aw-failure-investigator.lock.yml | 2 +- .github/workflows/aw-failure-investigator.md | 24 +- .github/workflows/smoke-claude.lock.yml | 464 ++---------------- .github/workflows/smoke-claude.md | 13 +- .github/workflows/smoke-codex.lock.yml | 54 +- .github/workflows/smoke-codex.md | 1 + 6 files changed, 72 insertions(+), 486 deletions(-) diff --git a/.github/workflows/aw-failure-investigator.lock.yml b/.github/workflows/aw-failure-investigator.lock.yml index 3661d0bd1d4..120f94003dc 100644 --- a/.github/workflows/aw-failure-investigator.lock.yml +++ b/.github/workflows/aw-failure-investigator.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"cee2a7f962a06921defb1e29b41627d3c925f75ccbd70b9f8c463499940e9b41","body_hash":"247e47cd3bc23bcaf29da58bca892df4b61dc65ec483d8bca2bde0dee1325a05","strict":true,"agent_id":"claude"} +# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"cee2a7f962a06921defb1e29b41627d3c925f75ccbd70b9f8c463499940e9b41","body_hash":"bd420104805fef80eb75f8c7bc0af545ae173ec18401d3e9498a507d91d6f488","strict":true,"agent_id":"claude"} # gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.2"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]} # ___ _ _ # / _ \ | | (_) diff --git a/.github/workflows/aw-failure-investigator.md b/.github/workflows/aw-failure-investigator.md index 59bf5a9b12c..c6bd0d9a4bd 100644 --- a/.github/workflows/aw-failure-investigator.md +++ b/.github/workflows/aw-failure-investigator.md @@ -312,30 +312,12 @@ Tone instruction: Write in clinical, neutral style. Use numbered lists, avoid ed ## Output Requirements -**Report Formatting**: Use `###` or lower for all headers in the issue body. Wrap evidence/log excerpts and verbose tables in `
Section Name` tags. - -### Parent report issue structure - -Include these sections: -1. Executive summary -2. Failure clusters (table) -3. Evidence (logs/audit/audit-diff) -4. Existing issue correlation -5. Proposed fix roadmap (P0/P1/P2) -6. Sub-issues created - -### Sub-issue quality bar - -- Prefer a few high-quality, actionable sub-issues over many weak ones. -- Avoid duplicates of already-open issues unless new evidence materially changes scope. -- Reference the parent issue and the concrete run IDs analyzed. +Follow `shared/reporting.md` for header levels and progressive disclosure formatting. +When creating a parent report issue, include: executive summary, failure cluster table, evidence, existing issue correlation, fix roadmap (P0/P1/P2), and sub-issues created. +For sub-issues, prioritize high-quality actionable items, avoid duplicates unless scope changed, and reference the parent issue and analyzed run IDs. **Important**: If no action is needed after completing your analysis, you **MUST** call the `noop` safe-output tool with a brief explanation. -```json -{"noop": {"message": "No action needed: [brief explanation of what was analyzed and why]"}} -``` - ## agent: `cluster-evidence-extractor` --- description: Extracts per-cluster audit evidence including dominant errors, tool patterns, anomalies, and failure class diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml index dbc8a38a5b8..a36f6117b70 100644 --- a/.github/workflows/smoke-claude.lock.yml +++ b/.github/workflows/smoke-claude.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"bdcf2ac3c6bdf12f308a7bcfe7e5119594c56f61afbb57cf2d95ee999361557e","body_hash":"53cbf40aa3b166906283c592df5eaaf98f7ae83ac7bfa99d4a939413a804dd24","agent_id":"claude"} +# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"6437408b6a3b71357ceaf649c5dbfeb6cbd753f15f441394bebf86f1ab4755c6","body_hash":"72fbefc3e289e3ea3d34d6af04b5a1a9d3d3ee0f9e92d024af5a14370826bc34","agent_id":"claude"} # gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","TAVILY_API_KEY"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"},{"repo":"github/codeql-action/upload-sarif","sha":"7211b7c8077ea37d8641b6271f6a365a22a5fbfa","version":"v4.36.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.2"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]} # ___ _ _ # / _ \ | | (_) @@ -28,7 +28,6 @@ # Imports: # - shared/gh.md # - shared/github-mcp-app.md -# - shared/github-queries-mcp-script.md # - shared/go-make.md # - shared/mcp-pagination.md # - shared/mcp/serena-go.md @@ -298,25 +297,25 @@ jobs: run: | bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh" { - cat << 'GH_AW_PROMPT_b6a0b4c383b3f520_EOF' + cat << 'GH_AW_PROMPT_74dc3fa10452a61f_EOF' - GH_AW_PROMPT_b6a0b4c383b3f520_EOF + GH_AW_PROMPT_74dc3fa10452a61f_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" cat "${RUNNER_TEMP}/gh-aw/prompts/playwright_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_b6a0b4c383b3f520_EOF' + cat << 'GH_AW_PROMPT_74dc3fa10452a61f_EOF' Tools: add_comment(max:2), create_issue, close_pull_request, update_pull_request, create_pull_request_review_comment(max:5), submit_pull_request_review, resolve_pull_request_review_thread(max:5), add_labels, add_reviewer(max:2), push_to_pull_request_branch, create_code_scanning_alert, create_check_run, missing_tool, missing_data, noop, post_slack_message - GH_AW_PROMPT_b6a0b4c383b3f520_EOF + GH_AW_PROMPT_74dc3fa10452a61f_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_push_to_pr_branch.md" - cat << 'GH_AW_PROMPT_b6a0b4c383b3f520_EOF' + cat << 'GH_AW_PROMPT_74dc3fa10452a61f_EOF' - GH_AW_PROMPT_b6a0b4c383b3f520_EOF + GH_AW_PROMPT_74dc3fa10452a61f_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md" - cat << 'GH_AW_PROMPT_b6a0b4c383b3f520_EOF' + cat << 'GH_AW_PROMPT_74dc3fa10452a61f_EOF' The following GitHub context information is available for this workflow: {{#if github.actor}} @@ -358,7 +357,7 @@ jobs: stop immediately and report the limitation rather than spending turns trying to work around it. - GH_AW_PROMPT_b6a0b4c383b3f520_EOF + GH_AW_PROMPT_74dc3fa10452a61f_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md" if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md" @@ -366,7 +365,7 @@ jobs: if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_push_to_pr_branch_guidance.md" fi - cat << 'GH_AW_PROMPT_b6a0b4c383b3f520_EOF' + cat << 'GH_AW_PROMPT_74dc3fa10452a61f_EOF' ## Serena Code Analysis @@ -581,7 +580,6 @@ jobs: - Format run IDs as links: `[ยง12345](https://github.com/owner/repo/actions/runs/12345)` - Include up to 3 most relevant run URLs at end under `**References:**` - Do NOT add footer attribution (system adds automatically) - **IMPORTANT โ€” bash vs. MCP for validation:** - **Use `mcpscripts-go` / `mcpscripts-make` early in a session** (within the first few minutes) for consistent, logged execution of Go and Make commands. @@ -643,8 +641,10 @@ jobs: ## Test Requirements + For tests below, mark a test as passed only if the required tool call succeeds. + 1. **GitHub MCP Testing**: Review the last 2 merged pull requests in __GH_AW_GITHUB_REPOSITORY__ - 2. **MCP Scripts GH CLI Testing**: Use the `mcpscripts-gh` tool to query 2 pull requests from __GH_AW_GITHUB_REPOSITORY__ (use args: "pr list --repo __GH_AW_GITHUB_REPOSITORY__ --limit 2 --json number,title,author") + 2. **GH CLI Testing (via `gh-proxy`)**: Use `bash` to run `gh pr list --repo __GH_AW_GITHUB_REPOSITORY__ --limit 2 --json number,title,author` 3. **Serena MCP Testing**: - Use the Serena MCP server tool `activate_project` to initialize the workspace at `__GH_AW_GITHUB_WORKSPACE__` and verify it succeeds (do NOT use bash to run go commands - use Serena's MCP tools or the mcpscripts-go/mcpscripts-make tools from the go-make shared workflow) - After initialization, use the `find_symbol` tool to search for symbols (find which tool to call) and verify that at least 3 symbols are found in the results @@ -654,7 +654,7 @@ jobs: 7. **File Writing Testing**: Create a test file `/tmp/gh-aw/agent/smoke-test-claude-__GH_AW_GITHUB_RUN_ID__.txt` with content "Smoke test passed for Claude at $(date)" (create the directory if it doesn't exist) 8. **Bash Tool Testing**: Execute bash commands to verify file creation was successful (use `cat` to read the file back) 9. **Discussion Interaction Testing**: - - Use the `github-discussion-query` mcp-script tool with params: `limit=1, jq=".[0]"` to get the latest discussion from __GH_AW_GITHUB_REPOSITORY__ + - Use `gh api repos/__GH_AW_GITHUB_REPOSITORY__/discussions?per_page=1` to get the latest discussion from __GH_AW_GITHUB_REPOSITORY__ - Extract the discussion number from the result (e.g., if the result is `{"number": 123, "title": "...", ...}`, extract 123) - Use the `add_comment` tool with `discussion_number: ` to add a fun, comic-book style comment stating that the smoke test agent was here 10. **Agentic Workflows MCP Testing**: @@ -666,16 +666,13 @@ jobs: 11. **Slack Script Safe Output Testing**: Use the `post_slack_message` safe-output tool to post a fictitious Slack message: - Use `channel: "#smoke-tests"` and `message: "๐Ÿ’ฅ Smoke test __GH_AW_GITHUB_RUN_ID__ passed โ€” Claude engine nominal!"` - - Verify the tool call succeeds 12. **Code Scanning Alert Safe Output Testing**: Use the `create_code_scanning_alert` safe-output tool to post a dummy warning code scanning alert: - Use `level: "warning"`, `message: "Smoke test dummy warning โ€” Run __GH_AW_GITHUB_RUN_ID__"`, `file: "README.md"`, `line: 1` - - Verify the tool call succeeds - This tests the SARIF artifact upload/download pipeline 13. **Check Run Safe Output Testing**: Use the `create_check_run` safe-output tool to create a check run on the current commit: - Use `conclusion: "success"`, `title: "Smoke Claude - Run __GH_AW_GITHUB_RUN_ID__"`, `summary: "All smoke tests completed."`, and `text: "Detailed results attached."` - - Verify the tool call succeeds ## PR Review Safe Outputs Testing @@ -750,7 +747,7 @@ jobs: {{#runtime-import shared/noop-reminder.md}} - GH_AW_PROMPT_b6a0b4c383b3f520_EOF + GH_AW_PROMPT_74dc3fa10452a61f_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 @@ -784,7 +781,7 @@ jobs: GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }} GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }} GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }} - GH_AW_MCP_CLI_SERVERS_LIST: "- `mcpscripts` โ€” run `mcpscripts --help` to see available tools\n- `safeoutputs` โ€” run `safeoutputs --help` to see available tools" + GH_AW_MCP_CLI_SERVERS_LIST: "- `agenticworkflows` โ€” run `agenticworkflows --help` to see available tools\n- `mcpscripts` โ€” run `mcpscripts --help` to see available tools\n- `safeoutputs` โ€” run `safeoutputs --help` to see available tools\n- `serena` โ€” run `serena --help` to see available tools\n- `tavily` โ€” run `tavily --help` to see available tools" GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }} GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }} with: @@ -1092,9 +1089,9 @@ jobs: mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs" mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_b0e3ea3984cfeaa3_EOF' + cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_1e47a3a0b9873b51_EOF' {"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-claude"]},"add_reviewer":{"max":2,"target":"*"},"close_pull_request":{"max":1,"staged":true},"create_check_run":{"max":1,"name":"Smoke Claude: Agent Status"},"create_code_scanning_alert":{"driver":"Smoke Claude"},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-claude","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT","target":"*"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"post_slack_message":{"description":"Post a message to a fictitious Slack channel (smoke test only โ€” no real Slack integration)","inputs":{"channel":{"default":"#general","description":"Slack channel name to post to","required":false,"type":"string"},"message":{"description":"Message text to post","required":false,"type":"string"}}},"push_to_pull_request_branch":{"allowed_files":["smoke-test-files/smoke-claude-push-test.md"],"if_no_changes":"warn","max_patch_size":1024,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","CLAUDE.md","AGENTS.md"],"required_labels":["smoke-claude"],"staged":true,"target":"*"},"report_incomplete":{},"resolve_pull_request_review_thread":{"max":5},"submit_pull_request_review":{"footer":"always","max":1},"update_pull_request":{"allow_body":true,"allow_title":true,"max":1,"target":"*","update_branch":false}} - GH_AW_SAFE_OUTPUTS_CONFIG_b0e3ea3984cfeaa3_EOF + GH_AW_SAFE_OUTPUTS_CONFIG_1e47a3a0b9873b51_EOF - name: Generate Safe Outputs Tools env: GH_AW_TOOLS_META_JSON: | @@ -1550,98 +1547,12 @@ jobs: - name: Write MCP Scripts Config run: | mkdir -p "${RUNNER_TEMP}/gh-aw/mcp-scripts/logs" - cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_0d6827a13ac554cc_EOF' + cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_7a1f7aa4d77549ac_EOF' { "serverName": "mcpscripts", "version": "1.0.0", "logDir": "${RUNNER_TEMP}/gh-aw/mcp-scripts/logs", "tools": [ - { - "name": "github-discussion-query", - "description": "Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.", - "inputSchema": { - "properties": { - "jq": { - "description": "jq filter expression to apply to output. If not provided, returns schema info instead of full data.", - "type": "string" - }, - "limit": { - "description": "Maximum number of discussions to fetch (default: 30)", - "type": "number" - }, - "repo": { - "description": "Repository in owner/repo format (defaults to current repository)", - "type": "string" - } - }, - "type": "object" - }, - "handler": "github-discussion-query.sh", - "env": { - "GH_TOKEN": "GH_TOKEN" - }, - "timeout": 60 - }, - { - "name": "github-issue-query", - "description": "Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.", - "inputSchema": { - "properties": { - "jq": { - "description": "jq filter expression to apply to output. If not provided, returns schema info instead of full data.", - "type": "string" - }, - "limit": { - "description": "Maximum number of issues to fetch (default: 30)", - "type": "number" - }, - "repo": { - "description": "Repository in owner/repo format (defaults to current repository)", - "type": "string" - }, - "state": { - "description": "Issue state: open, closed, all (default: open)", - "type": "string" - } - }, - "type": "object" - }, - "handler": "github-issue-query.sh", - "env": { - "GH_TOKEN": "GH_TOKEN" - }, - "timeout": 60 - }, - { - "name": "github-pr-query", - "description": "Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.", - "inputSchema": { - "properties": { - "jq": { - "description": "jq filter expression to apply to output. If not provided, returns schema info instead of full data.", - "type": "string" - }, - "limit": { - "description": "Maximum number of PRs to fetch (default: 30)", - "type": "number" - }, - "repo": { - "description": "Repository in owner/repo format (defaults to current repository)", - "type": "string" - }, - "state": { - "description": "PR state: open, closed, merged, all (default: open)", - "type": "string" - } - }, - "type": "object" - }, - "handler": "github-pr-query.sh", - "env": { - "GH_TOKEN": "GH_TOKEN" - }, - "timeout": 60 - }, { "name": "go", "description": "Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go \u003cargs\u003e. Use single quotes ' for complex args to avoid shell interpretation issues.", @@ -1680,8 +1591,8 @@ jobs: } ] } - GH_AW_MCP_SCRIPTS_TOOLS_0d6827a13ac554cc_EOF - cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_357560e26dfc8518_EOF' + GH_AW_MCP_SCRIPTS_TOOLS_7a1f7aa4d77549ac_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_8ea7765440fc6109_EOF' const path = require("path"); const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs"); const configPath = path.join(__dirname, "tools.json"); @@ -1695,321 +1606,12 @@ jobs: console.error("Failed to start mcp-scripts HTTP server:", error); process.exit(1); }); - GH_AW_MCP_SCRIPTS_SERVER_357560e26dfc8518_EOF + GH_AW_MCP_SCRIPTS_SERVER_8ea7765440fc6109_EOF chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" - name: Write MCP Scripts Tool Files run: | - cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_961859ae3d733e52_EOF' - #!/bin/bash - # Auto-generated mcp-script tool: github-discussion-query - # Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter. - - set +o histexpand - set -euo pipefail - - set -e - - # Default values - REPO="${INPUT_REPO:-}" - LIMIT="${INPUT_LIMIT:-30}" - JQ_FILTER="${INPUT_JQ:-}" - - # Parse repository owner and name - if [[ -n "$REPO" ]]; then - OWNER=$(echo "$REPO" | cut -d'/' -f1) - NAME=$(echo "$REPO" | cut -d'/' -f2) - else - # Get current repository from GitHub context - OWNER="${GITHUB_REPOSITORY_OWNER:-}" - NAME=$(echo "${GITHUB_REPOSITORY:-}" | cut -d'/' -f2) - fi - - # Validate owner and name - if [[ -z "$OWNER" || -z "$NAME" ]]; then - echo "Error: Could not determine repository owner and name" >&2 - exit 1 - fi - - # Build GraphQL query for discussions - GRAPHQL_QUERY=$(cat < "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_1914a369b47bc95f_EOF' - #!/bin/bash - # Auto-generated mcp-script tool: github-issue-query - # Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter. - - set +o histexpand - set -euo pipefail - - set -e - - # Default values - REPO="${INPUT_REPO:-}" - STATE="${INPUT_STATE:-open}" - LIMIT="${INPUT_LIMIT:-30}" - JQ_FILTER="${INPUT_JQ:-}" - - # JSON fields to fetch - JSON_FIELDS="number,title,state,author,createdAt,updatedAt,closedAt,body,labels,assignees,comments,milestone,url" - - # Build and execute gh command - if [[ -n "$REPO" ]]; then - OUTPUT=$(gh issue list --state "$STATE" --limit "$LIMIT" --json "$JSON_FIELDS" --repo "$REPO") - else - OUTPUT=$(gh issue list --state "$STATE" --limit "$LIMIT" --json "$JSON_FIELDS") - fi - - # Apply jq filter if specified - if [[ -n "$JQ_FILTER" ]]; then - jq "$JQ_FILTER" <<< "$OUTPUT" - else - # Return schema and size instead of full data - ITEM_COUNT=$(jq 'length' <<< "$OUTPUT") - DATA_SIZE=${#OUTPUT} - - # Validate values are numeric - if ! [[ "$ITEM_COUNT" =~ ^[0-9]+$ ]]; then - ITEM_COUNT=0 - fi - if ! [[ "$DATA_SIZE" =~ ^[0-9]+$ ]]; then - DATA_SIZE=0 - fi - - cat << EOF - { - "message": "No --jq filter provided. Use --jq to filter and retrieve data.", - "item_count": $ITEM_COUNT, - "data_size_bytes": $DATA_SIZE, - "schema": { - "type": "array", - "description": "Array of issue objects", - "item_fields": { - "number": "integer - Issue number", - "title": "string - Issue title", - "state": "string - Issue state (OPEN, CLOSED)", - "author": "object - Author info with login field", - "createdAt": "string - ISO timestamp of creation", - "updatedAt": "string - ISO timestamp of last update", - "closedAt": "string|null - ISO timestamp of close", - "body": "string - Issue body content", - "labels": "array - Array of label objects with name field", - "assignees": "array - Array of assignee objects with login field", - "comments": "object - Comments info with totalCount field", - "milestone": "object|null - Milestone info with title field", - "url": "string - Issue URL" - } - }, - "suggested_queries": [ - {"description": "Get all data", "query": "."}, - {"description": "Get issue numbers and titles", "query": ".[] | {number, title}"}, - {"description": "Get open issues only", "query": ".[] | select(.state == \"OPEN\")"}, - {"description": "Get issues by author", "query": ".[] | select(.author.login == \"USERNAME\")"}, - {"description": "Get issues with label", "query": ".[] | select(.labels | map(.name) | index(\"bug\"))"}, - {"description": "Get issues with many comments", "query": ".[] | select(.comments.totalCount > 5) | {number, title, comments: .comments.totalCount}"}, - {"description": "Count by state", "query": "group_by(.state) | map({state: .[0].state, count: length})"} - ] - } - EOF - fi - - - GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_1914a369b47bc95f_EOF - chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" - cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_fa198a443cf80e4b_EOF' - #!/bin/bash - # Auto-generated mcp-script tool: github-pr-query - # Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter. - - set +o histexpand - set -euo pipefail - - set -e - - # Default values - REPO="${INPUT_REPO:-}" - STATE="${INPUT_STATE:-open}" - LIMIT="${INPUT_LIMIT:-30}" - JQ_FILTER="${INPUT_JQ:-}" - - # JSON fields to fetch - JSON_FIELDS="number,title,state,author,createdAt,updatedAt,mergedAt,closedAt,headRefName,baseRefName,isDraft,reviewDecision,additions,deletions,changedFiles,labels,assignees,reviewRequests,url" - - # Build and execute gh command - if [[ -n "$REPO" ]]; then - OUTPUT=$(gh pr list --state "$STATE" --limit "$LIMIT" --json "$JSON_FIELDS" --repo "$REPO") - else - OUTPUT=$(gh pr list --state "$STATE" --limit "$LIMIT" --json "$JSON_FIELDS") - fi - - # Apply jq filter if specified - if [[ -n "$JQ_FILTER" ]]; then - jq "$JQ_FILTER" <<< "$OUTPUT" - else - # Return schema and size instead of full data - ITEM_COUNT=$(jq 'length' <<< "$OUTPUT") - DATA_SIZE=${#OUTPUT} - - # Validate values are numeric - if ! [[ "$ITEM_COUNT" =~ ^[0-9]+$ ]]; then - ITEM_COUNT=0 - fi - if ! [[ "$DATA_SIZE" =~ ^[0-9]+$ ]]; then - DATA_SIZE=0 - fi - - cat << EOF - { - "message": "No --jq filter provided. Use --jq to filter and retrieve data.", - "item_count": $ITEM_COUNT, - "data_size_bytes": $DATA_SIZE, - "schema": { - "type": "array", - "description": "Array of pull request objects", - "item_fields": { - "number": "integer - PR number", - "title": "string - PR title", - "state": "string - PR state (OPEN, CLOSED, MERGED)", - "author": "object - Author info with login field", - "createdAt": "string - ISO timestamp of creation", - "updatedAt": "string - ISO timestamp of last update", - "mergedAt": "string|null - ISO timestamp of merge", - "closedAt": "string|null - ISO timestamp of close", - "headRefName": "string - Source branch name", - "baseRefName": "string - Target branch name", - "isDraft": "boolean - Whether PR is a draft", - "reviewDecision": "string|null - Review decision (APPROVED, CHANGES_REQUESTED, REVIEW_REQUIRED)", - "additions": "integer - Lines added", - "deletions": "integer - Lines deleted", - "changedFiles": "integer - Number of files changed", - "labels": "array - Array of label objects with name field", - "assignees": "array - Array of assignee objects with login field", - "reviewRequests": "array - Array of review request objects", - "url": "string - PR URL" - } - }, - "suggested_queries": [ - {"description": "Get all data", "query": "."}, - {"description": "Get PR numbers and titles", "query": ".[] | {number, title}"}, - {"description": "Get open PRs only", "query": ".[] | select(.state == \"OPEN\")"}, - {"description": "Get merged PRs", "query": ".[] | select(.mergedAt != null)"}, - {"description": "Get PRs by author", "query": ".[] | select(.author.login == \"USERNAME\")"}, - {"description": "Get large PRs", "query": ".[] | select(.changedFiles > 10) | {number, title, changedFiles}"}, - {"description": "Count by state", "query": "group_by(.state) | map({state: .[0].state, count: length})"} - ] - } - EOF - fi - - - GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_fa198a443cf80e4b_EOF - chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" - cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh" << 'GH_AW_MCP_SCRIPTS_SH_GO_9e95bc097cb0c647_EOF' + cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh" << 'GH_AW_MCP_SCRIPTS_SH_GO_88921651c8309b2a_EOF' #!/bin/bash # Auto-generated mcp-script tool: go # Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go . Use single quotes ' for complex args to avoid shell interpretation issues. @@ -2021,9 +1623,9 @@ jobs: go $INPUT_ARGS - GH_AW_MCP_SCRIPTS_SH_GO_9e95bc097cb0c647_EOF + GH_AW_MCP_SCRIPTS_SH_GO_88921651c8309b2a_EOF chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh" - cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh" << 'GH_AW_MCP_SCRIPTS_SH_MAKE_3e5a1b7b6ddd752f_EOF' + cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh" << 'GH_AW_MCP_SCRIPTS_SH_MAKE_2566e130447a5d88_EOF' #!/bin/bash # Auto-generated mcp-script tool: make # Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make . Use single quotes ' for complex args to avoid shell interpretation issues. @@ -2035,7 +1637,7 @@ jobs: make $INPUT_ARGS - GH_AW_MCP_SCRIPTS_SH_MAKE_3e5a1b7b6ddd752f_EOF + GH_AW_MCP_SCRIPTS_SH_MAKE_2566e130447a5d88_EOF chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh" - name: Generate MCP Scripts Server Config @@ -2062,7 +1664,6 @@ jobs: DEBUG: '*' GH_AW_MCP_SCRIPTS_PORT: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_port }} GH_AW_MCP_SCRIPTS_API_KEY: ${{ steps.mcp-scripts-config.outputs.mcp_scripts_api_key }} - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | # Environment variables are set above to prevent template injection export DEBUG @@ -2079,7 +1680,6 @@ jobs: GH_AW_SAFE_OUTPUTS: ${{ steps.set-runtime-paths.outputs.GH_AW_SAFE_OUTPUTS }} GH_AW_SAFE_OUTPUTS_API_KEY: ${{ steps.safe-outputs-start.outputs.api_key }} GH_AW_SAFE_OUTPUTS_PORT: ${{ steps.safe-outputs-start.outputs.port }} - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} TAVILY_API_KEY: ${{ secrets.TAVILY_API_KEY }} run: | @@ -2099,6 +1699,8 @@ jobs: export DEBUG="*" export GH_AW_ENGINE="claude" + export GH_AW_MCP_CLI_SERVERS='["agenticworkflows","mcpscripts","safeoutputs","serena","tavily"]' + echo GH_AW_MCP_CLI_SERVERS='["agenticworkflows","mcpscripts","safeoutputs","serena","tavily"]' >> "$GITHUB_ENV" MCP_GATEWAY_UID=$(id -u 2>/dev/null || echo '0') MCP_GATEWAY_GID=$(id -g 2>/dev/null || echo '0') case "${DOCKER_HOST:-}" in @@ -2107,10 +1709,10 @@ jobs: * ) DOCKER_SOCK_PATH=/var/run/docker.sock ;; esac DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0') - export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -e GH_TOKEN -e TAVILY_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' + export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -e TAVILY_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_2c597ac236547337_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_6c10dee9cba3ad2a_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { "agenticworkflows": { @@ -2218,7 +1820,7 @@ jobs: } } } - GH_AW_MCP_CONFIG_2c597ac236547337_EOF + GH_AW_MCP_CONFIG_6c10dee9cba3ad2a_EOF - name: Mount MCP servers as CLIs id: mount-mcp-clis continue-on-error: true @@ -3174,7 +2776,7 @@ jobs: echo "GH_HOST=${GH_HOST}" >> "$GITHUB_ENV" - name: Configure Safe Outputs Custom Scripts run: | - cat > "${RUNNER_TEMP}/gh-aw/actions/safe_output_script_post_slack_message.cjs" << 'GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_0e53dbb3b5b071d6_EOF' + cat > "${RUNNER_TEMP}/gh-aw/actions/safe_output_script_post_slack_message.cjs" << 'GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_9b4faa0127b58fde_EOF' // @ts-check /// // Auto-generated safe-output script handler: post-slack-message @@ -3194,7 +2796,7 @@ jobs: } module.exports = { main }; - GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_0e53dbb3b5b071d6_EOF + GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_9b4faa0127b58fde_EOF - name: Process Safe Outputs id: process_safe_outputs uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 diff --git a/.github/workflows/smoke-claude.md b/.github/workflows/smoke-claude.md index 1b20b2a4127..ca15342e3b6 100644 --- a/.github/workflows/smoke-claude.md +++ b/.github/workflows/smoke-claude.md @@ -20,9 +20,9 @@ permissions: actions: read name: Smoke Claude +max-turns: 100 engine: id: claude - max-turns: 100 bare: true strict: false inlined-imports: true @@ -31,7 +31,6 @@ imports: - shared/gh.md - shared/mcp/tavily.md - shared/reporting.md - - shared/github-queries-mcp-script.md - shared/go-make.md - shared/github-mcp-app.md - shared/mcp/serena-go.md @@ -49,6 +48,7 @@ sandbox: - /tmp/gh-aw/agent tools: agentic-workflows: + cli-proxy: true cache-memory: true github: toolsets: [repos, pull_requests] @@ -142,8 +142,10 @@ timeout-minutes: 10 ## Test Requirements +For tests below, mark a test as passed only if the required tool call succeeds. + 1. **GitHub MCP Testing**: Review the last 2 merged pull requests in ${{ github.repository }} -2. **MCP Scripts GH CLI Testing**: Use the `mcpscripts-gh` tool to query 2 pull requests from ${{ github.repository }} (use args: "pr list --repo ${{ github.repository }} --limit 2 --json number,title,author") +2. **GH CLI Testing (via `gh-proxy`)**: Use `bash` to run `gh pr list --repo ${{ github.repository }} --limit 2 --json number,title,author` 3. **Serena MCP Testing**: - Use the Serena MCP server tool `activate_project` to initialize the workspace at `${{ github.workspace }}` and verify it succeeds (do NOT use bash to run go commands - use Serena's MCP tools or the mcpscripts-go/mcpscripts-make tools from the go-make shared workflow) - After initialization, use the `find_symbol` tool to search for symbols (find which tool to call) and verify that at least 3 symbols are found in the results @@ -153,7 +155,7 @@ timeout-minutes: 10 7. **File Writing Testing**: Create a test file `/tmp/gh-aw/agent/smoke-test-claude-${{ github.run_id }}.txt` with content "Smoke test passed for Claude at $(date)" (create the directory if it doesn't exist) 8. **Bash Tool Testing**: Execute bash commands to verify file creation was successful (use `cat` to read the file back) 9. **Discussion Interaction Testing**: - - Use the `github-discussion-query` mcp-script tool with params: `limit=1, jq=".[0]"` to get the latest discussion from ${{ github.repository }} + - Use `gh api repos/${{ github.repository }}/discussions?per_page=1` to get the latest discussion from ${{ github.repository }} - Extract the discussion number from the result (e.g., if the result is `{"number": 123, "title": "...", ...}`, extract 123) - Use the `add_comment` tool with `discussion_number: ` to add a fun, comic-book style comment stating that the smoke test agent was here 10. **Agentic Workflows MCP Testing**: @@ -165,16 +167,13 @@ timeout-minutes: 10 11. **Slack Script Safe Output Testing**: Use the `post_slack_message` safe-output tool to post a fictitious Slack message: - Use `channel: "#smoke-tests"` and `message: "๐Ÿ’ฅ Smoke test ${{ github.run_id }} passed โ€” Claude engine nominal!"` - - Verify the tool call succeeds 12. **Code Scanning Alert Safe Output Testing**: Use the `create_code_scanning_alert` safe-output tool to post a dummy warning code scanning alert: - Use `level: "warning"`, `message: "Smoke test dummy warning โ€” Run ${{ github.run_id }}"`, `file: "README.md"`, `line: 1` - - Verify the tool call succeeds - This tests the SARIF artifact upload/download pipeline 13. **Check Run Safe Output Testing**: Use the `create_check_run` safe-output tool to create a check run on the current commit: - Use `conclusion: "success"`, `title: "Smoke Claude - Run ${{ github.run_id }}"`, `summary: "All smoke tests completed."`, and `text: "Detailed results attached."` - - Verify the tool call succeeds ## PR Review Safe Outputs Testing diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml index 556d8b1c286..e031190082f 100644 --- a/.github/workflows/smoke-codex.lock.yml +++ b/.github/workflows/smoke-codex.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"b341011f20b38de67f2e6a504653ae9d2456f4de75b4a2991c6586e2531de7ce","body_hash":"3f86f90be7b76e4f629470b1e5dbf494f15ff00577f4598b6782cfb26007f947","agent_id":"codex"} +# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"a7510988f693df1e4612910a7bce6ad581d8eaf6eff6cfb01014f334159aba31","body_hash":"3f86f90be7b76e4f629470b1e5dbf494f15ff00577f4598b6782cfb26007f947","agent_id":"codex"} # gh-aw-manifest: {"version":1,"secrets":["CODEX_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","OPENAI_API_KEY"],"actions":[{"repo":"actions-ecosystem/action-add-labels","sha":"c96b68fec76a0987cd93957189e9abd0b9a72ff1","version":"v1.1.3"},{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.2"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]} # ___ _ _ # / _ \ | | (_) @@ -293,25 +293,25 @@ jobs: run: | bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh" { - cat << 'GH_AW_PROMPT_fbf9ec94ce10d73b_EOF' + cat << 'GH_AW_PROMPT_cc0d67d02319e095_EOF' - GH_AW_PROMPT_fbf9ec94ce10d73b_EOF + GH_AW_PROMPT_cc0d67d02319e095_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" cat "${RUNNER_TEMP}/gh-aw/prompts/playwright_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_fbf9ec94ce10d73b_EOF' + cat << 'GH_AW_PROMPT_cc0d67d02319e095_EOF' Tools: add_comment(max:2), create_issue, add_labels, remove_labels, unassign_from_user, hide_comment(max:5), set_issue_field, missing_tool, missing_data, noop, add_smoked_label - GH_AW_PROMPT_fbf9ec94ce10d73b_EOF + GH_AW_PROMPT_cc0d67d02319e095_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_comment_memory.md" - cat << 'GH_AW_PROMPT_fbf9ec94ce10d73b_EOF' + cat << 'GH_AW_PROMPT_cc0d67d02319e095_EOF' - GH_AW_PROMPT_fbf9ec94ce10d73b_EOF + GH_AW_PROMPT_cc0d67d02319e095_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md" - cat << 'GH_AW_PROMPT_fbf9ec94ce10d73b_EOF' + cat << 'GH_AW_PROMPT_cc0d67d02319e095_EOF' The following GitHub context information is available for this workflow: {{#if github.actor}} @@ -353,12 +353,12 @@ jobs: stop immediately and report the limitation rather than spending turns trying to work around it. - GH_AW_PROMPT_fbf9ec94ce10d73b_EOF + GH_AW_PROMPT_cc0d67d02319e095_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md" if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md" fi - cat << 'GH_AW_PROMPT_fbf9ec94ce10d73b_EOF' + cat << 'GH_AW_PROMPT_cc0d67d02319e095_EOF' ## Serena Code Analysis @@ -399,7 +399,7 @@ jobs: {{#runtime-import .github/workflows/shared/reporting.md}} {{#runtime-import .github/workflows/shared/noop-reminder.md}} {{#runtime-import .github/workflows/smoke-codex.md}} - GH_AW_PROMPT_fbf9ec94ce10d73b_EOF + GH_AW_PROMPT_cc0d67d02319e095_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 @@ -435,7 +435,7 @@ jobs: GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }} GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }} GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }} - GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` โ€” run `safeoutputs --help` to see available tools' + GH_AW_MCP_CLI_SERVERS_LIST: "- `safeoutputs` โ€” run `safeoutputs --help` to see available tools\n- `serena` โ€” run `serena --help` to see available tools" GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }} GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }} with: @@ -680,9 +680,9 @@ jobs: mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs" mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_a600254dfefca784_EOF' + cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_28064a3bc284bebf_EOF' {"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-codex"]},"add_smoked_label":true,"comment_memory":{"max":1,"memory_id":"default"},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-codex","expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"hide_comment":{"max":5},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"report_incomplete":{},"set_issue_field":{"allowed_fields":["*"],"max":1},"unassign_from_user":{"allowed":["githubactionagent"],"max":1}} - GH_AW_SAFE_OUTPUTS_CONFIG_a600254dfefca784_EOF + GH_AW_SAFE_OUTPUTS_CONFIG_28064a3bc284bebf_EOF - name: Generate Safe Outputs Tools env: GH_AW_TOOLS_META_JSON: | @@ -1066,6 +1066,8 @@ jobs: export DEBUG="*" export GH_AW_ENGINE="codex" + export GH_AW_MCP_CLI_SERVERS='["safeoutputs","serena"]' + echo GH_AW_MCP_CLI_SERVERS='["safeoutputs","serena"]' >> "$GITHUB_ENV" MCP_GATEWAY_UID=$(id -u 2>/dev/null || echo '0') MCP_GATEWAY_GID=$(id -g 2>/dev/null || echo '0') case "${DOCKER_HOST:-}" in @@ -1076,7 +1078,7 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_805dea6f43c87be2_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_829cdf13256546b8_EOF [history] persistence = "none" @@ -1118,11 +1120,11 @@ jobs: [mcp_servers.serena."guard-policies".write-sink] accept = ["*"] - GH_AW_MCP_CONFIG_805dea6f43c87be2_EOF + GH_AW_MCP_CONFIG_829cdf13256546b8_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_805dea6f43c87be2_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_829cdf13256546b8_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { "github": { @@ -1193,11 +1195,11 @@ jobs: } } } - GH_AW_MCP_CONFIG_805dea6f43c87be2_EOF + GH_AW_MCP_CONFIG_829cdf13256546b8_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_b684e3d57a289b09_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_f3a08c1e569a3347_EOF model_provider = "openai-proxy" @@ -1209,7 +1211,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^GH_AW_ASSETS_ALLOWED_EXTS$", "^GH_AW_ASSETS_BRANCH$", "^GH_AW_ASSETS_MAX_SIZE_KB$", "^GH_AW_SAFE_OUTPUTS$", "^GITHUB_PERSONAL_ACCESS_TOKEN$", "^GITHUB_REPOSITORY$", "^GITHUB_SERVER_URL$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_CODEX_SHELL_POLICY_b684e3d57a289b09_EOF + GH_AW_CODEX_SHELL_POLICY_f3a08c1e569a3347_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } @@ -1842,18 +1844,18 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_011d3d526064c7e0_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_7546c7b0925a6f46_EOF [history] persistence = "none" [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_MCP_CONFIG_011d3d526064c7e0_EOF + GH_AW_MCP_CONFIG_7546c7b0925a6f46_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_ac507fd6d309fe37_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_9520d11db2263f4a_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { }, @@ -1864,11 +1866,11 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_ac507fd6d309fe37_EOF + GH_AW_MCP_CONFIG_9520d11db2263f4a_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_e4d10d548ac43d8f_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_5370fdc3abac5264_EOF model_provider = "openai-proxy" [model_providers.openai-proxy] name = "OpenAI AWF proxy" @@ -1878,7 +1880,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_CODEX_SHELL_POLICY_e4d10d548ac43d8f_EOF + GH_AW_CODEX_SHELL_POLICY_5370fdc3abac5264_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } diff --git a/.github/workflows/smoke-codex.md b/.github/workflows/smoke-codex.md index 6d3d161fecb..37368294624 100644 --- a/.github/workflows/smoke-codex.md +++ b/.github/workflows/smoke-codex.md @@ -37,6 +37,7 @@ network: - github - playwright tools: + cli-proxy: true cache-memory: true comment-memory: true github: