From ce328c2296aa0b1a4dc0f35fab243fd4672157ae Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 2 Jun 2026 20:12:47 +0000
Subject: [PATCH 1/2] feat: add slash_command decentralized support to all
smoke agentic workflows
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
.../workflows/smoke-agent-all-merged.lock.yml | 103 ++++++++---
.github/workflows/smoke-agent-all-merged.md | 1 +
.../workflows/smoke-agent-all-none.lock.yml | 103 ++++++++---
.github/workflows/smoke-agent-all-none.md | 1 +
.../smoke-agent-public-approved.lock.yml | 103 ++++++++---
.../workflows/smoke-agent-public-approved.md | 1 +
.../smoke-agent-public-none.lock.yml | 103 ++++++++---
.github/workflows/smoke-agent-public-none.md | 1 +
.../smoke-agent-scoped-approved.lock.yml | 103 ++++++++---
.../workflows/smoke-agent-scoped-approved.md | 1 +
.github/workflows/smoke-antigravity.lock.yml | 89 +++++++---
.github/workflows/smoke-antigravity.md | 1 +
.../workflows/smoke-call-workflow.lock.yml | 162 ++++++++++++++----
.github/workflows/smoke-call-workflow.md | 1 +
.github/workflows/smoke-claude.lock.yml | 128 +++++++++-----
.github/workflows/smoke-claude.md | 1 +
.github/workflows/smoke-codex.lock.yml | 113 ++++++++----
.github/workflows/smoke-codex.md | 1 +
.github/workflows/smoke-copilot-arm.lock.yml | 109 ++++++++----
.github/workflows/smoke-copilot-arm.md | 1 +
.github/workflows/smoke-copilot-sdk.lock.yml | 108 +++++++++---
.github/workflows/smoke-copilot-sdk.md | 1 +
.github/workflows/smoke-copilot.lock.yml | 138 ++++++++++-----
.github/workflows/smoke-copilot.md | 1 +
.../smoke-create-cross-repo-pr.lock.yml | 107 +++++++++---
.../workflows/smoke-create-cross-repo-pr.md | 1 +
.github/workflows/smoke-crush.lock.yml | 89 +++++++---
.github/workflows/smoke-crush.md | 1 +
.github/workflows/smoke-gemini.lock.yml | 89 +++++++---
.github/workflows/smoke-gemini.md | 1 +
.github/workflows/smoke-multi-pr.lock.yml | 93 +++++++---
.github/workflows/smoke-multi-pr.md | 1 +
.github/workflows/smoke-opencode.lock.yml | 89 +++++++---
.github/workflows/smoke-opencode.md | 1 +
.../workflows/smoke-otel-backends.lock.yml | 108 +++++++++---
.github/workflows/smoke-otel-backends.md | 1 +
.github/workflows/smoke-pi.lock.yml | 85 ++++++---
.github/workflows/smoke-pi.md | 1 +
.github/workflows/smoke-project.lock.yml | 93 +++++++---
.github/workflows/smoke-project.md | 1 +
.../workflows/smoke-service-ports.lock.yml | 117 +++++++++++--
.github/workflows/smoke-service-ports.md | 1 +
.github/workflows/smoke-temporary-id.lock.yml | 89 +++++++---
.github/workflows/smoke-temporary-id.md | 1 +
.github/workflows/smoke-test-tools.lock.yml | 103 ++++++++---
.github/workflows/smoke-test-tools.md | 1 +
.../smoke-update-cross-repo-pr.lock.yml | 110 +++++++++---
.../workflows/smoke-update-cross-repo-pr.md | 1 +
48 files changed, 1885 insertions(+), 673 deletions(-)
diff --git a/.github/workflows/smoke-agent-all-merged.lock.yml b/.github/workflows/smoke-agent-all-merged.lock.yml
index d14e4ea2dbf..25dac212589 100644
--- a/.github/workflows/smoke-agent-all-merged.lock.yml
+++ b/.github/workflows/smoke-agent-all-merged.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"acaa1f71601d356456f3a4a5188b2eb023d9c82b65d3512d87b1be017658a08b","body_hash":"d6f2db684c1be931739b55119a24f511d31320e899054a318a9f3d81c0a9e31e","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"eebc5146d050c8078d4b7bf7113fec47f0f08b02ed9bc5e558172a6bd48c6f6f","body_hash":"d6f2db684c1be931739b55119a24f511d31320e899054a318a9f3d81c0a9e31e","strict":true,"agent_id":"claude"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -55,11 +55,32 @@
name: "Smoke Agent: all/merged"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - metal # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -71,8 +92,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Agent: all/merged"
@@ -87,14 +107,14 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-all-merged ') || startsWith(github.event.issue.body, '/smoke-agent-all-merged\n') || github.event.issue.body == '/smoke-agent-all-merged') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-all-merged ') || startsWith(github.event.pull_request.body, '/smoke-agent-all-merged\n') || github.event.pull_request.body == '/smoke-agent-all-merged') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-all-merged ') || startsWith(github.event.discussion.body, '/smoke-agent-all-merged\n') || github.event.discussion.body == '/smoke-agent-all-merged') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
+ pull-requests: write
outputs:
body: ${{ steps.sanitized.outputs.body }}
comment_id: ${{ steps.add-comment.outputs.comment-id }}
@@ -110,6 +130,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -181,6 +202,19 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_daily_effective_workflow_guardrail.cjs');
await main();
+ - name: Add eyes reaction for immediate feedback
+ id: react
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_REACTION: "eyes"
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/add_reaction.cjs');
+ await main();
- name: Validate ANTHROPIC_API_KEY secret
id: validate-secret
run: bash "${RUNNER_TEMP}/gh-aw/actions/validate_multi_secret.sh" ANTHROPIC_API_KEY 'Claude Code' https://github.github.com/gh-aw/reference/engines/#anthropic-claude-code
@@ -257,24 +291,25 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_21b7c8296226cb73_EOF'
+ cat << 'GH_AW_PROMPT_1341bd1459e06faf_EOF'
- GH_AW_PROMPT_21b7c8296226cb73_EOF
+ GH_AW_PROMPT_1341bd1459e06faf_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_21b7c8296226cb73_EOF'
+ cat << 'GH_AW_PROMPT_1341bd1459e06faf_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_21b7c8296226cb73_EOF
+ GH_AW_PROMPT_1341bd1459e06faf_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_21b7c8296226cb73_EOF'
+ cat << 'GH_AW_PROMPT_1341bd1459e06faf_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -303,13 +338,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_21b7c8296226cb73_EOF
+ GH_AW_PROMPT_1341bd1459e06faf_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_21b7c8296226cb73_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_1341bd1459e06faf_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-all-merged.md}}
- GH_AW_PROMPT_21b7c8296226cb73_EOF
+ GH_AW_PROMPT_1341bd1459e06faf_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -335,8 +373,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -356,8 +396,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -527,9 +569,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_ee91a169c2ee16f3_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_3d73841cb789f073_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_ee91a169c2ee16f3_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_3d73841cb789f073_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -720,7 +762,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_4095728c9715b4f9_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_ed0f7ebdad8063fc_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -768,7 +810,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_4095728c9715b4f9_EOF
+ GH_AW_MCP_CONFIG_ed0f7ebdad8063fc_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -975,6 +1017,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,cdn.playwright.dev,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,pypi.org,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,sentry.io,shields.io,snyk.io,sonarcloud.io,sonarqube.com,statsig.anthropic.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-agent-all-merged\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1498,15 +1541,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-all-merged ') || startsWith(github.event.issue.body, '/smoke-agent-all-merged\n') || github.event.issue.body == '/smoke-agent-all-merged') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-all-merged ') || startsWith(github.event.pull_request.body, '/smoke-agent-all-merged\n') || github.event.pull_request.body == '/smoke-agent-all-merged') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-all-merged ') || startsWith(github.event.discussion.body, '/smoke-agent-all-merged\n') || github.event.discussion.body == '/smoke-agent-all-merged') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1530,7 +1571,7 @@ jobs:
GH_AW_INFO_VERSION: "2.1.156"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "claude"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1542,6 +1583,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-agent-all-merged\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1558,6 +1610,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-agent-all-merged"
+ GH_AW_COMMANDS: "[\"smoke-agent-all-merged\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-agent-all-merged.md b/.github/workflows/smoke-agent-all-merged.md
index 0f21cc0a947..f0ce63dd482 100644
--- a/.github/workflows/smoke-agent-all-merged.md
+++ b/.github/workflows/smoke-agent-all-merged.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: "Guard policy smoke test: repos=all, min-integrity=merged (most restrictive)"
on:
+ slash_command: smoke-agent-all-merged
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-agent-all-none.lock.yml b/.github/workflows/smoke-agent-all-none.lock.yml
index 0a2f41f7875..a17f0f1688c 100644
--- a/.github/workflows/smoke-agent-all-none.lock.yml
+++ b/.github/workflows/smoke-agent-all-none.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"49cdc5e1c6d3bff755ad4bc4dad984f2f5c5c4b9c10f52f7c7d86c68d4a87285","body_hash":"593419fde63fbac2a601604c119d136ac207cb9a130cd0f2ac17b7e555e4cede","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"51b458992a0f51fda91877f6fc35462b6feb4ffe3d69a4b6db0538766889948b","body_hash":"593419fde63fbac2a601604c119d136ac207cb9a130cd0f2ac17b7e555e4cede","strict":true,"agent_id":"claude"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -55,11 +55,32 @@
name: "Smoke Agent: all/none"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - metal # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -71,8 +92,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Agent: all/none"
@@ -87,14 +107,14 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-all-none ') || startsWith(github.event.issue.body, '/smoke-agent-all-none\n') || github.event.issue.body == '/smoke-agent-all-none') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-all-none ') || startsWith(github.event.pull_request.body, '/smoke-agent-all-none\n') || github.event.pull_request.body == '/smoke-agent-all-none') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-all-none ') || startsWith(github.event.discussion.body, '/smoke-agent-all-none\n') || github.event.discussion.body == '/smoke-agent-all-none') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
+ pull-requests: write
outputs:
body: ${{ steps.sanitized.outputs.body }}
comment_id: ${{ steps.add-comment.outputs.comment-id }}
@@ -110,6 +130,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -181,6 +202,19 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_daily_effective_workflow_guardrail.cjs');
await main();
+ - name: Add eyes reaction for immediate feedback
+ id: react
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_REACTION: "eyes"
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/add_reaction.cjs');
+ await main();
- name: Validate ANTHROPIC_API_KEY secret
id: validate-secret
run: bash "${RUNNER_TEMP}/gh-aw/actions/validate_multi_secret.sh" ANTHROPIC_API_KEY 'Claude Code' https://github.github.com/gh-aw/reference/engines/#anthropic-claude-code
@@ -257,24 +291,25 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_f267e200bf395af3_EOF'
+ cat << 'GH_AW_PROMPT_97f1d6582581ab92_EOF'
- GH_AW_PROMPT_f267e200bf395af3_EOF
+ GH_AW_PROMPT_97f1d6582581ab92_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_f267e200bf395af3_EOF'
+ cat << 'GH_AW_PROMPT_97f1d6582581ab92_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_f267e200bf395af3_EOF
+ GH_AW_PROMPT_97f1d6582581ab92_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_f267e200bf395af3_EOF'
+ cat << 'GH_AW_PROMPT_97f1d6582581ab92_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -303,13 +338,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_f267e200bf395af3_EOF
+ GH_AW_PROMPT_97f1d6582581ab92_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_f267e200bf395af3_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_97f1d6582581ab92_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-all-none.md}}
- GH_AW_PROMPT_f267e200bf395af3_EOF
+ GH_AW_PROMPT_97f1d6582581ab92_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -335,8 +373,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -356,8 +396,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -527,9 +569,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_dc320bf629f546a1_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_75751a486e660fbe_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_dc320bf629f546a1_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_75751a486e660fbe_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -720,7 +762,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_f225f5802acecc6d_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_b2fa6adb7754ae29_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -768,7 +810,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_f225f5802acecc6d_EOF
+ GH_AW_MCP_CONFIG_b2fa6adb7754ae29_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -975,6 +1017,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,cdn.playwright.dev,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,pypi.org,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,sentry.io,shields.io,snyk.io,sonarcloud.io,sonarqube.com,statsig.anthropic.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-agent-all-none\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1498,15 +1541,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-all-none ') || startsWith(github.event.issue.body, '/smoke-agent-all-none\n') || github.event.issue.body == '/smoke-agent-all-none') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-all-none ') || startsWith(github.event.pull_request.body, '/smoke-agent-all-none\n') || github.event.pull_request.body == '/smoke-agent-all-none') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-all-none ') || startsWith(github.event.discussion.body, '/smoke-agent-all-none\n') || github.event.discussion.body == '/smoke-agent-all-none') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1530,7 +1571,7 @@ jobs:
GH_AW_INFO_VERSION: "2.1.156"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "claude"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1542,6 +1583,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-agent-all-none\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1558,6 +1610,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-agent-all-none"
+ GH_AW_COMMANDS: "[\"smoke-agent-all-none\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-agent-all-none.md b/.github/workflows/smoke-agent-all-none.md
index 16ba515deea..2d07fdda7e8 100644
--- a/.github/workflows/smoke-agent-all-none.md
+++ b/.github/workflows/smoke-agent-all-none.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: "Guard policy smoke test: repos=all, min-integrity=none (most permissive)"
on:
+ slash_command: smoke-agent-all-none
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-agent-public-approved.lock.yml b/.github/workflows/smoke-agent-public-approved.lock.yml
index f8c59240053..d97ab6542c0 100644
--- a/.github/workflows/smoke-agent-public-approved.lock.yml
+++ b/.github/workflows/smoke-agent-public-approved.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"448dbd1752ad265bdc0f8d3ecdc260c1c96b36495fc767e09f8439bbd7562f1a","body_hash":"d8ca9956f5003afef37390d4cb75044fdd1ae6625eb24359bd6184012f5c35a8","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"a64ef34321b27fdaab0984ba1cebb1e819edd69c1819b42214eee4b6278b58f2","body_hash":"d8ca9956f5003afef37390d4cb75044fdd1ae6625eb24359bd6184012f5c35a8","strict":true,"agent_id":"claude"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_AGENT_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -57,11 +57,32 @@
name: "Smoke Agent: public/approved"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - metal # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -73,8 +94,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Agent: public/approved"
@@ -89,14 +109,14 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-public-approved ') || startsWith(github.event.issue.body, '/smoke-agent-public-approved\n') || github.event.issue.body == '/smoke-agent-public-approved') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-public-approved ') || startsWith(github.event.pull_request.body, '/smoke-agent-public-approved\n') || github.event.pull_request.body == '/smoke-agent-public-approved') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-public-approved ') || startsWith(github.event.discussion.body, '/smoke-agent-public-approved\n') || github.event.discussion.body == '/smoke-agent-public-approved') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
+ pull-requests: write
outputs:
body: ${{ steps.sanitized.outputs.body }}
comment_id: ${{ steps.add-comment.outputs.comment-id }}
@@ -112,6 +132,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -183,6 +204,19 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_daily_effective_workflow_guardrail.cjs');
await main();
+ - name: Add eyes reaction for immediate feedback
+ id: react
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_REACTION: "eyes"
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/add_reaction.cjs');
+ await main();
- name: Validate ANTHROPIC_API_KEY secret
id: validate-secret
run: bash "${RUNNER_TEMP}/gh-aw/actions/validate_multi_secret.sh" ANTHROPIC_API_KEY 'Claude Code' https://github.github.com/gh-aw/reference/engines/#anthropic-claude-code
@@ -259,24 +293,25 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_5857e6c759ba5788_EOF'
+ cat << 'GH_AW_PROMPT_36eb0b629f959dc2_EOF'
- GH_AW_PROMPT_5857e6c759ba5788_EOF
+ GH_AW_PROMPT_36eb0b629f959dc2_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_5857e6c759ba5788_EOF'
+ cat << 'GH_AW_PROMPT_36eb0b629f959dc2_EOF'
Tools: add_comment(max:2), assign_to_agent, missing_tool, missing_data, noop
- GH_AW_PROMPT_5857e6c759ba5788_EOF
+ GH_AW_PROMPT_36eb0b629f959dc2_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_5857e6c759ba5788_EOF'
+ cat << 'GH_AW_PROMPT_36eb0b629f959dc2_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -305,14 +340,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_5857e6c759ba5788_EOF
+ GH_AW_PROMPT_36eb0b629f959dc2_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_5857e6c759ba5788_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_36eb0b629f959dc2_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-public-approved.md}}
- GH_AW_PROMPT_5857e6c759ba5788_EOF
+ GH_AW_PROMPT_36eb0b629f959dc2_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -338,8 +376,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -359,8 +399,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -531,9 +573,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_02b0a6964eb6e7c1_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_3a3ba7aafd7ef25b_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"assign_to_agent":{"allowed":["copilot"],"custom-agent":"agentic-workflows","max":1,"target":"*"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_02b0a6964eb6e7c1_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_3a3ba7aafd7ef25b_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -752,7 +794,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_e6b70d3cf649bfc4_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_8603c61b01f21e23_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -800,7 +842,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_e6b70d3cf649bfc4_EOF
+ GH_AW_MCP_CONFIG_8603c61b01f21e23_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1007,6 +1049,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,cdn.playwright.dev,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,pypi.org,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,sentry.io,shields.io,snyk.io,sonarcloud.io,sonarqube.com,statsig.anthropic.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-agent-public-approved\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1533,15 +1576,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-public-approved ') || startsWith(github.event.issue.body, '/smoke-agent-public-approved\n') || github.event.issue.body == '/smoke-agent-public-approved') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-public-approved ') || startsWith(github.event.pull_request.body, '/smoke-agent-public-approved\n') || github.event.pull_request.body == '/smoke-agent-public-approved') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-public-approved ') || startsWith(github.event.discussion.body, '/smoke-agent-public-approved\n') || github.event.discussion.body == '/smoke-agent-public-approved') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1565,7 +1606,7 @@ jobs:
GH_AW_INFO_VERSION: "2.1.156"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "claude"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1577,6 +1618,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-agent-public-approved\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1593,6 +1645,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-agent-public-approved"
+ GH_AW_COMMANDS: "[\"smoke-agent-public-approved\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-agent-public-approved.md b/.github/workflows/smoke-agent-public-approved.md
index b9441498cad..0aa23ef9ba1 100644
--- a/.github/workflows/smoke-agent-public-approved.md
+++ b/.github/workflows/smoke-agent-public-approved.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke test that validates assign-to-agent with the agentic-workflows custom agent
on:
+ slash_command: smoke-agent-public-approved
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-agent-public-none.lock.yml b/.github/workflows/smoke-agent-public-none.lock.yml
index ab33fda6adb..4df4d157d93 100644
--- a/.github/workflows/smoke-agent-public-none.lock.yml
+++ b/.github/workflows/smoke-agent-public-none.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"30c40e10677efe43296a28ef751596b9eda8d10cb195691f0f126b1634d87941","body_hash":"2d0ad68f5c024b0a2128b098a6154283391acd919b9f4683730d58d93b6ff7d3","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"c78aef2e763cfdeae863bab152b9ca47807289494a503101c74cb446f8b64c0a","body_hash":"2d0ad68f5c024b0a2128b098a6154283391acd919b9f4683730d58d93b6ff7d3","strict":true,"agent_id":"claude"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -55,11 +55,32 @@
name: "Smoke Agent: public/none"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - metal # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -71,8 +92,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Agent: public/none"
@@ -87,14 +107,14 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-public-none ') || startsWith(github.event.issue.body, '/smoke-agent-public-none\n') || github.event.issue.body == '/smoke-agent-public-none') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-public-none ') || startsWith(github.event.pull_request.body, '/smoke-agent-public-none\n') || github.event.pull_request.body == '/smoke-agent-public-none') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-public-none ') || startsWith(github.event.discussion.body, '/smoke-agent-public-none\n') || github.event.discussion.body == '/smoke-agent-public-none') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
+ pull-requests: write
outputs:
body: ${{ steps.sanitized.outputs.body }}
comment_id: ${{ steps.add-comment.outputs.comment-id }}
@@ -110,6 +130,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -181,6 +202,19 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_daily_effective_workflow_guardrail.cjs');
await main();
+ - name: Add eyes reaction for immediate feedback
+ id: react
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_REACTION: "eyes"
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/add_reaction.cjs');
+ await main();
- name: Validate ANTHROPIC_API_KEY secret
id: validate-secret
run: bash "${RUNNER_TEMP}/gh-aw/actions/validate_multi_secret.sh" ANTHROPIC_API_KEY 'Claude Code' https://github.github.com/gh-aw/reference/engines/#anthropic-claude-code
@@ -257,24 +291,25 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_51dce9e17967a1ab_EOF'
+ cat << 'GH_AW_PROMPT_bcafc658316a06e7_EOF'
- GH_AW_PROMPT_51dce9e17967a1ab_EOF
+ GH_AW_PROMPT_bcafc658316a06e7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_51dce9e17967a1ab_EOF'
+ cat << 'GH_AW_PROMPT_bcafc658316a06e7_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_51dce9e17967a1ab_EOF
+ GH_AW_PROMPT_bcafc658316a06e7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_51dce9e17967a1ab_EOF'
+ cat << 'GH_AW_PROMPT_bcafc658316a06e7_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -303,13 +338,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_51dce9e17967a1ab_EOF
+ GH_AW_PROMPT_bcafc658316a06e7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_51dce9e17967a1ab_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_bcafc658316a06e7_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-public-none.md}}
- GH_AW_PROMPT_51dce9e17967a1ab_EOF
+ GH_AW_PROMPT_bcafc658316a06e7_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -335,8 +373,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -356,8 +396,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -527,9 +569,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_fca1c8cb21cb9bb2_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_7579df0162f51be6_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_fca1c8cb21cb9bb2_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_7579df0162f51be6_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -720,7 +762,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_0da13e60483b793b_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_6f0dd09f1c5b7b97_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -768,7 +810,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_0da13e60483b793b_EOF
+ GH_AW_MCP_CONFIG_6f0dd09f1c5b7b97_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -975,6 +1017,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,cdn.playwright.dev,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,pypi.org,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,sentry.io,shields.io,snyk.io,sonarcloud.io,sonarqube.com,statsig.anthropic.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-agent-public-none\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1498,15 +1541,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-public-none ') || startsWith(github.event.issue.body, '/smoke-agent-public-none\n') || github.event.issue.body == '/smoke-agent-public-none') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-public-none ') || startsWith(github.event.pull_request.body, '/smoke-agent-public-none\n') || github.event.pull_request.body == '/smoke-agent-public-none') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-public-none ') || startsWith(github.event.discussion.body, '/smoke-agent-public-none\n') || github.event.discussion.body == '/smoke-agent-public-none') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1530,7 +1571,7 @@ jobs:
GH_AW_INFO_VERSION: "2.1.156"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "claude"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1542,6 +1583,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-agent-public-none\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1558,6 +1610,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-agent-public-none"
+ GH_AW_COMMANDS: "[\"smoke-agent-public-none\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-agent-public-none.md b/.github/workflows/smoke-agent-public-none.md
index 204799b7c90..b4bf662fa39 100644
--- a/.github/workflows/smoke-agent-public-none.md
+++ b/.github/workflows/smoke-agent-public-none.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: "Guard policy smoke test: repos=public, min-integrity=none"
on:
+ slash_command: smoke-agent-public-none
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-agent-scoped-approved.lock.yml b/.github/workflows/smoke-agent-scoped-approved.lock.yml
index d045c0f917b..0cb9d814e7a 100644
--- a/.github/workflows/smoke-agent-scoped-approved.lock.yml
+++ b/.github/workflows/smoke-agent-scoped-approved.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"4425f240a39b34f972f4f9cc508e969873ab5082fca9a867ac03f278b75d6053","body_hash":"2b9a4cb382ef451c5d8c0c0d3c70a40962955115a3e0abd100761b22bf0d08d2","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"10e648d92c6ada0babeb696973d9fabd12c6196f4bd038450d927557972a6a03","body_hash":"2b9a4cb382ef451c5d8c0c0d3c70a40962955115a3e0abd100761b22bf0d08d2","strict":true,"agent_id":"claude"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -56,11 +56,32 @@
name: "Smoke Agent: scoped/approved"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - metal # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -72,8 +93,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Agent: scoped/approved"
@@ -88,14 +108,14 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.issue.body, '/smoke-agent-scoped-approved\n') || github.event.issue.body == '/smoke-agent-scoped-approved') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.pull_request.body, '/smoke-agent-scoped-approved\n') || github.event.pull_request.body == '/smoke-agent-scoped-approved') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.discussion.body, '/smoke-agent-scoped-approved\n') || github.event.discussion.body == '/smoke-agent-scoped-approved') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
+ pull-requests: write
outputs:
body: ${{ steps.sanitized.outputs.body }}
comment_id: ${{ steps.add-comment.outputs.comment-id }}
@@ -111,6 +131,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -182,6 +203,19 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_daily_effective_workflow_guardrail.cjs');
await main();
+ - name: Add eyes reaction for immediate feedback
+ id: react
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_REACTION: "eyes"
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/add_reaction.cjs');
+ await main();
- name: Validate ANTHROPIC_API_KEY secret
id: validate-secret
run: bash "${RUNNER_TEMP}/gh-aw/actions/validate_multi_secret.sh" ANTHROPIC_API_KEY 'Claude Code' https://github.github.com/gh-aw/reference/engines/#anthropic-claude-code
@@ -258,24 +292,25 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_fc57962803600efe_EOF'
+ cat << 'GH_AW_PROMPT_b60ef821e5d6084d_EOF'
- GH_AW_PROMPT_fc57962803600efe_EOF
+ GH_AW_PROMPT_b60ef821e5d6084d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_fc57962803600efe_EOF'
+ cat << 'GH_AW_PROMPT_b60ef821e5d6084d_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_fc57962803600efe_EOF
+ GH_AW_PROMPT_b60ef821e5d6084d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_fc57962803600efe_EOF'
+ cat << 'GH_AW_PROMPT_b60ef821e5d6084d_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -304,14 +339,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_fc57962803600efe_EOF
+ GH_AW_PROMPT_b60ef821e5d6084d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_fc57962803600efe_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_b60ef821e5d6084d_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-scoped-approved.md}}
- GH_AW_PROMPT_fc57962803600efe_EOF
+ GH_AW_PROMPT_b60ef821e5d6084d_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -337,8 +375,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -358,8 +398,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -530,9 +572,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_37dff9adbe9b9994_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_5d30cc919b6aed51_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_37dff9adbe9b9994_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_5d30cc919b6aed51_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -723,7 +765,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_1e192e2b0c15df86_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_437c312df32e4ae2_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -775,7 +817,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_1e192e2b0c15df86_EOF
+ GH_AW_MCP_CONFIG_437c312df32e4ae2_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -982,6 +1024,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,cdn.playwright.dev,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,playwright.download.prss.microsoft.com,ppa.launchpad.net,pypi.org,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,sentry.io,shields.io,snyk.io,sonarcloud.io,sonarqube.com,statsig.anthropic.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-agent-scoped-approved\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1505,15 +1548,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.issue.body, '/smoke-agent-scoped-approved\n') || github.event.issue.body == '/smoke-agent-scoped-approved') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.pull_request.body, '/smoke-agent-scoped-approved\n') || github.event.pull_request.body == '/smoke-agent-scoped-approved') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.discussion.body, '/smoke-agent-scoped-approved\n') || github.event.discussion.body == '/smoke-agent-scoped-approved') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1537,7 +1578,7 @@ jobs:
GH_AW_INFO_VERSION: "2.1.156"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "claude"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1549,6 +1590,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-agent-scoped-approved\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1565,6 +1617,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-agent-scoped-approved"
+ GH_AW_COMMANDS: "[\"smoke-agent-scoped-approved\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-agent-scoped-approved.md b/.github/workflows/smoke-agent-scoped-approved.md
index 8cb6ba02991..5dd1fad8ce6 100644
--- a/.github/workflows/smoke-agent-scoped-approved.md
+++ b/.github/workflows/smoke-agent-scoped-approved.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: "Guard policy smoke test: repos=[github/gh-aw, github/*], min-integrity=approved (scoped patterns)"
on:
+ slash_command: smoke-agent-scoped-approved
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-antigravity.lock.yml b/.github/workflows/smoke-antigravity.lock.yml
index c6f3fa63a8f..9e37065361f 100644
--- a/.github/workflows/smoke-antigravity.lock.yml
+++ b/.github/workflows/smoke-antigravity.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"3fb4693591a66c7a2a4b79e00ee047721c7557ce3c8f5db59be76aa37e2721bc","body_hash":"c31e389c6b38b324a3032f06974aee2fde8d1964907309aa367f4960338e4531","strict":true,"agent_id":"antigravity"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"52fa02e236e39ed46e54aa52d39e9504871f8f6a9983a5e377da696486cb15de","body_hash":"c31e389c6b38b324a3032f06974aee2fde8d1964907309aa367f4960338e4531","strict":true,"agent_id":"antigravity"}
# gh-aw-manifest: {"version":1,"secrets":["ANTIGRAVITY_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -61,11 +61,32 @@
name: "Smoke Antigravity"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -77,8 +98,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Antigravity"
@@ -93,13 +113,12 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-antigravity ') || startsWith(github.event.issue.body, '/smoke-antigravity\n') || github.event.issue.body == '/smoke-antigravity') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-antigravity ') || startsWith(github.event.pull_request.body, '/smoke-antigravity\n') || github.event.pull_request.body == '/smoke-antigravity') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-antigravity ') || startsWith(github.event.discussion.body, '/smoke-antigravity\n') || github.event.discussion.body == '/smoke-antigravity') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
@@ -118,6 +137,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
sub_agent_strategy: ${{ steps.pick-experiment.outputs.sub_agent_strategy }}
text: ${{ steps.sanitized.outputs.text }}
@@ -313,25 +333,26 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_5fc36b9121d70c89_EOF'
+ cat << 'GH_AW_PROMPT_6d8eb607356343b2_EOF'
- GH_AW_PROMPT_5fc36b9121d70c89_EOF
+ GH_AW_PROMPT_6d8eb607356343b2_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_5fc36b9121d70c89_EOF'
+ cat << 'GH_AW_PROMPT_6d8eb607356343b2_EOF'
Tools: add_comment(max:2), create_issue, add_labels, missing_tool, missing_data, noop
- GH_AW_PROMPT_5fc36b9121d70c89_EOF
+ GH_AW_PROMPT_6d8eb607356343b2_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_5fc36b9121d70c89_EOF'
+ cat << 'GH_AW_PROMPT_6d8eb607356343b2_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -360,9 +381,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_5fc36b9121d70c89_EOF
+ GH_AW_PROMPT_6d8eb607356343b2_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_5fc36b9121d70c89_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_6d8eb607356343b2_EOF'
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting-otlp.md}}
@@ -370,7 +394,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-antigravity.md}}
- GH_AW_PROMPT_5fc36b9121d70c89_EOF
+ GH_AW_PROMPT_6d8eb607356343b2_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -404,8 +428,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -430,8 +456,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_SERVER_URL: process.env.GH_AW_GITHUB_SERVER_URL,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -614,9 +642,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_1cb8ab1e66c8605a_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_681d4cbec555dfc3_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-antigravity"]},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-antigravity","expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_1cb8ab1e66c8605a_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_681d4cbec555dfc3_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -863,7 +891,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_e19dc85229d937e2_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_9e7155f8dd81c294_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"safeoutputs": {
@@ -893,7 +921,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_e19dc85229d937e2_EOF
+ GH_AW_MCP_CONFIG_9e7155f8dd81c294_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1046,6 +1074,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.googleapis.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,generativelanguage.googleapis.com,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,snyk.io,sonarcloud.io,sonarqube.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-antigravity\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1582,15 +1611,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-antigravity ') || startsWith(github.event.issue.body, '/smoke-antigravity\n') || github.event.issue.body == '/smoke-antigravity') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-antigravity ') || startsWith(github.event.pull_request.body, '/smoke-antigravity\n') || github.event.pull_request.body == '/smoke-antigravity') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-antigravity ') || startsWith(github.event.discussion.body, '/smoke-antigravity\n') || github.event.discussion.body == '/smoke-antigravity') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1612,7 +1639,7 @@ jobs:
GH_AW_SETUP_WORKFLOW_NAME: "Smoke Antigravity"
GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-antigravity.lock.yml@${{ github.ref }}
GH_AW_INFO_ENGINE_ID: "antigravity"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1624,6 +1651,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-antigravity\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
push_experiments_state:
needs: activation
@@ -1716,6 +1754,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-antigravity"
+ GH_AW_COMMANDS: "[\"smoke-antigravity\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-antigravity.md b/.github/workflows/smoke-antigravity.md
index 986c8811ed7..15262a0c58f 100644
--- a/.github/workflows/smoke-antigravity.md
+++ b/.github/workflows/smoke-antigravity.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke test workflow that validates Antigravity engine functionality twice daily
on:
+ slash_command: smoke-antigravity
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-call-workflow.lock.yml b/.github/workflows/smoke-call-workflow.lock.yml
index 3db03d021e1..b9b34a86fd4 100644
--- a/.github/workflows/smoke-call-workflow.lock.yml
+++ b/.github/workflows/smoke-call-workflow.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"499815b9579ccc462cbd8dd9124b88cea6f9e2c0f90ff1f263e878a7fe065e31","body_hash":"045828bb52fffb26f564965bec808ad613f31bdfa48fda8958696e41339e727b","strict":true,"agent_id":"codex","agent_model":"gpt-5.4-mini"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"cbff8d3c250607add6f62ba0a37457207f8f635de066e6a12a61d5aedf5bbb85","body_hash":"045828bb52fffb26f564965bec808ad613f31bdfa48fda8958696e41339e727b","strict":true,"agent_id":"codex","agent_model":"gpt-5.4-mini"}
# gh-aw-manifest: {"version":1,"secrets":["CODEX_API_KEY","COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","OPENAI_API_KEY"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -58,11 +58,32 @@
name: "Smoke Call Workflow"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - water # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -74,8 +95,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Call Workflow"
@@ -90,17 +110,19 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-call-workflow ') || startsWith(github.event.issue.body, '/smoke-call-workflow\n') || github.event.issue.body == '/smoke-call-workflow') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-call-workflow ') || startsWith(github.event.pull_request.body, '/smoke-call-workflow\n') || github.event.pull_request.body == '/smoke-call-workflow') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-call-workflow ') || startsWith(github.event.discussion.body, '/smoke-call-workflow\n') || github.event.discussion.body == '/smoke-call-workflow') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
+ issues: write
+ pull-requests: write
outputs:
body: ${{ steps.sanitized.outputs.body }}
- comment_id: ""
- comment_repo: ""
+ comment_id: ${{ steps.add-comment.outputs.comment-id }}
+ comment_repo: ${{ steps.add-comment.outputs.comment-repo }}
+ comment_url: ${{ steps.add-comment.outputs.comment-url }}
daily_effective_workflow_exceeded: ${{ steps.daily-effective-workflow-guardrail.outputs.daily_effective_workflow_exceeded == 'true' }}
daily_effective_workflow_threshold: ${{ steps.daily-effective-workflow-guardrail.outputs.daily_effective_workflow_threshold || '' }}
daily_effective_workflow_total_effective_tokens: ${{ steps.daily-effective-workflow-guardrail.outputs.daily_effective_workflow_total_effective_tokens || '' }}
@@ -111,6 +133,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -182,6 +205,19 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_daily_effective_workflow_guardrail.cjs');
await main();
+ - name: Add eyes reaction for immediate feedback
+ id: react
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_REACTION: "eyes"
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/add_reaction.cjs');
+ await main();
- name: Validate CODEX_API_KEY or OPENAI_API_KEY secret
id: validate-secret
run: bash "${RUNNER_TEMP}/gh-aw/actions/validate_multi_secret.sh" CODEX_API_KEY OPENAI_API_KEY Codex https://github.github.com/gh-aw/reference/engines/#openai-codex
@@ -234,6 +270,18 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/compute_text.cjs');
await main();
+ - name: Add comment with workflow run link
+ id: add-comment
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_WORKFLOW_NAME: "Smoke Call Workflow"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/add_workflow_run_comment.cjs');
+ await main();
- name: Create prompt with built-in context
env:
GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
@@ -246,24 +294,25 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_5db6d1602c4f234f_EOF'
+ cat << 'GH_AW_PROMPT_7cdadcff7ec45fcf_EOF'
- GH_AW_PROMPT_5db6d1602c4f234f_EOF
+ GH_AW_PROMPT_7cdadcff7ec45fcf_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_5db6d1602c4f234f_EOF'
+ cat << 'GH_AW_PROMPT_7cdadcff7ec45fcf_EOF'
Tools: call_workflow, missing_tool, missing_data, noop
- GH_AW_PROMPT_5db6d1602c4f234f_EOF
+ GH_AW_PROMPT_7cdadcff7ec45fcf_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_5db6d1602c4f234f_EOF'
+ cat << 'GH_AW_PROMPT_7cdadcff7ec45fcf_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -292,13 +341,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_5db6d1602c4f234f_EOF
+ GH_AW_PROMPT_7cdadcff7ec45fcf_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_5db6d1602c4f234f_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_7cdadcff7ec45fcf_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-call-workflow.md}}
- GH_AW_PROMPT_5db6d1602c4f234f_EOF
+ GH_AW_PROMPT_7cdadcff7ec45fcf_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -323,8 +375,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -344,8 +398,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -517,9 +573,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_d8dca6e42e53ea85_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_493e539c98e5d11b_EOF'
{"call_workflow":{"max":1,"workflow_files":{"smoke-workflow-call":"./.github/workflows/smoke-workflow-call.lock.yml"},"workflows":["smoke-workflow-call"]},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_d8dca6e42e53ea85_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_493e539c98e5d11b_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -716,7 +772,7 @@ jobs:
DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0')
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
- cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_df5bb562d7d561f8_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_6b4e6a3af55af611_EOF
[history]
persistence = "none"
@@ -743,11 +799,11 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_df5bb562d7d561f8_EOF
+ GH_AW_MCP_CONFIG_6b4e6a3af55af611_EOF
# Generate JSON config for MCP gateway
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_df5bb562d7d561f8_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_6b4e6a3af55af611_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -792,11 +848,11 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_df5bb562d7d561f8_EOF
+ GH_AW_MCP_CONFIG_6b4e6a3af55af611_EOF
# Sync converter output to writable CODEX_HOME for Codex
mkdir -p /tmp/gh-aw/mcp-config
- cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_fa35aa2b97180978_EOF
+ cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_2edca72be673f03f_EOF
model_provider = "openai-proxy"
@@ -808,7 +864,7 @@ jobs:
[shell_environment_policy]
inherit = "core"
include_only = ["^CODEX_API_KEY$", "^GH_AW_ASSETS_ALLOWED_EXTS$", "^GH_AW_ASSETS_BRANCH$", "^GH_AW_ASSETS_MAX_SIZE_KB$", "^GH_AW_SAFE_OUTPUTS$", "^GITHUB_PERSONAL_ACCESS_TOKEN$", "^GITHUB_REPOSITORY$", "^GITHUB_SERVER_URL$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"]
- GH_AW_CODEX_SHELL_POLICY_fa35aa2b97180978_EOF
+ GH_AW_CODEX_SHELL_POLICY_2edca72be673f03f_EOF
awk '
BEGIN { skip_openai_proxy = 0 }
/^[[:space:]]*model_provider[[:space:]]*=/ { next }
@@ -943,6 +999,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,172.30.0.1,::1,api.openai.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,chatgpt.com,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,openai.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,readthedocs.io,readthedocs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,snyk.io,sonarcloud.io,sonarqube.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-call-workflow\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1229,6 +1286,27 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/handle_agent_failure.cjs');
await main();
+ - name: Update reaction comment with completion status
+ id: conclusion
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_AGENT_OUTPUT: ${{ steps.setup-agent-output-env.outputs.GH_AW_AGENT_OUTPUT }}
+ GH_AW_COMMENT_ID: ${{ needs.activation.outputs.comment_id }}
+ GH_AW_COMMENT_REPO: ${{ needs.activation.outputs.comment_repo }}
+ GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+ GH_AW_WORKFLOW_NAME: "Smoke Call Workflow"
+ GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
+ GH_AW_SAFE_OUTPUTS_RESULT: ${{ needs.safe_outputs.result }}
+ GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
+ GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
+ GH_AW_SAFE_OUTPUT_JOBS: "{\"call-smoke-workflow-call\":\"\"}"
+ with:
+ github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/notify_comment_error.cjs');
+ await main();
detection:
needs:
@@ -1386,18 +1464,18 @@ jobs:
DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0')
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
- cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_d41b5c2703142848_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_59af077345b1efdf_EOF
[history]
persistence = "none"
[shell_environment_policy]
inherit = "core"
include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"]
- GH_AW_MCP_CONFIG_d41b5c2703142848_EOF
+ GH_AW_MCP_CONFIG_59af077345b1efdf_EOF
# Generate JSON config for MCP gateway
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_852f543011a516f6_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_86c58e2a0b00c686_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
},
@@ -1408,11 +1486,11 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_852f543011a516f6_EOF
+ GH_AW_MCP_CONFIG_86c58e2a0b00c686_EOF
# Sync converter output to writable CODEX_HOME for Codex
mkdir -p /tmp/gh-aw/mcp-config
- cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_ff0e6b4477b39037_EOF
+ cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_c77ce83186788eca_EOF
model_provider = "openai-proxy"
[model_providers.openai-proxy]
name = "OpenAI AWF proxy"
@@ -1422,7 +1500,7 @@ jobs:
[shell_environment_policy]
inherit = "core"
include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"]
- GH_AW_CODEX_SHELL_POLICY_ff0e6b4477b39037_EOF
+ GH_AW_CODEX_SHELL_POLICY_c77ce83186788eca_EOF
awk '
BEGIN { skip_openai_proxy = 0 }
/^[[:space:]]*model_provider[[:space:]]*=/ { next }
@@ -1521,15 +1599,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-call-workflow ') || startsWith(github.event.issue.body, '/smoke-call-workflow\n') || github.event.issue.body == '/smoke-call-workflow') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-call-workflow ') || startsWith(github.event.pull_request.body, '/smoke-call-workflow\n') || github.event.pull_request.body == '/smoke-call-workflow') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-call-workflow ') || startsWith(github.event.discussion.body, '/smoke-call-workflow\n') || github.event.discussion.body == '/smoke-call-workflow') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1553,7 +1629,7 @@ jobs:
GH_AW_INFO_VERSION: "0.135.0"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "codex"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1565,6 +1641,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-call-workflow\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1577,6 +1664,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-call-workflow"
+ GH_AW_COMMANDS: "[\"smoke-call-workflow\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-call-workflow.md b/.github/workflows/smoke-call-workflow.md
index c090b1be3b0..6626e9c5706 100644
--- a/.github/workflows/smoke-call-workflow.md
+++ b/.github/workflows/smoke-call-workflow.md
@@ -3,6 +3,7 @@ emoji: "🧪"
name: Smoke Call Workflow
description: Smoke test for the call-workflow safe output - orchestrator that calls a worker via workflow_call at compile-time fan-out
on:
+ slash_command: smoke-call-workflow
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml
index 4ab634af3c3..d0681f8fd34 100644
--- a/.github/workflows/smoke-claude.lock.yml
+++ b/.github/workflows/smoke-claude.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"fdc5a8e9ae741701aa70f3c250d1645495939ca7efbb45b458f305e1ebec189d","body_hash":"53cbf40aa3b166906283c592df5eaaf98f7ae83ac7bfa99d4a939413a804dd24","agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"aeab7d4f45eebb569410e2fcdab09da5c5947952b679d6b4c4705aa1ad490dcc","body_hash":"53cbf40aa3b166906283c592df5eaaf98f7ae83ac7bfa99d4a939413a804dd24","agent_id":"claude"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","TAVILY_API_KEY"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"},{"repo":"github/codeql-action/upload-sarif","sha":"7211b7c8077ea37d8641b6271f6a365a22a5fbfa","version":"v4.36.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -76,11 +76,32 @@
name: "Smoke Claude"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -92,8 +113,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Claude"
@@ -108,13 +128,12 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-claude ') || startsWith(github.event.issue.body, '/smoke-claude\n') || github.event.issue.body == '/smoke-claude') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-claude ') || startsWith(github.event.pull_request.body, '/smoke-claude\n') || github.event.pull_request.body == '/smoke-claude') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-claude ') || startsWith(github.event.discussion.body, '/smoke-claude\n') || github.event.discussion.body == '/smoke-claude') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
@@ -132,6 +151,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -293,13 +313,14 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_2b9309e0b1a951c7_EOF'
+ cat << 'GH_AW_PROMPT_f0826beead8d7c82_EOF'
- GH_AW_PROMPT_2b9309e0b1a951c7_EOF
+ GH_AW_PROMPT_f0826beead8d7c82_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -307,16 +328,16 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_2b9309e0b1a951c7_EOF'
+ cat << 'GH_AW_PROMPT_f0826beead8d7c82_EOF'
Tools: add_comment(max:2), create_issue, close_pull_request, update_pull_request, create_pull_request_review_comment(max:5), submit_pull_request_review, resolve_pull_request_review_thread(max:5), add_labels, add_reviewer(max:2), push_to_pull_request_branch, create_code_scanning_alert, create_check_run, missing_tool, missing_data, noop, post_slack_message
- GH_AW_PROMPT_2b9309e0b1a951c7_EOF
+ GH_AW_PROMPT_f0826beead8d7c82_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_push_to_pr_branch.md"
- cat << 'GH_AW_PROMPT_2b9309e0b1a951c7_EOF'
+ cat << 'GH_AW_PROMPT_f0826beead8d7c82_EOF'
- GH_AW_PROMPT_2b9309e0b1a951c7_EOF
+ GH_AW_PROMPT_f0826beead8d7c82_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_2b9309e0b1a951c7_EOF'
+ cat << 'GH_AW_PROMPT_f0826beead8d7c82_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -358,9 +379,15 @@ jobs:
stop immediately and report the limitation rather than spending turns trying to work around it.
- GH_AW_PROMPT_2b9309e0b1a951c7_EOF
+ GH_AW_PROMPT_f0826beead8d7c82_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_2b9309e0b1a951c7_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_push_to_pr_branch_guidance.md"
+ fi
+ cat << 'GH_AW_PROMPT_f0826beead8d7c82_EOF'
## Serena Code Analysis
@@ -744,7 +771,7 @@ jobs:
{{#runtime-import shared/noop-reminder.md}}
- GH_AW_PROMPT_2b9309e0b1a951c7_EOF
+ GH_AW_PROMPT_f0826beead8d7c82_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -777,8 +804,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: "- `mcpscripts` — run `mcpscripts --help` to see available tools\n- `safeoutputs` — run `safeoutputs --help` to see available tools"
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -802,8 +831,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_SERVER_URL: process.env.GH_AW_GITHUB_SERVER_URL,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -1082,9 +1113,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_bc46f3d204c28c8d_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_f32cc23789f1f713_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-claude"]},"add_reviewer":{"max":2,"target":"*"},"close_pull_request":{"max":1,"staged":true},"create_check_run":{"max":1,"name":"Smoke Claude: Agent Status"},"create_code_scanning_alert":{"driver":"Smoke Claude"},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-claude","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT","target":"*"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"post_slack_message":{"description":"Post a message to a fictitious Slack channel (smoke test only — no real Slack integration)","inputs":{"channel":{"default":"#general","description":"Slack channel name to post to","required":false,"type":"string"},"message":{"description":"Message text to post","required":false,"type":"string"}}},"push_to_pull_request_branch":{"allowed_files":["smoke-test-files/smoke-claude-push-test.md"],"if_no_changes":"warn","max_patch_size":1024,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","CLAUDE.md","AGENTS.md"],"required_labels":["smoke-claude"],"staged":true,"target":"*"},"report_incomplete":{},"resolve_pull_request_review_thread":{"max":5},"submit_pull_request_review":{"footer":"always","max":1},"update_pull_request":{"allow_body":true,"allow_title":true,"max":1,"target":"*","update_branch":false}}
- GH_AW_SAFE_OUTPUTS_CONFIG_bc46f3d204c28c8d_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_f32cc23789f1f713_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1533,7 +1564,7 @@ jobs:
- name: Write MCP Scripts Config
run: |
mkdir -p "${RUNNER_TEMP}/gh-aw/mcp-scripts/logs"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_d04cc69f113d7b1d_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_9cdef67c68a5b136_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -1663,8 +1694,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_d04cc69f113d7b1d_EOF
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_8c0b9245ee8547c8_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_9cdef67c68a5b136_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_d7b4d95d4cb0d37d_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -1678,12 +1709,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_8c0b9245ee8547c8_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_d7b4d95d4cb0d37d_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs"
- name: Write MCP Scripts Tool Files
run: |
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_b8c724f2a24fda32_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_960094a635cd6c7c_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1820,9 +1851,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_b8c724f2a24fda32_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_960094a635cd6c7c_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_f073dd16d22071d2_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_7fb69814400e716b_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1902,9 +1933,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_f073dd16d22071d2_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_7fb69814400e716b_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_9b3075b383ebea56_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_2efad3753abc3009_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1990,9 +2021,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_9b3075b383ebea56_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_2efad3753abc3009_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh" << 'GH_AW_MCP_SCRIPTS_SH_GO_7ca838c3c7a788bd_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh" << 'GH_AW_MCP_SCRIPTS_SH_GO_b2fe128bb0145948_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: go
# Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -2004,9 +2035,9 @@ jobs:
go $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GO_7ca838c3c7a788bd_EOF
+ GH_AW_MCP_SCRIPTS_SH_GO_b2fe128bb0145948_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh" << 'GH_AW_MCP_SCRIPTS_SH_MAKE_b40247bf949b7057_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh" << 'GH_AW_MCP_SCRIPTS_SH_MAKE_f65c18f85fd3dad4_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: make
# Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -2018,7 +2049,7 @@ jobs:
make $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_MAKE_b40247bf949b7057_EOF
+ GH_AW_MCP_SCRIPTS_SH_MAKE_f65c18f85fd3dad4_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh"
- name: Generate MCP Scripts Server Config
@@ -2093,7 +2124,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -e GH_TOKEN -e TAVILY_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_c174f20e7820e4cd_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_e94380aa05061ae5_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"agenticworkflows": {
@@ -2201,7 +2232,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_c174f20e7820e4cd_EOF
+ GH_AW_MCP_CONFIG_e94380aa05061ae5_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -2451,6 +2482,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,anthropic.com,api.anthropic.com,api.github.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,cdn.playwright.dev,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,files.pythonhosted.org,ghcr.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,go.dev,golang.org,goproxy.io,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,mcp.tavily.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,pkg.go.dev,playwright.download.prss.microsoft.com,ppa.launchpad.net,proxy.golang.org,pypi.org,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,sentry.io,shields.io,snyk.io,sonarcloud.io,sonarqube.com,statsig.anthropic.com,storage.googleapis.com,sum.golang.org,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-claude\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -3008,15 +3040,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-claude ') || startsWith(github.event.issue.body, '/smoke-claude\n') || github.event.issue.body == '/smoke-claude') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-claude ') || startsWith(github.event.pull_request.body, '/smoke-claude\n') || github.event.pull_request.body == '/smoke-claude') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-claude ') || startsWith(github.event.discussion.body, '/smoke-claude\n') || github.event.discussion.body == '/smoke-claude') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -3040,7 +3070,7 @@ jobs:
GH_AW_INFO_VERSION: "2.1.156"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "claude"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -3052,6 +3082,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-claude\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -3070,6 +3111,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-claude"
+ GH_AW_COMMANDS: "[\"smoke-claude\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
@@ -3144,7 +3186,7 @@ jobs:
echo "GH_HOST=${GH_HOST}" >> "$GITHUB_ENV"
- name: Configure Safe Outputs Custom Scripts
run: |
- cat > "${RUNNER_TEMP}/gh-aw/actions/safe_output_script_post_slack_message.cjs" << 'GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_fa079d5e1538e807_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/actions/safe_output_script_post_slack_message.cjs" << 'GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_7be68ac466c0688a_EOF'
// @ts-check
///
// Auto-generated safe-output script handler: post-slack-message
@@ -3164,7 +3206,7 @@ jobs:
}
module.exports = { main };
- GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_fa079d5e1538e807_EOF
+ GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_7be68ac466c0688a_EOF
- name: Process Safe Outputs
id: process_safe_outputs
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/smoke-claude.md b/.github/workflows/smoke-claude.md
index 802d44da146..e92baed1c1b 100644
--- a/.github/workflows/smoke-claude.md
+++ b/.github/workflows/smoke-claude.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke test workflow that validates Claude engine functionality by reviewing recent PRs twice daily
on:
+ slash_command: smoke-claude
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml
index 3efec6bdd29..aef3d969094 100644
--- a/.github/workflows/smoke-codex.lock.yml
+++ b/.github/workflows/smoke-codex.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"fd80843f44c564e8bf326e422c2ba961efb7e63309d34a97af41a45f898290af","body_hash":"3f86f90be7b76e4f629470b1e5dbf494f15ff00577f4598b6782cfb26007f947","agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"8b7f8ab2c767056b1db2e66a2fab46ac4bb7a076a2d43a6ae8a2987d37230d3c","body_hash":"3f86f90be7b76e4f629470b1e5dbf494f15ff00577f4598b6782cfb26007f947","agent_id":"codex"}
# gh-aw-manifest: {"version":1,"secrets":["CODEX_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","OPENAI_API_KEY"],"actions":[{"repo":"actions-ecosystem/action-add-labels","sha":"c96b68fec76a0987cd93957189e9abd0b9a72ff1","version":"v1.1.3"},{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -69,11 +69,32 @@
name: "Smoke Codex"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -85,8 +106,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Codex"
@@ -101,13 +121,12 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-codex ') || startsWith(github.event.issue.body, '/smoke-codex\n') || github.event.issue.body == '/smoke-codex') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-codex ') || startsWith(github.event.pull_request.body, '/smoke-codex\n') || github.event.pull_request.body == '/smoke-codex') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-codex ') || startsWith(github.event.discussion.body, '/smoke-codex\n') || github.event.discussion.body == '/smoke-codex') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
@@ -125,6 +144,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -288,29 +308,30 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_34aea7870de2ff9c_EOF'
+ cat << 'GH_AW_PROMPT_3c0f916e92f35f20_EOF'
- GH_AW_PROMPT_34aea7870de2ff9c_EOF
+ GH_AW_PROMPT_3c0f916e92f35f20_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/playwright_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_34aea7870de2ff9c_EOF'
+ cat << 'GH_AW_PROMPT_3c0f916e92f35f20_EOF'
Tools: add_comment(max:2), create_issue, add_labels, remove_labels, unassign_from_user, hide_comment(max:5), set_issue_field, missing_tool, missing_data, noop, add_smoked_label
- GH_AW_PROMPT_34aea7870de2ff9c_EOF
+ GH_AW_PROMPT_3c0f916e92f35f20_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_comment_memory.md"
- cat << 'GH_AW_PROMPT_34aea7870de2ff9c_EOF'
+ cat << 'GH_AW_PROMPT_3c0f916e92f35f20_EOF'
- GH_AW_PROMPT_34aea7870de2ff9c_EOF
+ GH_AW_PROMPT_3c0f916e92f35f20_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_34aea7870de2ff9c_EOF'
+ cat << 'GH_AW_PROMPT_3c0f916e92f35f20_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -352,9 +373,12 @@ jobs:
stop immediately and report the limitation rather than spending turns trying to work around it.
- GH_AW_PROMPT_34aea7870de2ff9c_EOF
+ GH_AW_PROMPT_3c0f916e92f35f20_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_34aea7870de2ff9c_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_3c0f916e92f35f20_EOF'
## Serena Code Analysis
@@ -395,7 +419,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-codex.md}}
- GH_AW_PROMPT_34aea7870de2ff9c_EOF
+ GH_AW_PROMPT_3c0f916e92f35f20_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -430,8 +454,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -456,8 +482,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_SERVER_URL: process.env.GH_AW_GITHUB_SERVER_URL,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -672,9 +700,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_3ec85175bbd18228_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_c479273e2e422054_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-codex"]},"add_smoked_label":true,"comment_memory":{"max":1,"memory_id":"default"},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-codex","expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"hide_comment":{"max":5},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"report_incomplete":{},"set_issue_field":{"allowed_fields":["*"],"max":1},"unassign_from_user":{"allowed":["githubactionagent"],"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_3ec85175bbd18228_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_c479273e2e422054_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1068,7 +1096,7 @@ jobs:
DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0')
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
- cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_6e05fde6dfa55c7d_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_d52abf101afed3c0_EOF
[history]
persistence = "none"
@@ -1110,11 +1138,11 @@ jobs:
[mcp_servers.serena."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_6e05fde6dfa55c7d_EOF
+ GH_AW_MCP_CONFIG_d52abf101afed3c0_EOF
# Generate JSON config for MCP gateway
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_6e05fde6dfa55c7d_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_d52abf101afed3c0_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -1185,11 +1213,11 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_6e05fde6dfa55c7d_EOF
+ GH_AW_MCP_CONFIG_d52abf101afed3c0_EOF
# Sync converter output to writable CODEX_HOME for Codex
mkdir -p /tmp/gh-aw/mcp-config
- cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_6300826564158277_EOF
+ cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_74055f55fd38d036_EOF
model_provider = "openai-proxy"
@@ -1201,7 +1229,7 @@ jobs:
[shell_environment_policy]
inherit = "core"
include_only = ["^CODEX_API_KEY$", "^GH_AW_ASSETS_ALLOWED_EXTS$", "^GH_AW_ASSETS_BRANCH$", "^GH_AW_ASSETS_MAX_SIZE_KB$", "^GH_AW_SAFE_OUTPUTS$", "^GITHUB_PERSONAL_ACCESS_TOKEN$", "^GITHUB_REPOSITORY$", "^GITHUB_SERVER_URL$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"]
- GH_AW_CODEX_SHELL_POLICY_6300826564158277_EOF
+ GH_AW_CODEX_SHELL_POLICY_74055f55fd38d036_EOF
awk '
BEGIN { skip_openai_proxy = 0 }
/^[[:space:]]*model_provider[[:space:]]*=/ { next }
@@ -1336,6 +1364,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,172.30.0.1,::1,api.openai.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,cdn.playwright.dev,chatgpt.com,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,go.dev,golang.org,goproxy.io,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,openai.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,pkg.go.dev,playwright.download.prss.microsoft.com,ppa.launchpad.net,proxy.golang.org,raw.githubusercontent.com,readthedocs.io,readthedocs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,snyk.io,sonarcloud.io,sonarqube.com,storage.googleapis.com,sum.golang.org,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-codex\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1833,18 +1862,18 @@ jobs:
DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0')
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
- cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_2d1c1f435eb379d2_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_0505282866bf8277_EOF
[history]
persistence = "none"
[shell_environment_policy]
inherit = "core"
include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"]
- GH_AW_MCP_CONFIG_2d1c1f435eb379d2_EOF
+ GH_AW_MCP_CONFIG_0505282866bf8277_EOF
# Generate JSON config for MCP gateway
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_8eb092e2863adc9a_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_ddb2bad4f2e72e1d_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
},
@@ -1855,11 +1884,11 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_8eb092e2863adc9a_EOF
+ GH_AW_MCP_CONFIG_ddb2bad4f2e72e1d_EOF
# Sync converter output to writable CODEX_HOME for Codex
mkdir -p /tmp/gh-aw/mcp-config
- cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_3111c960c0860363_EOF
+ cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_4c16ccbbcf589a2e_EOF
model_provider = "openai-proxy"
[model_providers.openai-proxy]
name = "OpenAI AWF proxy"
@@ -1869,7 +1898,7 @@ jobs:
[shell_environment_policy]
inherit = "core"
include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"]
- GH_AW_CODEX_SHELL_POLICY_3111c960c0860363_EOF
+ GH_AW_CODEX_SHELL_POLICY_4c16ccbbcf589a2e_EOF
awk '
BEGIN { skip_openai_proxy = 0 }
/^[[:space:]]*model_provider[[:space:]]*=/ { next }
@@ -1968,15 +1997,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-codex ') || startsWith(github.event.issue.body, '/smoke-codex\n') || github.event.issue.body == '/smoke-codex') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-codex ') || startsWith(github.event.pull_request.body, '/smoke-codex\n') || github.event.pull_request.body == '/smoke-codex') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-codex ') || startsWith(github.event.discussion.body, '/smoke-codex\n') || github.event.discussion.body == '/smoke-codex') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -2000,7 +2027,7 @@ jobs:
GH_AW_INFO_VERSION: "0.135.0"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "codex"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -2012,6 +2039,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-codex\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -2028,6 +2066,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-codex"
+ GH_AW_COMMANDS: "[\"smoke-codex\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-codex.md b/.github/workflows/smoke-codex.md
index f302b9ea718..80d3fc879ff 100644
--- a/.github/workflows/smoke-codex.md
+++ b/.github/workflows/smoke-codex.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke test workflow that validates Codex engine functionality by reviewing recent PRs twice daily
on:
+ slash_command: smoke-codex
workflow_dispatch:
inputs:
aw_context:
diff --git a/.github/workflows/smoke-copilot-arm.lock.yml b/.github/workflows/smoke-copilot-arm.lock.yml
index d3a4c64f30e..252a8fe9750 100644
--- a/.github/workflows/smoke-copilot-arm.lock.yml
+++ b/.github/workflows/smoke-copilot-arm.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"9d8aaa4967882812973f3e1f7654317927df74663fe46d31050fa454d367c088","body_hash":"5eaf4508ba953bd071b80322ab9aa26daf1e6ccfbc52bc2410d1c36a9f36b334","agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"89b620ce7bebb6281a9ecf6fe404616e2f9c34b296dd833190a6bfe4c252f012","body_hash":"5eaf4508ba953bd071b80322ab9aa26daf1e6ccfbc52bc2410d1c36a9f36b334","agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -68,11 +68,32 @@
name: "Smoke Copilot ARM64"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - water # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -84,8 +105,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Copilot ARM64"
@@ -100,13 +120,12 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-copilot-arm ') || startsWith(github.event.issue.body, '/smoke-copilot-arm\n') || github.event.issue.body == '/smoke-copilot-arm') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-copilot-arm ') || startsWith(github.event.pull_request.body, '/smoke-copilot-arm\n') || github.event.pull_request.body == '/smoke-copilot-arm') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-copilot-arm ') || startsWith(github.event.discussion.body, '/smoke-copilot-arm\n') || github.event.discussion.body == '/smoke-copilot-arm') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
@@ -124,6 +143,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -285,13 +305,14 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_6632f4dcb0796d35_EOF'
+ cat << 'GH_AW_PROMPT_8b17bd52f5074603_EOF'
- GH_AW_PROMPT_6632f4dcb0796d35_EOF
+ GH_AW_PROMPT_8b17bd52f5074603_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -299,13 +320,13 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_6632f4dcb0796d35_EOF'
+ cat << 'GH_AW_PROMPT_8b17bd52f5074603_EOF'
Tools: add_comment(max:2), create_issue, create_discussion, create_pull_request_review_comment(max:5), submit_pull_request_review, add_labels, remove_labels, dispatch_workflow, missing_tool, missing_data, noop, send_slack_message
- GH_AW_PROMPT_6632f4dcb0796d35_EOF
+ GH_AW_PROMPT_8b17bd52f5074603_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_6632f4dcb0796d35_EOF'
+ cat << 'GH_AW_PROMPT_8b17bd52f5074603_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -334,9 +355,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_6632f4dcb0796d35_EOF
+ GH_AW_PROMPT_8b17bd52f5074603_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_6632f4dcb0796d35_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_8b17bd52f5074603_EOF'
## Serena Code Analysis
@@ -377,7 +401,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-copilot-arm.md}}
- GH_AW_PROMPT_6632f4dcb0796d35_EOF
+ GH_AW_PROMPT_8b17bd52f5074603_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -410,8 +434,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: "- `agenticworkflows` — run `agenticworkflows --help` to see available tools\n- `mcpscripts` — run `mcpscripts --help` to see available tools\n- `safeoutputs` — run `safeoutputs --help` to see available tools\n- `serena` — run `serena --help` to see available tools"
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -435,8 +461,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_SERVER_URL: process.env.GH_AW_GITHUB_SERVER_URL,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -706,9 +734,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_e4d80458d6b76e87_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_16c180a10120adc9_EOF'
{"add_comment":{"allowed_repos":["github/gh-aw"],"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-copilot-arm"],"allowed_repos":["github/gh-aw"]},"create_discussion":{"category":"announcements","close_older_discussions":true,"expires":2,"fallback_to_issue":true,"labels":["ai-generated"],"max":1},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-copilot-arm","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT"},"create_report_incomplete_issue":{},"dispatch_workflow":{"max":1,"workflow_files":{"haiku-printer":".yml"},"workflows":["haiku-printer"]},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"report_incomplete":{},"send-slack-message":{"description":"Send a message to Slack (stub for testing)","inputs":{"message":{"description":"The message to send","required":false,"type":"string"}},"output":"Slack message stub executed!"},"submit_pull_request_review":{"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_e4d80458d6b76e87_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_16c180a10120adc9_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1072,7 +1100,7 @@ jobs:
- name: Write MCP Scripts Config
run: |
mkdir -p "${RUNNER_TEMP}/gh-aw/mcp-scripts/logs"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_7bb2656447845ce0_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_785e718cd8bc1e67_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -1166,8 +1194,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_7bb2656447845ce0_EOF
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_8a693cc824f8ee4d_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_785e718cd8bc1e67_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_dca70f42e398bc8e_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -1181,12 +1209,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_8a693cc824f8ee4d_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_dca70f42e398bc8e_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs"
- name: Write MCP Scripts Tool Files
run: |
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_70fd2da42fd60fd8_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_f590a57181d65683_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1323,9 +1351,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_70fd2da42fd60fd8_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_f590a57181d65683_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_2446710ab7cd4e1b_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_e01863c9de76bd98_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1405,9 +1433,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_2446710ab7cd4e1b_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_e01863c9de76bd98_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_e795c0b64c3a6d70_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_08e558e39f9dc555_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1493,7 +1521,7 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_e795c0b64c3a6d70_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_08e558e39f9dc555_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh"
- name: Generate MCP Scripts Server Config
@@ -1573,7 +1601,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_59fae5df0a3fc8b5_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_0a9982489ada886e_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"agenticworkflows": {
@@ -1681,7 +1709,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_59fae5df0a3fc8b5_EOF
+ GH_AW_MCP_CONFIG_0a9982489ada886e_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1827,6 +1855,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.npms.io,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,bun.sh,cdn.jsdelivr.net,cdn.playwright.dev,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deepsource.io,deno.land,docs.github.com,drone.io,esm.sh,get.pnpm.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,go.dev,golang.org,googleapis.deno.dev,googlechromelabs.github.io,goproxy.io,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,jsr.io,keyserver.ubuntu.com,lfs.github.com,localhost,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,pkg.go.dev,playwright.download.prss.microsoft.com,ppa.launchpad.net,proxy.golang.org,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,renovatebot.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,skimdb.npmjs.com,snyk.io,sonarcloud.io,sonarqube.com,storage.googleapis.com,sum.golang.org,telemetry.enterprise.githubcopilot.com,telemetry.vercel.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com,www.npmjs.com,www.npmjs.org,yarnpkg.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-copilot-arm\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -2380,15 +2409,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-copilot-arm ') || startsWith(github.event.issue.body, '/smoke-copilot-arm\n') || github.event.issue.body == '/smoke-copilot-arm') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-copilot-arm ') || startsWith(github.event.pull_request.body, '/smoke-copilot-arm\n') || github.event.pull_request.body == '/smoke-copilot-arm') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-copilot-arm ') || startsWith(github.event.discussion.body, '/smoke-copilot-arm\n') || github.event.discussion.body == '/smoke-copilot-arm') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -2412,7 +2439,7 @@ jobs:
GH_AW_INFO_VERSION: "1.0.55"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "copilot"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -2424,6 +2451,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-copilot-arm\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -2441,6 +2479,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-copilot-arm"
+ GH_AW_COMMANDS: "[\"smoke-copilot-arm\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-copilot-arm.md b/.github/workflows/smoke-copilot-arm.md
index 70a39acecb3..eb727c29118 100644
--- a/.github/workflows/smoke-copilot-arm.md
+++ b/.github/workflows/smoke-copilot-arm.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke Copilot ARM64
on:
+ slash_command: smoke-copilot-arm
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-copilot-sdk.lock.yml b/.github/workflows/smoke-copilot-sdk.lock.yml
index 22a68ceb61c..e6388b6d9b0 100644
--- a/.github/workflows/smoke-copilot-sdk.lock.yml
+++ b/.github/workflows/smoke-copilot-sdk.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"4ec20cf53ea166c9409b8c93d883b5a0b612655de5f082265713c39f6f328ee3","body_hash":"c29aab69d3ce89bf57c600eccadae2604be0217feaf2b4247ae6c5a2d6c1d01d","strict":true,"agent_id":"copilot","agent_model":"gpt-5.4"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"060f21fc34dc7679b7dc6b32e39bf6c3c4a96a87ec1a870b53cd879a7060978c","body_hash":"c29aab69d3ce89bf57c600eccadae2604be0217feaf2b4247ae6c5a2d6c1d01d","strict":true,"agent_id":"copilot","agent_model":"gpt-5.4"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -48,9 +48,33 @@
name: "Smoke Copilot SDK"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
types:
+ - opened
+ - edited
+ - reopened
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -58,32 +82,27 @@ on:
description: "Agent caller context (used internally by Agentic Workflows)."
required: false
type: string
- item_number:
- default: ""
- description: The number of the issue, pull request, or discussion
- required: false
- type: string
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}-${{ github.event.label.name || github.run_id }}"
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Copilot SDK"
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && (github.event_name == 'pull_request' && github.event.label.name == 'smoke-sdk' ||
- !(github.event_name == 'pull_request'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-copilot-sdk ') || startsWith(github.event.issue.body, '/smoke-copilot-sdk\n') || github.event.issue.body == '/smoke-copilot-sdk') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-copilot-sdk ') || startsWith(github.event.pull_request.body, '/smoke-copilot-sdk\n') || github.event.pull_request.body == '/smoke-copilot-sdk') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-copilot-sdk ') || startsWith(github.event.discussion.body, '/smoke-copilot-sdk\n') || github.event.discussion.body == '/smoke-copilot-sdk') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')) || github.event_name == 'pull_request' && github.event.label.name == 'smoke-sdk')"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
+ body: ${{ steps.sanitized.outputs.body }}
comment_id: ${{ steps.add-comment.outputs.comment-id }}
comment_repo: ${{ steps.add-comment.outputs.comment-repo }}
comment_url: ${{ steps.add-comment.outputs.comment-url }}
@@ -98,7 +117,10 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
+ text: ${{ steps.sanitized.outputs.text }}
+ title: ${{ steps.sanitized.outputs.title }}
steps:
- name: Checkout actions folder
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -220,6 +242,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_workflow_timestamp_api.cjs');
await main();
+ - name: Compute current body text
+ id: sanitized
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/compute_text.cjs');
+ await main();
- name: Add comment with workflow run link
id: add-comment
if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
@@ -258,24 +291,25 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_621482cc32c8c45f_EOF'
+ cat << 'GH_AW_PROMPT_88bb64c093b05d07_EOF'
- GH_AW_PROMPT_621482cc32c8c45f_EOF
+ GH_AW_PROMPT_88bb64c093b05d07_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_621482cc32c8c45f_EOF'
+ cat << 'GH_AW_PROMPT_88bb64c093b05d07_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_621482cc32c8c45f_EOF
+ GH_AW_PROMPT_88bb64c093b05d07_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_621482cc32c8c45f_EOF'
+ cat << 'GH_AW_PROMPT_88bb64c093b05d07_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -304,12 +338,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_621482cc32c8c45f_EOF
+ GH_AW_PROMPT_88bb64c093b05d07_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_621482cc32c8c45f_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_88bb64c093b05d07_EOF'
{{#runtime-import .github/workflows/smoke-copilot-sdk.md}}
- GH_AW_PROMPT_621482cc32c8c45f_EOF
+ GH_AW_PROMPT_88bb64c093b05d07_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -338,8 +375,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -360,8 +399,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_SERVER_URL: process.env.GH_AW_GITHUB_SERVER_URL,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -533,9 +574,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_da99e9e70250a2d0_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_765a2737e8c7b0f7_EOF'
{"create_issue":{"close_older_issues":true,"close_older_key":"smoke-copilot-sdk","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_da99e9e70250a2d0_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_765a2737e8c7b0f7_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -743,7 +784,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_fe219e884a7d092c_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_845b346914e1548c_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -784,7 +825,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_fe219e884a7d092c_EOF
+ GH_AW_MCP_CONFIG_845b346914e1548c_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -930,6 +971,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-copilot-sdk\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1433,13 +1475,13 @@ jobs:
}
pre_activation:
- if: github.event_name == 'pull_request' && github.event.label.name == 'smoke-sdk' || !(github.event_name == 'pull_request')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-copilot-sdk ') || startsWith(github.event.issue.body, '/smoke-copilot-sdk\n') || github.event.issue.body == '/smoke-copilot-sdk') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-copilot-sdk ') || startsWith(github.event.pull_request.body, '/smoke-copilot-sdk\n') || github.event.pull_request.body == '/smoke-copilot-sdk') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-copilot-sdk ') || startsWith(github.event.discussion.body, '/smoke-copilot-sdk\n') || github.event.discussion.body == '/smoke-copilot-sdk') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')) || github.event_name == 'pull_request' && github.event.label.name == 'smoke-sdk')"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1463,7 +1505,7 @@ jobs:
GH_AW_INFO_VERSION: "1.0.55"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "copilot"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1475,6 +1517,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-copilot-sdk\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1489,6 +1542,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-copilot-sdk"
+ GH_AW_COMMANDS: "[\"smoke-copilot-sdk\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-copilot-sdk.md b/.github/workflows/smoke-copilot-sdk.md
index 6fdeed86852..2ddfd200a74 100644
--- a/.github/workflows/smoke-copilot-sdk.md
+++ b/.github/workflows/smoke-copilot-sdk.md
@@ -2,6 +2,7 @@
emoji: "🔬"
description: Smoke Copilot SDK
on:
+ slash_command: smoke-copilot-sdk
workflow_dispatch:
label_command:
name: smoke-sdk
diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml
index 6c0bb42ffbf..93425b46615 100644
--- a/.github/workflows/smoke-copilot.lock.yml
+++ b/.github/workflows/smoke-copilot.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"10083a8d26e03bd1303305de6fdcb4d200188b9be7057fcad480c4678912837e","body_hash":"c2054c1d33644aad214f0f0cc8949a4f09c5d478872f4254fc413bf41d868061","agent_id":"copilot","agent_model":"gpt-5.4"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"fcbb90b61f8a1f7193579f84d7d867d1bc9141211b5885767a5bcd27b6085013","body_hash":"c2054c1d33644aad214f0f0cc8949a4f09c5d478872f4254fc413bf41d868061","agent_id":"copilot","agent_model":"gpt-5.4"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -68,9 +68,33 @@
name: "Smoke Copilot"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
types:
+ - opened
+ - edited
+ - reopened
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -78,16 +102,11 @@ on:
description: "Agent caller context (used internally by Agentic Workflows)."
required: false
type: string
- item_number:
- default: ""
- description: The number of the issue, pull request, or discussion
- required: false
- type: string
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}-${{ github.event.label.name || github.run_id }}"
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Copilot"
@@ -102,16 +121,16 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && (github.event_name == 'pull_request' && github.event.label.name == 'smoke' ||
- !(github.event_name == 'pull_request'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-copilot ') || startsWith(github.event.issue.body, '/smoke-copilot\n') || github.event.issue.body == '/smoke-copilot') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-copilot ') || startsWith(github.event.pull_request.body, '/smoke-copilot\n') || github.event.pull_request.body == '/smoke-copilot') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-copilot ') || startsWith(github.event.discussion.body, '/smoke-copilot\n') || github.event.discussion.body == '/smoke-copilot') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')) || github.event_name == 'pull_request' && github.event.label.name == 'smoke')"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
+ body: ${{ steps.sanitized.outputs.body }}
caveman: ${{ steps.pick-experiment.outputs.caveman }}
comment_id: ${{ steps.add-comment.outputs.comment-id }}
comment_repo: ${{ steps.add-comment.outputs.comment-repo }}
@@ -128,8 +147,11 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
subagent_model: ${{ steps.pick-experiment.outputs.subagent_model }}
+ text: ${{ steps.sanitized.outputs.text }}
+ title: ${{ steps.sanitized.outputs.title }}
steps:
- name: Checkout actions folder
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -253,6 +275,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_workflow_timestamp_api.cjs');
await main();
+ - name: Compute current body text
+ id: sanitized
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.npms.io,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,bun.sh,cdn.jsdelivr.net,cdn.playwright.dev,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deepsource.io,deno.land,docs.github.com,drone.io,esm.sh,get.pnpm.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,go.dev,golang.org,googleapis.deno.dev,googlechromelabs.github.io,goproxy.io,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,jsr.io,keyserver.ubuntu.com,lfs.github.com,localhost,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,pkg.go.dev,playwright.download.prss.microsoft.com,ppa.launchpad.net,proxy.golang.org,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,renovatebot.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,skimdb.npmjs.com,snyk.io,sonarcloud.io,sonarqube.com,storage.googleapis.com,sum.golang.org,telemetry.enterprise.githubcopilot.com,telemetry.vercel.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com,www.npmjs.com,www.npmjs.org,yarnpkg.com"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/compute_text.cjs');
+ await main();
- name: Add comment with workflow run link
id: add-comment
if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
@@ -324,18 +357,19 @@ jobs:
GH_AW_EXPR_802A9F6A: ${{ github.event.issue.number || (fromJSON(github.event.inputs.aw_context || github.event.client_payload.aw_context || '{}').item_type == 'issue' && fromJSON(github.event.inputs.aw_context || github.event.client_payload.aw_context || '{}').item_number) }}
GH_AW_EXPR_FF1D34CE: ${{ github.event.comment.id || fromJSON(github.event.inputs.aw_context || github.event.client_payload.aw_context || '{}').comment_id }}
GH_AW_GITHUB_ACTOR: ${{ github.actor }}
- GH_AW_GITHUB_EVENT_PULL_REQUEST_NUMBER: ${{ github.event.pull_request.number || inputs.item_number }}
+ GH_AW_GITHUB_EVENT_PULL_REQUEST_NUMBER: ${{ github.event.pull_request.number }}
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_838f1c79f6acc866_EOF'
+ cat << 'GH_AW_PROMPT_0da205c98d4777eb_EOF'
- GH_AW_PROMPT_838f1c79f6acc866_EOF
+ GH_AW_PROMPT_0da205c98d4777eb_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -343,16 +377,16 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_838f1c79f6acc866_EOF'
+ cat << 'GH_AW_PROMPT_0da205c98d4777eb_EOF'
Tools: add_comment(max:2), create_issue, create_discussion, create_pull_request_review_comment(max:5), submit_pull_request_review, reply_to_pull_request_review_comment(max:5), add_labels, remove_labels, create_check_run, set_issue_type, dispatch_workflow, missing_tool, missing_data, noop, send_slack_message
- GH_AW_PROMPT_838f1c79f6acc866_EOF
+ GH_AW_PROMPT_0da205c98d4777eb_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_comment_memory.md"
- cat << 'GH_AW_PROMPT_838f1c79f6acc866_EOF'
+ cat << 'GH_AW_PROMPT_0da205c98d4777eb_EOF'
- GH_AW_PROMPT_838f1c79f6acc866_EOF
+ GH_AW_PROMPT_0da205c98d4777eb_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_838f1c79f6acc866_EOF'
+ cat << 'GH_AW_PROMPT_0da205c98d4777eb_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -381,9 +415,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_838f1c79f6acc866_EOF
+ GH_AW_PROMPT_0da205c98d4777eb_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_838f1c79f6acc866_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_0da205c98d4777eb_EOF'
## Serena Code Analysis
@@ -424,7 +461,7 @@ jobs:
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-copilot.md}}
- GH_AW_PROMPT_838f1c79f6acc866_EOF
+ GH_AW_PROMPT_0da205c98d4777eb_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -432,7 +469,7 @@ jobs:
GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
GH_AW_ENGINE_ID: "copilot"
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
- GH_AW_GITHUB_EVENT_PULL_REQUEST_NUMBER: ${{ github.event.pull_request.number || inputs.item_number }}
+ GH_AW_GITHUB_EVENT_PULL_REQUEST_NUMBER: ${{ github.event.pull_request.number }}
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
@@ -458,13 +495,15 @@ jobs:
GH_AW_EXPR_802A9F6A: ${{ github.event.issue.number || (fromJSON(github.event.inputs.aw_context || github.event.client_payload.aw_context || '{}').item_type == 'issue' && fromJSON(github.event.inputs.aw_context || github.event.client_payload.aw_context || '{}').item_number) }}
GH_AW_EXPR_FF1D34CE: ${{ github.event.comment.id || fromJSON(github.event.inputs.aw_context || github.event.client_payload.aw_context || '{}').comment_id }}
GH_AW_GITHUB_ACTOR: ${{ github.actor }}
- GH_AW_GITHUB_EVENT_PULL_REQUEST_NUMBER: ${{ github.event.pull_request.number || inputs.item_number }}
+ GH_AW_GITHUB_EVENT_PULL_REQUEST_NUMBER: ${{ github.event.pull_request.number }}
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: "- `agenticworkflows` — run `agenticworkflows --help` to see available tools\n- `mcpscripts` — run `mcpscripts --help` to see available tools\n- `safeoutputs` — run `safeoutputs --help` to see available tools\n- `serena` — run `serena --help` to see available tools"
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -491,8 +530,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_SERVER_URL: process.env.GH_AW_GITHUB_SERVER_URL,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -771,9 +812,9 @@ jobs:
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs/upload-artifacts"
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_0a9e0eaca60cf21a_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_8c9743fdab9f7184_EOF'
{"add_comment":{"allowed_repos":["github/gh-aw"],"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-copilot"],"allowed_repos":["github/gh-aw"]},"comment_memory":{"max":1,"memory_id":"default"},"create_check_run":{"max":1,"name":"Smoke Copilot"},"create_discussion":{"category":"announcements","close_older_discussions":true,"close_older_key":"smoke-copilot","expires":2,"fallback_to_issue":true,"labels":["ai-generated"],"max":1},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-copilot","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT"},"create_report_incomplete_issue":{},"dispatch_workflow":{"max":1,"workflow_files":{"haiku-printer":".yml"},"workflows":["haiku-printer"]},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"reply_to_pull_request_review_comment":{"max":5},"report_incomplete":{},"send-slack-message":{"description":"Send a message to Slack (stub for testing)","inputs":{"message":{"description":"The message to send","required":false,"type":"string"}},"output":"Slack message stub executed!"},"set_issue_type":{},"submit_pull_request_review":{"max":1},"upload_artifact":{"max-size-bytes":104857600,"max-uploads":1,"retention-days":1,"skip-archive":true}}
- GH_AW_SAFE_OUTPUTS_CONFIG_0a9e0eaca60cf21a_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_8c9743fdab9f7184_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1204,7 +1245,7 @@ jobs:
- name: Write MCP Scripts Config
run: |
mkdir -p "${RUNNER_TEMP}/gh-aw/mcp-scripts/logs"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_ce110dd39e4e5f6b_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_9b557e45aebf4282_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -1298,8 +1339,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_ce110dd39e4e5f6b_EOF
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_4ca106a635e4261e_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_9b557e45aebf4282_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_f1734778eb83cd01_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -1313,12 +1354,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_4ca106a635e4261e_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_f1734778eb83cd01_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs"
- name: Write MCP Scripts Tool Files
run: |
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_aad07846016e2485_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_26041a79d319da0a_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1455,9 +1496,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_aad07846016e2485_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_26041a79d319da0a_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_45f8c4e94c8269ed_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_443012c84b5640e2_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1537,9 +1578,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_45f8c4e94c8269ed_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_443012c84b5640e2_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_fe087a551607b9f8_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_a31753aa186417d5_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1625,7 +1666,7 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_fe087a551607b9f8_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_a31753aa186417d5_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh"
- name: Generate MCP Scripts Server Config
@@ -1702,7 +1743,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_5fcc73b57044f21b_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_c69c0221e58a6d7f_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"agenticworkflows": {
@@ -1794,7 +1835,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_5fcc73b57044f21b_EOF
+ GH_AW_MCP_CONFIG_c69c0221e58a6d7f_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1952,6 +1993,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.npms.io,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,bun.sh,cdn.jsdelivr.net,cdn.playwright.dev,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deepsource.io,deno.land,docs.github.com,drone.io,esm.sh,get.pnpm.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,go.dev,golang.org,googleapis.deno.dev,googlechromelabs.github.io,goproxy.io,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,jsr.io,keyserver.ubuntu.com,lfs.github.com,localhost,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,pkg.go.dev,playwright.download.prss.microsoft.com,ppa.launchpad.net,proxy.golang.org,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,renovatebot.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,skimdb.npmjs.com,snyk.io,sonarcloud.io,sonarqube.com,storage.googleapis.com,sum.golang.org,telemetry.enterprise.githubcopilot.com,telemetry.vercel.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com,www.npmjs.com,www.npmjs.org,yarnpkg.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-copilot\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -2525,13 +2567,13 @@ jobs:
}
pre_activation:
- if: github.event_name == 'pull_request' && github.event.label.name == 'smoke' || !(github.event_name == 'pull_request')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-copilot ') || startsWith(github.event.issue.body, '/smoke-copilot\n') || github.event.issue.body == '/smoke-copilot') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-copilot ') || startsWith(github.event.pull_request.body, '/smoke-copilot\n') || github.event.pull_request.body == '/smoke-copilot') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-copilot ') || startsWith(github.event.discussion.body, '/smoke-copilot\n') || github.event.discussion.body == '/smoke-copilot') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')) || github.event_name == 'pull_request' && github.event.label.name == 'smoke')"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -2555,7 +2597,7 @@ jobs:
GH_AW_INFO_VERSION: "1.0.55"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "copilot"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -2567,6 +2609,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-copilot\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
push_experiments_state:
needs: activation
@@ -2663,6 +2716,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-copilot"
+ GH_AW_COMMANDS: "[\"smoke-copilot\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-copilot.md b/.github/workflows/smoke-copilot.md
index 0934553dff9..3865abe5846 100644
--- a/.github/workflows/smoke-copilot.md
+++ b/.github/workflows/smoke-copilot.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke Copilot
on:
+ slash_command: smoke-copilot
workflow_dispatch:
label_command:
name: smoke
diff --git a/.github/workflows/smoke-create-cross-repo-pr.lock.yml b/.github/workflows/smoke-create-cross-repo-pr.lock.yml
index ac9e078387d..bcba67c2dc6 100644
--- a/.github/workflows/smoke-create-cross-repo-pr.lock.yml
+++ b/.github/workflows/smoke-create-cross-repo-pr.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"cc4312b0d34b64e329f7a235bbcbb69788e75bf6c8e86b6fafb922e0c0ece1fb","body_hash":"e0cf2f21c14dcb9541b6ef43968d627b9a89fdc58f6f38349cd3bcaf2d16e64e","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"fef9dbe44a9b2aa3850843ad35d9242ac29577441c326009b1d7ad0747848cdb","body_hash":"e0cf2f21c14dcb9541b6ef43968d627b9a89fdc58f6f38349cd3bcaf2d16e64e","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["GH_AW_CI_TRIGGER_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GH_AW_SIDE_REPO_PAT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -57,11 +57,32 @@
name: "Smoke Create Cross-Repo PR"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke-create-cross-repo-pr # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -73,8 +94,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Create Cross-Repo PR"
@@ -89,14 +109,14 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-create-cross-repo-pr'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.issue.body, '/smoke-create-cross-repo-pr\n') || github.event.issue.body == '/smoke-create-cross-repo-pr') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.pull_request.body, '/smoke-create-cross-repo-pr\n') || github.event.pull_request.body == '/smoke-create-cross-repo-pr') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.discussion.body, '/smoke-create-cross-repo-pr\n') || github.event.discussion.body == '/smoke-create-cross-repo-pr') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-create-cross-repo-pr'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
+ pull-requests: write
outputs:
body: ${{ steps.sanitized.outputs.body }}
comment_id: ${{ steps.add-comment.outputs.comment-id }}
@@ -111,6 +131,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -182,6 +203,19 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_daily_effective_workflow_guardrail.cjs');
await main();
+ - name: Add eyes reaction for immediate feedback
+ id: react
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_REACTION: "eyes"
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/add_reaction.cjs');
+ await main();
- name: Checkout .github and .agents folders
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
@@ -254,27 +288,28 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_02fb09199cdd433a_EOF'
+ cat << 'GH_AW_PROMPT_4fcb8985612ce65c_EOF'
- GH_AW_PROMPT_02fb09199cdd433a_EOF
+ GH_AW_PROMPT_4fcb8985612ce65c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_02fb09199cdd433a_EOF'
+ cat << 'GH_AW_PROMPT_4fcb8985612ce65c_EOF'
Tools: add_comment(max:2), create_issue, create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_02fb09199cdd433a_EOF
+ GH_AW_PROMPT_4fcb8985612ce65c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_02fb09199cdd433a_EOF'
+ cat << 'GH_AW_PROMPT_4fcb8985612ce65c_EOF'
- GH_AW_PROMPT_02fb09199cdd433a_EOF
+ GH_AW_PROMPT_4fcb8985612ce65c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_02fb09199cdd433a_EOF'
+ cat << 'GH_AW_PROMPT_4fcb8985612ce65c_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -316,13 +351,16 @@ jobs:
stop immediately and report the limitation rather than spending turns trying to work around it.
- GH_AW_PROMPT_02fb09199cdd433a_EOF
+ GH_AW_PROMPT_4fcb8985612ce65c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_02fb09199cdd433a_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_4fcb8985612ce65c_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-create-cross-repo-pr.md}}
- GH_AW_PROMPT_02fb09199cdd433a_EOF
+ GH_AW_PROMPT_4fcb8985612ce65c_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -351,8 +389,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -373,8 +413,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_SERVER_URL: process.env.GH_AW_GITHUB_SERVER_URL,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -557,9 +599,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_57579bda6d78a0dc_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_ecaea0149bd3fa0d_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_issue":{"close_older_issues":true,"expires":2,"labels":["automation","testing"],"max":1},"create_pull_request":{"draft":true,"expires":24,"fallback_as_issue":false,"github-token":"${GH_AW_SECRET_GH_AW_SIDE_REPO_PAT}","if_no_changes":"error","labels":["smoke-test"],"max":1,"max_patch_files":100,"max_patch_size":1024,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","AGENTS.md","CLAUDE.md","GEMINI.md"],"protected_files_policy":"request_review","target-repo":"github/gh-aw-side-repo","title_prefix":"[smoke] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_57579bda6d78a0dc_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_ecaea0149bd3fa0d_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -834,7 +876,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_f826ca6e0a08ee0c_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_2e1bce5ff032bbe7_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -880,7 +922,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_f826ca6e0a08ee0c_EOF
+ GH_AW_MCP_CONFIG_2e1bce5ff032bbe7_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1026,6 +1068,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,snyk.io,sonarcloud.io,sonarqube.com,telemetry.enterprise.githubcopilot.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-create-cross-repo-pr\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1556,15 +1599,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-create-cross-repo-pr')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.issue.body, '/smoke-create-cross-repo-pr\n') || github.event.issue.body == '/smoke-create-cross-repo-pr') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.pull_request.body, '/smoke-create-cross-repo-pr\n') || github.event.pull_request.body == '/smoke-create-cross-repo-pr') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.discussion.body, '/smoke-create-cross-repo-pr\n') || github.event.discussion.body == '/smoke-create-cross-repo-pr') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-create-cross-repo-pr'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1588,7 +1629,7 @@ jobs:
GH_AW_INFO_VERSION: "1.0.55"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "copilot"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1600,6 +1641,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-create-cross-repo-pr\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1616,6 +1668,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-create-cross-repo-pr"
+ GH_AW_COMMANDS: "[\"smoke-create-cross-repo-pr\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-create-cross-repo-pr.md b/.github/workflows/smoke-create-cross-repo-pr.md
index 90f9a6260c1..a39383661a6 100644
--- a/.github/workflows/smoke-create-cross-repo-pr.md
+++ b/.github/workflows/smoke-create-cross-repo-pr.md
@@ -3,6 +3,7 @@ emoji: "🧪"
name: Smoke Create Cross-Repo PR
description: Smoke test validating cross-repo pull request creation in github/gh-aw-side-repo
on:
+ slash_command: smoke-create-cross-repo-pr
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-crush.lock.yml b/.github/workflows/smoke-crush.lock.yml
index 1157eddcce3..ce160cf0ca3 100644
--- a/.github/workflows/smoke-crush.lock.yml
+++ b/.github/workflows/smoke-crush.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"8ed4c5f2ee45c13f6d53545859f6d52e3208f64bcaa208e94fa148c17246a4a9","body_hash":"ccbb31d4c57ee1e5970fa24740bd39ad4b104b4d329996322a8caf38a03613ba","strict":true,"agent_id":"crush","agent_model":"anthropic/claude-sonnet-4-20250514"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"56a5bea9f0ec705bc4cbc319cc605c3691aa97f22eedef4c80e9c5b01cfc9448","body_hash":"ccbb31d4c57ee1e5970fa24740bd39ad4b104b4d329996322a8caf38a03613ba","strict":true,"agent_id":"crush","agent_model":"anthropic/claude-sonnet-4-20250514"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -58,11 +58,32 @@
name: "Smoke Crush"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - water # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -74,8 +95,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Crush"
@@ -90,13 +110,12 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-crush ') || startsWith(github.event.issue.body, '/smoke-crush\n') || github.event.issue.body == '/smoke-crush') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-crush ') || startsWith(github.event.pull_request.body, '/smoke-crush\n') || github.event.pull_request.body == '/smoke-crush') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-crush ') || startsWith(github.event.discussion.body, '/smoke-crush\n') || github.event.discussion.body == '/smoke-crush') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
@@ -114,6 +133,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -273,24 +293,25 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_66516b48aa0519c7_EOF'
+ cat << 'GH_AW_PROMPT_693b01623eec2a44_EOF'
- GH_AW_PROMPT_66516b48aa0519c7_EOF
+ GH_AW_PROMPT_693b01623eec2a44_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_66516b48aa0519c7_EOF'
+ cat << 'GH_AW_PROMPT_693b01623eec2a44_EOF'
Tools: add_comment(max:2), create_issue, add_labels, missing_tool, missing_data, noop
- GH_AW_PROMPT_66516b48aa0519c7_EOF
+ GH_AW_PROMPT_693b01623eec2a44_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_66516b48aa0519c7_EOF'
+ cat << 'GH_AW_PROMPT_693b01623eec2a44_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -319,16 +340,19 @@ jobs:
{{/if}}
- GH_AW_PROMPT_66516b48aa0519c7_EOF
+ GH_AW_PROMPT_693b01623eec2a44_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_66516b48aa0519c7_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_693b01623eec2a44_EOF'
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-crush.md}}
- GH_AW_PROMPT_66516b48aa0519c7_EOF
+ GH_AW_PROMPT_693b01623eec2a44_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -355,8 +379,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -376,8 +402,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -553,9 +581,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_1d8062a499a956cf_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_bce59036e3685455_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-crush"]},"create_issue":{"close_older_issues":true,"expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_1d8062a499a956cf_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_bce59036e3685455_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -805,7 +833,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_1e5b9490032b752f_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_73ec18a9f5201c16_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -850,7 +878,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_1e5b9490032b752f_EOF
+ GH_AW_MCP_CONFIG_73ec18a9f5201c16_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -977,6 +1005,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,api.anthropic.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,charm.land,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,docs.github.com,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-crush\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1471,15 +1500,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-crush ') || startsWith(github.event.issue.body, '/smoke-crush\n') || github.event.issue.body == '/smoke-crush') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-crush ') || startsWith(github.event.pull_request.body, '/smoke-crush\n') || github.event.pull_request.body == '/smoke-crush') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-crush ') || startsWith(github.event.discussion.body, '/smoke-crush\n') || github.event.discussion.body == '/smoke-crush') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1502,7 +1529,7 @@ jobs:
GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-crush.lock.yml@${{ github.ref }}
GH_AW_INFO_VERSION: "0.59.0"
GH_AW_INFO_ENGINE_ID: "crush"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1514,6 +1541,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-crush\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1530,6 +1568,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-crush"
+ GH_AW_COMMANDS: "[\"smoke-crush\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-crush.md b/.github/workflows/smoke-crush.md
index 12795fe5b87..8ef807ed382 100644
--- a/.github/workflows/smoke-crush.md
+++ b/.github/workflows/smoke-crush.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke test workflow that validates Crush engine functionality
on:
+ slash_command: smoke-crush
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-gemini.lock.yml b/.github/workflows/smoke-gemini.lock.yml
index 7f718d2a069..d39dca7ee79 100644
--- a/.github/workflows/smoke-gemini.lock.yml
+++ b/.github/workflows/smoke-gemini.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"a035b357edda867936e87c47d62d4c419a34272c56269bd5ee4506696cfa31e5","body_hash":"e6391525e0b408c59088189c4afeac1d643885a1f4f9d68465795d4e65427502","strict":true,"agent_id":"gemini"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"3e4ea9048f710ad700863a5321cf227cfa377fc08d070378dd7f4101cca1d6b3","body_hash":"e6391525e0b408c59088189c4afeac1d643885a1f4f9d68465795d4e65427502","strict":true,"agent_id":"gemini"}
# gh-aw-manifest: {"version":1,"secrets":["GEMINI_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -62,11 +62,32 @@
name: "Smoke Gemini"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -78,8 +99,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Gemini"
@@ -94,13 +114,12 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-gemini ') || startsWith(github.event.issue.body, '/smoke-gemini\n') || github.event.issue.body == '/smoke-gemini') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-gemini ') || startsWith(github.event.pull_request.body, '/smoke-gemini\n') || github.event.pull_request.body == '/smoke-gemini') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-gemini ') || startsWith(github.event.discussion.body, '/smoke-gemini\n') || github.event.discussion.body == '/smoke-gemini') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
@@ -119,6 +138,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
sub_agent_strategy: ${{ steps.pick-experiment.outputs.sub_agent_strategy }}
text: ${{ steps.sanitized.outputs.text }}
@@ -314,25 +334,26 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_aa76799200a85df9_EOF'
+ cat << 'GH_AW_PROMPT_1fb184ad71a949fe_EOF'
- GH_AW_PROMPT_aa76799200a85df9_EOF
+ GH_AW_PROMPT_1fb184ad71a949fe_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_aa76799200a85df9_EOF'
+ cat << 'GH_AW_PROMPT_1fb184ad71a949fe_EOF'
Tools: add_comment(max:2), create_issue, add_labels, missing_tool, missing_data, noop
- GH_AW_PROMPT_aa76799200a85df9_EOF
+ GH_AW_PROMPT_1fb184ad71a949fe_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_aa76799200a85df9_EOF'
+ cat << 'GH_AW_PROMPT_1fb184ad71a949fe_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -361,9 +382,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_aa76799200a85df9_EOF
+ GH_AW_PROMPT_1fb184ad71a949fe_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_aa76799200a85df9_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_1fb184ad71a949fe_EOF'
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting-otlp.md}}
@@ -371,7 +395,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-gemini.md}}
- GH_AW_PROMPT_aa76799200a85df9_EOF
+ GH_AW_PROMPT_1fb184ad71a949fe_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -405,8 +429,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -431,8 +457,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_SERVER_URL: process.env.GH_AW_GITHUB_SERVER_URL,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -618,9 +646,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_f38c7e4f4a229a7f_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_32b1c499b37e829c_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-gemini"]},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-gemini","expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_f38c7e4f4a229a7f_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_32b1c499b37e829c_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -867,7 +895,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_384aec960f0240ab_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_a81bc8be12475e54_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"safeoutputs": {
@@ -897,7 +925,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_384aec960f0240ab_EOF
+ GH_AW_MCP_CONFIG_a81bc8be12475e54_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1049,6 +1077,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.googleapis.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,generativelanguage.googleapis.com,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,snyk.io,sonarcloud.io,sonarqube.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-gemini\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1587,15 +1616,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-gemini ') || startsWith(github.event.issue.body, '/smoke-gemini\n') || github.event.issue.body == '/smoke-gemini') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-gemini ') || startsWith(github.event.pull_request.body, '/smoke-gemini\n') || github.event.pull_request.body == '/smoke-gemini') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-gemini ') || startsWith(github.event.discussion.body, '/smoke-gemini\n') || github.event.discussion.body == '/smoke-gemini') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1617,7 +1644,7 @@ jobs:
GH_AW_SETUP_WORKFLOW_NAME: "Smoke Gemini"
GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-gemini.lock.yml@${{ github.ref }}
GH_AW_INFO_ENGINE_ID: "gemini"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1629,6 +1656,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-gemini\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
push_experiments_state:
needs: activation
@@ -1721,6 +1759,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-gemini"
+ GH_AW_COMMANDS: "[\"smoke-gemini\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-gemini.md b/.github/workflows/smoke-gemini.md
index 271767f9113..067b4707ce5 100644
--- a/.github/workflows/smoke-gemini.md
+++ b/.github/workflows/smoke-gemini.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke test workflow that validates Gemini engine functionality twice daily
on:
+ slash_command: smoke-gemini
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-multi-pr.lock.yml b/.github/workflows/smoke-multi-pr.lock.yml
index 1ad2ce159c9..b4d5cf7fcf2 100644
--- a/.github/workflows/smoke-multi-pr.lock.yml
+++ b/.github/workflows/smoke-multi-pr.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"0e32c2fd4a05efbafe8b9edf9793882ba4746860fb3b38474862cceb151f12a6","body_hash":"9fcaee745024e93ac3797cec9ab4d7c11ea841686dbb8f4f6205100777549650","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"3e6e16aa525f3196defb9c8ec914fa653060ebb82ab614a0f879332f937516f0","body_hash":"9fcaee745024e93ac3797cec9ab4d7c11ea841686dbb8f4f6205100777549650","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_CI_TRIGGER_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -57,11 +57,32 @@
name: "Smoke Multi PR"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke-multi-pr # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -73,8 +94,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Multi PR"
@@ -89,13 +109,12 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-multi-pr'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-multi-pr ') || startsWith(github.event.issue.body, '/smoke-multi-pr\n') || github.event.issue.body == '/smoke-multi-pr') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-multi-pr ') || startsWith(github.event.pull_request.body, '/smoke-multi-pr\n') || github.event.pull_request.body == '/smoke-multi-pr') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-multi-pr ') || startsWith(github.event.discussion.body, '/smoke-multi-pr\n') || github.event.discussion.body == '/smoke-multi-pr') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-multi-pr'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
@@ -113,6 +132,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -273,27 +293,28 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_92b895b69dbcb7da_EOF'
+ cat << 'GH_AW_PROMPT_0009a87f54c3fc9a_EOF'
- GH_AW_PROMPT_92b895b69dbcb7da_EOF
+ GH_AW_PROMPT_0009a87f54c3fc9a_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_92b895b69dbcb7da_EOF'
+ cat << 'GH_AW_PROMPT_0009a87f54c3fc9a_EOF'
Tools: add_comment, create_pull_request(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_92b895b69dbcb7da_EOF
+ GH_AW_PROMPT_0009a87f54c3fc9a_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_92b895b69dbcb7da_EOF'
+ cat << 'GH_AW_PROMPT_0009a87f54c3fc9a_EOF'
- GH_AW_PROMPT_92b895b69dbcb7da_EOF
+ GH_AW_PROMPT_0009a87f54c3fc9a_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_92b895b69dbcb7da_EOF'
+ cat << 'GH_AW_PROMPT_0009a87f54c3fc9a_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -322,14 +343,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_92b895b69dbcb7da_EOF
+ GH_AW_PROMPT_0009a87f54c3fc9a_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_92b895b69dbcb7da_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_0009a87f54c3fc9a_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-multi-pr.md}}
- GH_AW_PROMPT_92b895b69dbcb7da_EOF
+ GH_AW_PROMPT_0009a87f54c3fc9a_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -355,8 +379,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -376,8 +402,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -550,9 +578,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_96d073f17e2dfad0_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_f5409529fe4d4edf_EOF'
{"add_comment":{"hide_older_comments":true,"max":1},"create_pull_request":{"expires":2,"if_no_changes":"warn","labels":["ai-generated"],"max":2,"max_patch_files":100,"max_patch_size":1024,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","AGENTS.md","CLAUDE.md","GEMINI.md"],"protected_files_policy":"request_review","title_prefix":"[smoke-multi-pr] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_96d073f17e2dfad0_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_f5409529fe4d4edf_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -790,7 +818,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_517942d4a838575d_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_fdcb98ec4e4b9914_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -836,7 +864,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_517942d4a838575d_EOF
+ GH_AW_MCP_CONFIG_fdcb98ec4e4b9914_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1006,6 +1034,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.npms.io,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,bun.sh,cdn.jsdelivr.net,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deepsource.io,deno.land,docs.github.com,drone.io,esm.sh,get.pnpm.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,googleapis.deno.dev,googlechromelabs.github.io,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,jsr.io,keyserver.ubuntu.com,lfs.github.com,localhost,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,renovatebot.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,skimdb.npmjs.com,snyk.io,sonarcloud.io,sonarqube.com,storage.googleapis.com,telemetry.enterprise.githubcopilot.com,telemetry.vercel.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com,www.npmjs.com,www.npmjs.org,yarnpkg.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-multi-pr\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1526,15 +1555,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-multi-pr')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-multi-pr ') || startsWith(github.event.issue.body, '/smoke-multi-pr\n') || github.event.issue.body == '/smoke-multi-pr') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-multi-pr ') || startsWith(github.event.pull_request.body, '/smoke-multi-pr\n') || github.event.pull_request.body == '/smoke-multi-pr') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-multi-pr ') || startsWith(github.event.discussion.body, '/smoke-multi-pr\n') || github.event.discussion.body == '/smoke-multi-pr') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-multi-pr'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1558,7 +1585,7 @@ jobs:
GH_AW_INFO_VERSION: "1.0.55"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "copilot"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1570,6 +1597,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-multi-pr\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1586,6 +1624,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-multi-pr"
+ GH_AW_COMMANDS: "[\"smoke-multi-pr\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-multi-pr.md b/.github/workflows/smoke-multi-pr.md
index d2497a59f8d..d8ea64bc2a6 100644
--- a/.github/workflows/smoke-multi-pr.md
+++ b/.github/workflows/smoke-multi-pr.md
@@ -3,6 +3,7 @@ emoji: "🧪"
name: Smoke Multi PR
description: Test creating multiple pull requests in a single workflow run
on:
+ slash_command: smoke-multi-pr
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-opencode.lock.yml b/.github/workflows/smoke-opencode.lock.yml
index eb65145dbae..7907a913a70 100644
--- a/.github/workflows/smoke-opencode.lock.yml
+++ b/.github/workflows/smoke-opencode.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"45d44bfc8026b70bef2ec14503238df1d71b7ac60691cbce6a47922517106ab8","body_hash":"fd8a2bdc8108d3170cf3743ed350b5139285a58f4d68875cf729458566659a22","strict":true,"agent_id":"opencode","agent_model":"copilot/gpt-5"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"018dadbfe0ec057b0ef4d92b626a40fa64b66bf713da35247e58e5b3224a79f5","body_hash":"fd8a2bdc8108d3170cf3743ed350b5139285a58f4d68875cf729458566659a22","strict":true,"agent_id":"opencode","agent_model":"copilot/gpt-5"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -59,11 +59,32 @@
name: "Smoke OpenCode"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - water # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -75,8 +96,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke OpenCode"
@@ -91,13 +111,12 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-opencode ') || startsWith(github.event.issue.body, '/smoke-opencode\n') || github.event.issue.body == '/smoke-opencode') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-opencode ') || startsWith(github.event.pull_request.body, '/smoke-opencode\n') || github.event.pull_request.body == '/smoke-opencode') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-opencode ') || startsWith(github.event.discussion.body, '/smoke-opencode\n') || github.event.discussion.body == '/smoke-opencode') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
@@ -115,6 +134,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -275,24 +295,25 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_f5d02804ee7ca734_EOF'
+ cat << 'GH_AW_PROMPT_c203203fcf6af794_EOF'
- GH_AW_PROMPT_f5d02804ee7ca734_EOF
+ GH_AW_PROMPT_c203203fcf6af794_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_f5d02804ee7ca734_EOF'
+ cat << 'GH_AW_PROMPT_c203203fcf6af794_EOF'
Tools: add_comment(max:2), create_issue, add_labels, missing_tool, missing_data, noop
- GH_AW_PROMPT_f5d02804ee7ca734_EOF
+ GH_AW_PROMPT_c203203fcf6af794_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_f5d02804ee7ca734_EOF'
+ cat << 'GH_AW_PROMPT_c203203fcf6af794_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -321,9 +342,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_f5d02804ee7ca734_EOF
+ GH_AW_PROMPT_c203203fcf6af794_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_f5d02804ee7ca734_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_c203203fcf6af794_EOF'
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting-otlp.md}}
@@ -331,7 +355,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-opencode.md}}
- GH_AW_PROMPT_f5d02804ee7ca734_EOF
+ GH_AW_PROMPT_c203203fcf6af794_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -360,8 +384,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -382,8 +408,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_SERVER_URL: process.env.GH_AW_GITHUB_SERVER_URL,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -557,9 +585,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_b925804664e6f363_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_faf4e0d5287a0345_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-opencode"]},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-opencode","expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_b925804664e6f363_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_faf4e0d5287a0345_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -809,7 +837,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_03bbbe8be2aa0ac9_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_61c0592bdd3a6aa7_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -854,7 +882,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_03bbbe8be2aa0ac9_EOF
+ GH_AW_MCP_CONFIG_61c0592bdd3a6aa7_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -982,6 +1010,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.githubcopilot.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,snyk.io,sonarcloud.io,sonarqube.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-opencode\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1475,15 +1504,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-opencode ') || startsWith(github.event.issue.body, '/smoke-opencode\n') || github.event.issue.body == '/smoke-opencode') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-opencode ') || startsWith(github.event.pull_request.body, '/smoke-opencode\n') || github.event.pull_request.body == '/smoke-opencode') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-opencode ') || startsWith(github.event.discussion.body, '/smoke-opencode\n') || github.event.discussion.body == '/smoke-opencode') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1506,7 +1533,7 @@ jobs:
GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-opencode.lock.yml@${{ github.ref }}
GH_AW_INFO_VERSION: "1.2.14"
GH_AW_INFO_ENGINE_ID: "opencode"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1518,6 +1545,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-opencode\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1534,6 +1572,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-opencode"
+ GH_AW_COMMANDS: "[\"smoke-opencode\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-opencode.md b/.github/workflows/smoke-opencode.md
index 78ad722fabf..91dcdd3c178 100644
--- a/.github/workflows/smoke-opencode.md
+++ b/.github/workflows/smoke-opencode.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke test workflow that validates OpenCode engine functionality
on:
+ slash_command: smoke-opencode
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-otel-backends.lock.yml b/.github/workflows/smoke-otel-backends.lock.yml
index 72b2463b888..57fb0713816 100644
--- a/.github/workflows/smoke-otel-backends.lock.yml
+++ b/.github/workflows/smoke-otel-backends.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"9a3eb3a5141855dc8792b2467dd0c2743e0fa54ebd99e0207d884d6ed39aeee5","body_hash":"46d8e16dcf47698ee4765caeecc91c2637367190b1fe910a1033ffda068fd839","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"a1a551d4838ff9658976a21439e71aea74275591fa5e0d84fc7ca70027380253","body_hash":"46d8e16dcf47698ee4765caeecc91c2637367190b1fe910a1033ffda068fd839","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","DD_API_KEY","DD_APPLICATION_KEY","DD_APP_KEY","DD_SITE","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_DATADOG_API_KEY","GH_AW_OTEL_DATADOG_ENDPOINT","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","GRAFANA_SERVICE_ACCOUNT_TOKEN","GRAFANA_URL","SENTRY_ACCESS_TOKEN","SENTRY_OPENAI_API_KEY"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"grafana/mcp-grafana","digest":"sha256:60a4e3a417a69eeb864a72052c53b4aa4466ff3577d6ef9bacc671f4b77d7090","pinned_image":"grafana/mcp-grafana@sha256:60a4e3a417a69eeb864a72052c53b4aa4466ff3577d6ef9bacc671f4b77d7090"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -74,9 +74,33 @@
name: "Smoke OTEL"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
types:
+ - opened
+ - edited
+ - reopened
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -84,16 +108,11 @@ on:
description: "Agent caller context (used internally by Agentic Workflows)."
required: false
type: string
- item_number:
- default: ""
- description: The number of the issue, pull request, or discussion
- required: false
- type: string
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}-${{ github.event.label.name || github.run_id }}"
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke OTEL"
@@ -108,16 +127,16 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && (github.event_name == 'pull_request' && github.event.label.name == 'smoke' ||
- !(github.event_name == 'pull_request'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-otel-backends ') || startsWith(github.event.issue.body, '/smoke-otel-backends\n') || github.event.issue.body == '/smoke-otel-backends') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-otel-backends ') || startsWith(github.event.pull_request.body, '/smoke-otel-backends\n') || github.event.pull_request.body == '/smoke-otel-backends') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-otel-backends ') || startsWith(github.event.discussion.body, '/smoke-otel-backends\n') || github.event.discussion.body == '/smoke-otel-backends') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')) || github.event_name == 'pull_request' && github.event.label.name == 'smoke')"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
+ body: ${{ steps.sanitized.outputs.body }}
comment_id: ${{ steps.add-comment.outputs.comment-id }}
comment_repo: ${{ steps.add-comment.outputs.comment-repo }}
comment_url: ${{ steps.add-comment.outputs.comment-url }}
@@ -132,7 +151,10 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
+ text: ${{ steps.sanitized.outputs.text }}
+ title: ${{ steps.sanitized.outputs.title }}
steps:
- name: Checkout actions folder
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -254,6 +276,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_workflow_timestamp_api.cjs');
await main();
+ - name: Compute current body text
+ id: sanitized
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_ALLOWED_DOMAINS: "*.datadoghq.com,*.datadoghq.eu,*.ddog-gov.com,*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,mcp.datadoghq.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/compute_text.cjs');
+ await main();
- name: Add comment with workflow run link
id: add-comment
if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
@@ -290,24 +323,25 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_487001da25da817e_EOF'
+ cat << 'GH_AW_PROMPT_5f1a14e2f8576146_EOF'
- GH_AW_PROMPT_487001da25da817e_EOF
+ GH_AW_PROMPT_5f1a14e2f8576146_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_487001da25da817e_EOF'
+ cat << 'GH_AW_PROMPT_5f1a14e2f8576146_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_487001da25da817e_EOF
+ GH_AW_PROMPT_5f1a14e2f8576146_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_487001da25da817e_EOF'
+ cat << 'GH_AW_PROMPT_5f1a14e2f8576146_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -336,9 +370,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_487001da25da817e_EOF
+ GH_AW_PROMPT_5f1a14e2f8576146_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_487001da25da817e_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_5f1a14e2f8576146_EOF'
{{#runtime-import .github/workflows/shared/mcp/datadog.md}}
{{#runtime-import .github/workflows/shared/mcp/grafana.md}}
@@ -348,7 +385,7 @@ jobs:
{{#runtime-import .github/workflows/shared/grafana.md}}
{{#runtime-import .github/workflows/shared/datadog.md}}
{{#runtime-import .github/workflows/smoke-otel-backends.md}}
- GH_AW_PROMPT_487001da25da817e_EOF
+ GH_AW_PROMPT_5f1a14e2f8576146_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -377,8 +414,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: "- `datadog` — run `datadog --help` to see available tools\n- `grafana` — run `grafana --help` to see available tools\n- `safeoutputs` — run `safeoutputs --help` to see available tools\n- `sentry` — run `sentry --help` to see available tools"
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -399,8 +438,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_SERVER_URL: process.env.GH_AW_GITHUB_SERVER_URL,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -579,9 +620,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_96903f9c4a768f3a_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_10b1021294cfbc7d_EOF'
{"create_issue":{"close_older_issues":true,"close_older_key":"smoke-otel-backends","expires":2,"labels":["automation","testing","observability"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_96903f9c4a768f3a_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_10b1021294cfbc7d_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -797,7 +838,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_004d9b9bd80f9909_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_ebd1661808489064_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"datadog": {
@@ -924,7 +965,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_004d9b9bd80f9909_EOF
+ GH_AW_MCP_CONFIG_ebd1661808489064_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1094,6 +1135,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.datadoghq.com,*.datadoghq.eu,*.ddog-gov.com,*.grafana.net,*.sentry.io,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,mcp.datadoghq.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-otel-backends\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1608,13 +1650,13 @@ jobs:
}
pre_activation:
- if: github.event_name == 'pull_request' && github.event.label.name == 'smoke' || !(github.event_name == 'pull_request')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-otel-backends ') || startsWith(github.event.issue.body, '/smoke-otel-backends\n') || github.event.issue.body == '/smoke-otel-backends') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-otel-backends ') || startsWith(github.event.pull_request.body, '/smoke-otel-backends\n') || github.event.pull_request.body == '/smoke-otel-backends') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-otel-backends ') || startsWith(github.event.discussion.body, '/smoke-otel-backends\n') || github.event.discussion.body == '/smoke-otel-backends') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')) || github.event_name == 'pull_request' && github.event.label.name == 'smoke')"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1638,7 +1680,7 @@ jobs:
GH_AW_INFO_VERSION: "1.0.55"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "copilot"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1650,6 +1692,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-otel-backends\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1664,6 +1717,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-otel-backends"
+ GH_AW_COMMANDS: "[\"smoke-otel-backends\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-otel-backends.md b/.github/workflows/smoke-otel-backends.md
index 0ad3755af3e..db3abbbc433 100644
--- a/.github/workflows/smoke-otel-backends.md
+++ b/.github/workflows/smoke-otel-backends.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke test that validates OTEL span export and query access for Sentry, Grafana, and Datadog
on:
+ slash_command: smoke-otel-backends
workflow_dispatch:
label_command:
name: smoke
diff --git a/.github/workflows/smoke-pi.lock.yml b/.github/workflows/smoke-pi.lock.yml
index 3926b086393..102e128c56d 100644
--- a/.github/workflows/smoke-pi.lock.yml
+++ b/.github/workflows/smoke-pi.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"17bc55d2ee332f9601fad43d0e0f60af26a46b0d80da281ecbff20236e24f008","body_hash":"07ea62dc335d2b124062d5af97b2e7ea5f4ec4305c9829a2fd52b147247c8902","strict":true,"agent_id":"pi","agent_model":"copilot/gpt-5.4"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"970fa3b83ff0f7385dd38b59aa7444865abc84990dd2ec9c15bd31109cd1899c","body_hash":"07ea62dc335d2b124062d5af97b2e7ea5f4ec4305c9829a2fd52b147247c8902","strict":true,"agent_id":"pi","agent_model":"copilot/gpt-5.4"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -62,11 +62,32 @@
name: "Smoke Pi"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -78,8 +99,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Pi"
@@ -94,13 +114,12 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-pi ') || startsWith(github.event.issue.body, '/smoke-pi\n') || github.event.issue.body == '/smoke-pi') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-pi ') || startsWith(github.event.pull_request.body, '/smoke-pi\n') || github.event.pull_request.body == '/smoke-pi') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-pi ') || startsWith(github.event.discussion.body, '/smoke-pi\n') || github.event.discussion.body == '/smoke-pi') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
@@ -119,6 +138,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
sub_agent_decomposition: ${{ steps.pick-experiment.outputs.sub_agent_decomposition }}
text: ${{ steps.sanitized.outputs.text }}
@@ -315,25 +335,26 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_090e6d2114f1cfa8_EOF'
+ cat << 'GH_AW_PROMPT_17249391ddb09f29_EOF'
- GH_AW_PROMPT_090e6d2114f1cfa8_EOF
+ GH_AW_PROMPT_17249391ddb09f29_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_090e6d2114f1cfa8_EOF'
+ cat << 'GH_AW_PROMPT_17249391ddb09f29_EOF'
Tools: add_comment(max:2), create_issue, add_labels, missing_tool, missing_data, noop
- GH_AW_PROMPT_090e6d2114f1cfa8_EOF
+ GH_AW_PROMPT_17249391ddb09f29_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_090e6d2114f1cfa8_EOF'
+ cat << 'GH_AW_PROMPT_17249391ddb09f29_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -362,9 +383,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_090e6d2114f1cfa8_EOF
+ GH_AW_PROMPT_17249391ddb09f29_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_090e6d2114f1cfa8_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_17249391ddb09f29_EOF'
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting-otlp.md}}
@@ -372,7 +396,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-pi.md}}
- GH_AW_PROMPT_090e6d2114f1cfa8_EOF
+ GH_AW_PROMPT_17249391ddb09f29_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -406,8 +430,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -432,8 +458,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_SERVER_URL: process.env.GH_AW_GITHUB_SERVER_URL,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -625,9 +653,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_17fae89b33a237aa_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_6f55fd4fc34d043f_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-pi"]},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-pi","expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_17fae89b33a237aa_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_6f55fd4fc34d043f_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1009,6 +1037,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.githubcopilot.com,api.npms.io,api.pi.ai,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,bun.sh,cdn.jsdelivr.net,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deepsource.io,deno.land,docs.github.com,drone.io,esm.sh,get.pnpm.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,googleapis.deno.dev,googlechromelabs.github.io,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,jsr.io,keyserver.ubuntu.com,lfs.github.com,localhost,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,renovatebot.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,skimdb.npmjs.com,snyk.io,sonarcloud.io,sonarqube.com,storage.googleapis.com,telemetry.vercel.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com,www.npmjs.com,www.npmjs.org,yarnpkg.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-pi\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1533,15 +1562,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-pi ') || startsWith(github.event.issue.body, '/smoke-pi\n') || github.event.issue.body == '/smoke-pi') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-pi ') || startsWith(github.event.pull_request.body, '/smoke-pi\n') || github.event.pull_request.body == '/smoke-pi') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-pi ') || startsWith(github.event.discussion.body, '/smoke-pi\n') || github.event.discussion.body == '/smoke-pi') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1564,7 +1591,7 @@ jobs:
GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-pi.lock.yml@${{ github.ref }}
GH_AW_INFO_VERSION: "0.75.4"
GH_AW_INFO_ENGINE_ID: "pi"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1576,6 +1603,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-pi\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
push_experiments_state:
needs: activation
@@ -1669,6 +1707,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-pi"
+ GH_AW_COMMANDS: "[\"smoke-pi\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-pi.md b/.github/workflows/smoke-pi.md
index 87c735b1f06..7adb062f2df 100644
--- a/.github/workflows/smoke-pi.md
+++ b/.github/workflows/smoke-pi.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke test workflow that validates Pi engine functionality
on:
+ slash_command: smoke-pi
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-project.lock.yml b/.github/workflows/smoke-project.lock.yml
index 0e80c408fc8..bb69b7be81d 100644
--- a/.github/workflows/smoke-project.lock.yml
+++ b/.github/workflows/smoke-project.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"19deae340a376a71b7ee964f3ad295766e5fdd60a62e3fff3fd8178adca73dce","body_hash":"4dafe397926fe786f54ea2afca462f7bfcc970ef87173677a41fdbb2346d4460","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"4589dce3925f94537a49135860b0ee9e408b4a6ec7ffc3fbe8a7707732f2e5d2","body_hash":"4dafe397926fe786f54ea2afca462f7bfcc970ef87173677a41fdbb2346d4460","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_CI_TRIGGER_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GH_AW_PROJECT_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -58,11 +58,32 @@
name: "Smoke Project"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - water # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -74,8 +95,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Project"
@@ -90,13 +110,12 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-project ') || startsWith(github.event.issue.body, '/smoke-project\n') || github.event.issue.body == '/smoke-project') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-project ') || startsWith(github.event.pull_request.body, '/smoke-project\n') || github.event.pull_request.body == '/smoke-project') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-project ') || startsWith(github.event.discussion.body, '/smoke-project\n') || github.event.discussion.body == '/smoke-project') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
@@ -114,6 +133,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -274,27 +294,28 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_77b7f692523a1de5_EOF'
+ cat << 'GH_AW_PROMPT_2f100cf01696d2de_EOF'
- GH_AW_PROMPT_77b7f692523a1de5_EOF
+ GH_AW_PROMPT_2f100cf01696d2de_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_77b7f692523a1de5_EOF'
+ cat << 'GH_AW_PROMPT_2f100cf01696d2de_EOF'
Tools: add_comment(max:2), create_issue, create_pull_request, add_labels, remove_labels, update_project(max:20), create_project_status_update, missing_tool, missing_data, noop
- GH_AW_PROMPT_77b7f692523a1de5_EOF
+ GH_AW_PROMPT_2f100cf01696d2de_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_77b7f692523a1de5_EOF'
+ cat << 'GH_AW_PROMPT_2f100cf01696d2de_EOF'
- GH_AW_PROMPT_77b7f692523a1de5_EOF
+ GH_AW_PROMPT_2f100cf01696d2de_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_77b7f692523a1de5_EOF'
+ cat << 'GH_AW_PROMPT_2f100cf01696d2de_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -323,14 +344,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_77b7f692523a1de5_EOF
+ GH_AW_PROMPT_2f100cf01696d2de_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_77b7f692523a1de5_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_2f100cf01696d2de_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-project.md}}
- GH_AW_PROMPT_77b7f692523a1de5_EOF
+ GH_AW_PROMPT_2f100cf01696d2de_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -355,8 +379,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -376,8 +402,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -554,9 +582,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_9d63ba68f8b9d8f1_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_3b81980cf13c361c_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-project"]},"create_issue":{"close_older_issues":true,"expires":2,"group":true,"labels":["ai-generated","automation","testing"],"max":1},"create_project_status_update":{"github-token":"${GH_AW_SECRET_GH_AW_PROJECT_GITHUB_TOKEN}","max":1,"project":"https://github.com/orgs/github/projects/24068"},"create_pull_request":{"expires":2,"if_no_changes":"warn","labels":["ai-generated"],"max":1,"max_patch_files":100,"max_patch_size":1024,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","AGENTS.md","CLAUDE.md","GEMINI.md"],"protected_files_policy":"request_review","title_prefix":"[smoke-project] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke-project"]},"report_incomplete":{},"update_project":{"github-token":"${GH_AW_SECRET_GH_AW_PROJECT_GITHUB_TOKEN}","max":20,"project":"https://github.com/orgs/github/projects/24068","views":[{"name":"Smoke Test Board","layout":"board","filter":"is:open"}]}}
- GH_AW_SAFE_OUTPUTS_CONFIG_9d63ba68f8b9d8f1_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_3b81980cf13c361c_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -955,7 +983,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_223ab9ddcf03666d_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_b91f62a34300fc0b_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -1001,7 +1029,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_223ab9ddcf03666d_EOF
+ GH_AW_MCP_CONFIG_b91f62a34300fc0b_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1147,6 +1175,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.npms.io,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,bun.sh,cdn.jsdelivr.net,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deepsource.io,deno.land,docs.github.com,drone.io,esm.sh,get.pnpm.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,googleapis.deno.dev,googlechromelabs.github.io,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,jsr.io,keyserver.ubuntu.com,lfs.github.com,localhost,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,renovatebot.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,skimdb.npmjs.com,snyk.io,sonarcloud.io,sonarqube.com,storage.googleapis.com,telemetry.enterprise.githubcopilot.com,telemetry.vercel.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com,www.npmjs.com,www.npmjs.org,yarnpkg.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-project\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1667,15 +1696,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-project ') || startsWith(github.event.issue.body, '/smoke-project\n') || github.event.issue.body == '/smoke-project') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-project ') || startsWith(github.event.pull_request.body, '/smoke-project\n') || github.event.pull_request.body == '/smoke-project') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-project ') || startsWith(github.event.discussion.body, '/smoke-project\n') || github.event.discussion.body == '/smoke-project') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1699,7 +1726,7 @@ jobs:
GH_AW_INFO_VERSION: "1.0.55"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "copilot"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1711,6 +1738,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-project\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1727,6 +1765,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-project"
+ GH_AW_COMMANDS: "[\"smoke-project\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-project.md b/.github/workflows/smoke-project.md
index 216a980bc1f..ffc592e0ecd 100644
--- a/.github/workflows/smoke-project.md
+++ b/.github/workflows/smoke-project.md
@@ -3,6 +3,7 @@ emoji: "🧪"
name: Smoke Project
description: Smoke Project - Test project operations
on:
+ slash_command: smoke-project
workflow_dispatch:
#schedule: every 12h
pull_request:
diff --git a/.github/workflows/smoke-service-ports.lock.yml b/.github/workflows/smoke-service-ports.lock.yml
index ac8ad96282e..31110427eb2 100644
--- a/.github/workflows/smoke-service-ports.lock.yml
+++ b/.github/workflows/smoke-service-ports.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"430276954691fafe482acb53c6b76663ed7083bf6e29dd7bc29b3db641d20bcd","body_hash":"f0d52a8ac256d3e86659f87c0811c0ad3901a243a5b96432e69002106b780c42","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"7172ac74b6fdd2f98dccc53692b2f160a95f7c16528a658bcd889f1dd7bcdf22","body_hash":"f0d52a8ac256d3e86659f87c0811c0ad3901a243a5b96432e69002106b780c42","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -56,6 +56,32 @@
name: "Smoke Service Ports"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
+ pull_request:
+ types:
+ - opened
+ - edited
+ - reopened
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -67,7 +93,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}"
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Service Ports"
@@ -82,12 +108,16 @@ env:
jobs:
activation:
needs: pre_activation
- if: needs.pre_activation.outputs.activated == 'true'
+ if: "needs.pre_activation.outputs.activated == 'true' && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-service-ports ') || startsWith(github.event.issue.body, '/smoke-service-ports\n') || github.event.issue.body == '/smoke-service-ports') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-service-ports ') || startsWith(github.event.pull_request.body, '/smoke-service-ports\n') || github.event.pull_request.body == '/smoke-service-ports') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-service-ports ') || startsWith(github.event.discussion.body, '/smoke-service-ports\n') || github.event.discussion.body == '/smoke-service-ports') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
+ issues: write
+ pull-requests: write
outputs:
+ body: ${{ steps.sanitized.outputs.body }}
comment_id: ${{ steps.add-comment.outputs.comment-id }}
comment_repo: ${{ steps.add-comment.outputs.comment-repo }}
comment_url: ${{ steps.add-comment.outputs.comment-url }}
@@ -101,7 +131,10 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
+ text: ${{ steps.sanitized.outputs.text }}
+ title: ${{ steps.sanitized.outputs.title }}
steps:
- name: Checkout actions folder
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -170,6 +203,19 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_daily_effective_workflow_guardrail.cjs');
await main();
+ - name: Add eyes reaction for immediate feedback
+ id: react
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_REACTION: "eyes"
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/add_reaction.cjs');
+ await main();
- name: Validate COPILOT_GITHUB_TOKEN secret
id: validate-secret
run: bash "${RUNNER_TEMP}/gh-aw/actions/validate_multi_secret.sh" COPILOT_GITHUB_TOKEN 'GitHub Copilot CLI' https://github.github.com/gh-aw/reference/engines/#github-copilot-default
@@ -210,6 +256,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_workflow_timestamp_api.cjs');
await main();
+ - name: Compute current body text
+ id: sanitized
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,snyk.io,sonarcloud.io,sonarqube.com,telemetry.enterprise.githubcopilot.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/compute_text.cjs');
+ await main();
- name: Add comment with workflow run link
id: add-comment
if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
@@ -235,24 +292,25 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_383bb123b53f6ddc_EOF'
+ cat << 'GH_AW_PROMPT_0b11b1c3a5151133_EOF'
- GH_AW_PROMPT_383bb123b53f6ddc_EOF
+ GH_AW_PROMPT_0b11b1c3a5151133_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_383bb123b53f6ddc_EOF'
+ cat << 'GH_AW_PROMPT_0b11b1c3a5151133_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_383bb123b53f6ddc_EOF
+ GH_AW_PROMPT_0b11b1c3a5151133_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_383bb123b53f6ddc_EOF'
+ cat << 'GH_AW_PROMPT_0b11b1c3a5151133_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -281,13 +339,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_383bb123b53f6ddc_EOF
+ GH_AW_PROMPT_0b11b1c3a5151133_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_383bb123b53f6ddc_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_0b11b1c3a5151133_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-service-ports.md}}
- GH_AW_PROMPT_383bb123b53f6ddc_EOF
+ GH_AW_PROMPT_0b11b1c3a5151133_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -312,8 +373,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -333,8 +396,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -514,9 +579,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_00cf9076a498a813_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_bd1b50e1054c6c5c_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_00cf9076a498a813_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_bd1b50e1054c6c5c_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -710,7 +775,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_34aa75f01b802f9c_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_67e0f75c76cf2670_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -756,7 +821,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_34aa75f01b802f9c_EOF
+ GH_AW_MCP_CONFIG_67e0f75c76cf2670_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -901,6 +966,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,snyk.io,sonarcloud.io,sonarqube.com,telemetry.enterprise.githubcopilot.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-service-ports\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1419,12 +1485,13 @@ jobs:
}
pre_activation:
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-service-ports ') || startsWith(github.event.issue.body, '/smoke-service-ports\n') || github.event.issue.body == '/smoke-service-ports') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-service-ports ') || startsWith(github.event.pull_request.body, '/smoke-service-ports\n') || github.event.pull_request.body == '/smoke-service-ports') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-service-ports ') || startsWith(github.event.discussion.body, '/smoke-service-ports\n') || github.event.discussion.body == '/smoke-service-ports') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1448,7 +1515,7 @@ jobs:
GH_AW_INFO_VERSION: "1.0.55"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "copilot"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1460,6 +1527,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-service-ports\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1476,6 +1554,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-service-ports"
+ GH_AW_COMMANDS: "[\"smoke-service-ports\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-service-ports.md b/.github/workflows/smoke-service-ports.md
index 0ae641aa557..975fa9e1bf9 100644
--- a/.github/workflows/smoke-service-ports.md
+++ b/.github/workflows/smoke-service-ports.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke test to validate --allow-host-service-ports with Redis service container
on:
+ slash_command: smoke-service-ports
workflow_dispatch:
status-comment: true
permissions:
diff --git a/.github/workflows/smoke-temporary-id.lock.yml b/.github/workflows/smoke-temporary-id.lock.yml
index 480e0022beb..88298fa47a7 100644
--- a/.github/workflows/smoke-temporary-id.lock.yml
+++ b/.github/workflows/smoke-temporary-id.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"f53e3dc40b0ce0efcc0d2598bbbfac5c5aaf180ae5eec48b8e0d8cea9c56f62e","body_hash":"837357879ba43b6a872a306ef6aa48f02a2b63b43cf0a142dd3860175463961b","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"2abbcf6a9919caec3282b00f1ce91bbdd7c9daedc90f9daee5c824dfd06864bd","body_hash":"837357879ba43b6a872a306ef6aa48f02a2b63b43cf0a142dd3860175463961b","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -56,11 +56,32 @@
name: "Smoke Temporary ID"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - water # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -72,8 +93,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Temporary ID"
@@ -88,13 +108,12 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-temporary-id ') || startsWith(github.event.issue.body, '/smoke-temporary-id\n') || github.event.issue.body == '/smoke-temporary-id') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-temporary-id ') || startsWith(github.event.pull_request.body, '/smoke-temporary-id\n') || github.event.pull_request.body == '/smoke-temporary-id') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-temporary-id ') || startsWith(github.event.discussion.body, '/smoke-temporary-id\n') || github.event.discussion.body == '/smoke-temporary-id') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
pull-requests: write
outputs:
@@ -113,6 +132,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
sub_agent_strategy: ${{ steps.pick-experiment.outputs.sub_agent_strategy }}
text: ${{ steps.sanitized.outputs.text }}
@@ -309,24 +329,25 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_d45bb371e84a6a46_EOF'
+ cat << 'GH_AW_PROMPT_536d697b2c0f378d_EOF'
- GH_AW_PROMPT_d45bb371e84a6a46_EOF
+ GH_AW_PROMPT_536d697b2c0f378d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_d45bb371e84a6a46_EOF'
+ cat << 'GH_AW_PROMPT_536d697b2c0f378d_EOF'
Tools: add_comment(max:2), create_issue(max:5), link_sub_issue(max:3), missing_tool, missing_data, noop
- GH_AW_PROMPT_d45bb371e84a6a46_EOF
+ GH_AW_PROMPT_536d697b2c0f378d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_d45bb371e84a6a46_EOF'
+ cat << 'GH_AW_PROMPT_536d697b2c0f378d_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -355,14 +376,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_d45bb371e84a6a46_EOF
+ GH_AW_PROMPT_536d697b2c0f378d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_d45bb371e84a6a46_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_536d697b2c0f378d_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-temporary-id.md}}
- GH_AW_PROMPT_d45bb371e84a6a46_EOF
+ GH_AW_PROMPT_536d697b2c0f378d_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -389,8 +413,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -411,8 +437,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -586,9 +614,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_cac6bc62a34c2a22_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_414d615f26333a8e_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_issue":{"close_older_issues":true,"expires":2,"group":true,"labels":["ai-generated","automation","testing"],"max":5,"title_prefix":"[smoke-temporary-id] "},"create_report_incomplete_issue":{},"link_sub_issue":{"max":3},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_cac6bc62a34c2a22_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_414d615f26333a8e_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -840,7 +868,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_c07b1cdd97376693_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_6d047c1bf86c5136_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -886,7 +914,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_c07b1cdd97376693_EOF
+ GH_AW_MCP_CONFIG_6d047c1bf86c5136_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1031,6 +1059,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.npms.io,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,bun.sh,cdn.jsdelivr.net,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deepsource.io,deno.land,docs.github.com,drone.io,esm.sh,get.pnpm.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,googleapis.deno.dev,googlechromelabs.github.io,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,jsr.io,keyserver.ubuntu.com,lfs.github.com,localhost,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,renovatebot.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,skimdb.npmjs.com,snyk.io,sonarcloud.io,sonarqube.com,storage.googleapis.com,telemetry.enterprise.githubcopilot.com,telemetry.vercel.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com,www.npmjs.com,www.npmjs.org,yarnpkg.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-temporary-id\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1556,15 +1585,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-temporary-id ') || startsWith(github.event.issue.body, '/smoke-temporary-id\n') || github.event.issue.body == '/smoke-temporary-id') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-temporary-id ') || startsWith(github.event.pull_request.body, '/smoke-temporary-id\n') || github.event.pull_request.body == '/smoke-temporary-id') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-temporary-id ') || startsWith(github.event.discussion.body, '/smoke-temporary-id\n') || github.event.discussion.body == '/smoke-temporary-id') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1588,7 +1615,7 @@ jobs:
GH_AW_INFO_VERSION: "1.0.55"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "copilot"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1600,6 +1627,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-temporary-id\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
push_experiments_state:
needs: activation
@@ -1694,6 +1732,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-temporary-id"
+ GH_AW_COMMANDS: "[\"smoke-temporary-id\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-temporary-id.md b/.github/workflows/smoke-temporary-id.md
index 5c7eb5b8152..f9f951193c3 100644
--- a/.github/workflows/smoke-temporary-id.md
+++ b/.github/workflows/smoke-temporary-id.md
@@ -3,6 +3,7 @@ emoji: "🧪"
name: Smoke Temporary ID
description: Test temporary ID functionality for issue chaining and cross-references
on:
+ slash_command: smoke-temporary-id
workflow_dispatch:
#schedule: every 24h
pull_request:
diff --git a/.github/workflows/smoke-test-tools.lock.yml b/.github/workflows/smoke-test-tools.lock.yml
index 57a30ec2a93..b5df98295ed 100644
--- a/.github/workflows/smoke-test-tools.lock.yml
+++ b/.github/workflows/smoke-test-tools.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"67083f4ae0c89a41d17b6edfefee5a6600a06b44f668f4b459bd19e989f3d2e5","body_hash":"81f2125a67a8ec3e67401b66459850f8ca4c45d4f70c874e470b359ae4733083","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"3b791de5f8e6b42af55feb5c51d86f3f0eb8a45cbe854f64cb9f5221405bb0a3","body_hash":"81f2125a67a8ec3e67401b66459850f8ca4c45d4f70c874e470b359ae4733083","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-dotnet","sha":"9a946fdbd5fb07b82b2f5a4466058b876ab72bb2","version":"v5.3.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-java","sha":"be666c2fcd27ec809703dec50e508c2fdc7f6654","version":"v5.2.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/setup-python","sha":"a309ff8b426b58ec0e2a45f0f869d46889d02405","version":"v6.2.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -60,11 +60,32 @@
name: "Agent Container Smoke Test"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -76,8 +97,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Agent Container Smoke Test"
@@ -92,14 +112,14 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-test-tools ') || startsWith(github.event.issue.body, '/smoke-test-tools\n') || github.event.issue.body == '/smoke-test-tools') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-test-tools ') || startsWith(github.event.pull_request.body, '/smoke-test-tools\n') || github.event.pull_request.body == '/smoke-test-tools') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-test-tools ') || startsWith(github.event.discussion.body, '/smoke-test-tools\n') || github.event.discussion.body == '/smoke-test-tools') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
+ pull-requests: write
outputs:
body: ${{ steps.sanitized.outputs.body }}
comment_id: ${{ steps.add-comment.outputs.comment-id }}
@@ -115,6 +135,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -186,6 +207,19 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_daily_effective_workflow_guardrail.cjs');
await main();
+ - name: Add eyes reaction for immediate feedback
+ id: react
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_REACTION: "eyes"
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/add_reaction.cjs');
+ await main();
- name: Validate COPILOT_GITHUB_TOKEN secret
id: validate-secret
run: bash "${RUNNER_TEMP}/gh-aw/actions/validate_multi_secret.sh" COPILOT_GITHUB_TOKEN 'GitHub Copilot CLI' https://github.github.com/gh-aw/reference/engines/#github-copilot-default
@@ -262,24 +296,25 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_4c750c81a6218fe1_EOF'
+ cat << 'GH_AW_PROMPT_d5270a98913e7e32_EOF'
- GH_AW_PROMPT_4c750c81a6218fe1_EOF
+ GH_AW_PROMPT_d5270a98913e7e32_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_4c750c81a6218fe1_EOF'
+ cat << 'GH_AW_PROMPT_d5270a98913e7e32_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_4c750c81a6218fe1_EOF
+ GH_AW_PROMPT_d5270a98913e7e32_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_4c750c81a6218fe1_EOF'
+ cat << 'GH_AW_PROMPT_d5270a98913e7e32_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -308,14 +343,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_4c750c81a6218fe1_EOF
+ GH_AW_PROMPT_d5270a98913e7e32_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_4c750c81a6218fe1_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ cat << 'GH_AW_PROMPT_d5270a98913e7e32_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-test-tools.md}}
- GH_AW_PROMPT_4c750c81a6218fe1_EOF
+ GH_AW_PROMPT_d5270a98913e7e32_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -340,8 +378,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: ${{ github.repository }}
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -361,8 +401,10 @@ jobs:
GH_AW_GITHUB_REPOSITORY: process.env.GH_AW_GITHUB_REPOSITORY,
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -561,9 +603,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_30acd1821b5db4a2_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_7c5eb03dd79ecea0_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_30acd1821b5db4a2_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_7c5eb03dd79ecea0_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -757,7 +799,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_f2de648e3c014295_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_1b07d10d61c4e9cc_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -803,7 +845,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_f2de648e3c014295_EOF
+ GH_AW_MCP_CONFIG_1b07d10d61c4e9cc_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -948,6 +990,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.gradle-enterprise.cloud,*.grafana.net,*.pythonhosted.org,*.sentry.io,*.vsblob.vsassets.io,127.0.0.1,::1,adoptium.net,anaconda.org,api.adoptium.net,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.foojay.io,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.npms.io,api.nuget.org,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.apache.org,archive.ubuntu.com,azure.archive.ubuntu.com,azuresearch-usnc.nuget.org,azuresearch-ussc.nuget.org,badgen.net,binstar.org,bootstrap.pypa.io,builds.dotnet.microsoft.com,bun.sh,cdn.azul.com,cdn.jsdelivr.net,central.sonatype.com,ci.dot.net,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,conda.anaconda.org,conda.binstar.org,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,dc.services.visualstudio.com,deb.nodesource.com,deepsource.io,deno.land,develocity.apache.org,dist.nuget.org,dl.google.com,dlcdn.apache.org,docs.github.com,dot.net,dotnet.microsoft.com,dotnetcli.blob.core.windows.net,download.eclipse.org,download.java.net,download.oracle.com,downloads.gradle-dn.com,drone.io,esm.sh,files.pythonhosted.org,ge.spockframework.org,get.pnpm.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,go.dev,golang.org,googleapis.deno.dev,googlechromelabs.github.io,goproxy.io,gradle.org,host.docker.internal,img.shields.io,jcenter.bintray.com,jdk.java.net,json-schema.org,json.schemastore.org,jsr.io,keyserver.ubuntu.com,lfs.github.com,localhost,maven-central.storage-download.googleapis.com,maven.apache.org,maven.google.com,maven.oracle.com,maven.pkg.github.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,nuget.org,nuget.pkg.github.com,nugetregistryv2prod.blob.core.windows.net,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,oneocsp.microsoft.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,pip.pypa.io,pkg.go.dev,pkgs.dev.azure.com,plugins-artifacts.gradle.org,plugins.gradle.org,ppa.launchpad.net,proxy.golang.org,pypi.org,pypi.python.org,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,renovatebot.com,repo.anaconda.com,repo.continuum.io,repo.gradle.org,repo.grails.org,repo.maven.apache.org,repo.spring.io,repo.yarnpkg.com,repo1.maven.org,repository.apache.org,s.symcb.com,s.symcd.com,scans-in.gradle.com,security.ubuntu.com,semaphoreci.com,services.gradle.org,shields.io,skimdb.npmjs.com,snyk.io,sonarcloud.io,sonarqube.com,storage.googleapis.com,sum.golang.org,telemetry.enterprise.githubcopilot.com,telemetry.vercel.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com,www.java.com,www.microsoft.com,www.npmjs.com,www.npmjs.org,yarnpkg.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-test-tools\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1466,15 +1509,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-test-tools ') || startsWith(github.event.issue.body, '/smoke-test-tools\n') || github.event.issue.body == '/smoke-test-tools') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-test-tools ') || startsWith(github.event.pull_request.body, '/smoke-test-tools\n') || github.event.pull_request.body == '/smoke-test-tools') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-test-tools ') || startsWith(github.event.discussion.body, '/smoke-test-tools\n') || github.event.discussion.body == '/smoke-test-tools') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1498,7 +1539,7 @@ jobs:
GH_AW_INFO_VERSION: "1.0.55"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "copilot"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1510,6 +1551,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-test-tools\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1526,6 +1578,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-test-tools"
+ GH_AW_COMMANDS: "[\"smoke-test-tools\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-test-tools.md b/.github/workflows/smoke-test-tools.md
index 351e2d618d0..d20e788f691 100644
--- a/.github/workflows/smoke-test-tools.md
+++ b/.github/workflows/smoke-test-tools.md
@@ -2,6 +2,7 @@
emoji: "🧪"
description: Smoke test to validate common development tools are available in the agent container
on:
+ slash_command: smoke-test-tools
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-update-cross-repo-pr.lock.yml b/.github/workflows/smoke-update-cross-repo-pr.lock.yml
index fa233506c69..4b5e93efb13 100644
--- a/.github/workflows/smoke-update-cross-repo-pr.lock.yml
+++ b/.github/workflows/smoke-update-cross-repo-pr.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"9819a8da08ca4769a99b6e08af5bdf831e2bdb3aeb55dbe8482321417258d084","body_hash":"909201281f5e5701574a4f0ff4a41ae102f90b6bd01093fda00e7570018a54e0","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"cd543323af7e872ecc77702bffa67f8aa180ab85f93d708b55b3df69084fde80","body_hash":"909201281f5e5701574a4f0ff4a41ae102f90b6bd01093fda00e7570018a54e0","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["GH_AW_CI_TRIGGER_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GH_AW_SIDE_REPO_PAT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -59,11 +59,32 @@
name: "Smoke Update Cross-Repo PR"
on:
+ discussion:
+ types:
+ - created
+ - edited
+ discussion_comment:
+ types:
+ - created
+ - edited
+ issue_comment:
+ types:
+ - created
+ - edited
+ issues:
+ types:
+ - opened
+ - edited
+ - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke-update-cross-repo-pr # Label filtering applied via job conditions
types:
- labeled
+ pull_request_review_comment:
+ types:
+ - created
+ - edited
workflow_dispatch:
inputs:
aw_context:
@@ -75,8 +96,7 @@ on:
permissions: {}
concurrency:
- group: "gh-aw-${{ github.workflow }}-${{ github.event.pull_request.number || github.ref || github.run_id }}"
- cancel-in-progress: true
+ group: "gh-aw-${{ github.workflow }}-${{ github.event.issue.number || github.event.pull_request.number || github.run_id }}"
run-name: "Smoke Update Cross-Repo PR"
@@ -91,14 +111,14 @@ env:
jobs:
activation:
needs: pre_activation
- if: >
- needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-update-cross-repo-pr'))
+ if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.issue.body, '/smoke-update-cross-repo-pr\n') || github.event.issue.body == '/smoke-update-cross-repo-pr') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.pull_request.body, '/smoke-update-cross-repo-pr\n') || github.event.pull_request.body == '/smoke-update-cross-repo-pr') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.discussion.body, '/smoke-update-cross-repo-pr\n') || github.event.discussion.body == '/smoke-update-cross-repo-pr') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-update-cross-repo-pr'))"
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
+ discussions: write
issues: write
+ pull-requests: write
outputs:
body: ${{ steps.sanitized.outputs.body }}
comment_id: ${{ steps.add-comment.outputs.comment-id }}
@@ -113,6 +133,7 @@ jobs:
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
+ slash_command: ${{ needs.pre_activation.outputs.matched_command }}
stale_lock_file_failed: ${{ steps.check-lock-file.outputs.stale_lock_file_failed == 'true' }}
text: ${{ steps.sanitized.outputs.text }}
title: ${{ steps.sanitized.outputs.title }}
@@ -184,6 +205,19 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_daily_effective_workflow_guardrail.cjs');
await main();
+ - name: Add eyes reaction for immediate feedback
+ id: react
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_REACTION: "eyes"
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/add_reaction.cjs');
+ await main();
- name: Checkout .github and .agents folders
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
@@ -256,28 +290,29 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
# poutine:ignore untrusted_checkout_exec
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_cc23fc39efd9d09a_EOF'
+ cat << 'GH_AW_PROMPT_0a93a880b54b3946_EOF'
- GH_AW_PROMPT_cc23fc39efd9d09a_EOF
+ GH_AW_PROMPT_0a93a880b54b3946_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_cc23fc39efd9d09a_EOF'
+ cat << 'GH_AW_PROMPT_0a93a880b54b3946_EOF'
Tools: add_comment(max:2), create_issue, push_to_pull_request_branch, missing_tool, missing_data, noop
- GH_AW_PROMPT_cc23fc39efd9d09a_EOF
+ GH_AW_PROMPT_0a93a880b54b3946_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_push_to_pr_branch.md"
- cat << 'GH_AW_PROMPT_cc23fc39efd9d09a_EOF'
+ cat << 'GH_AW_PROMPT_0a93a880b54b3946_EOF'
- GH_AW_PROMPT_cc23fc39efd9d09a_EOF
+ GH_AW_PROMPT_0a93a880b54b3946_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_cc23fc39efd9d09a_EOF'
+ cat << 'GH_AW_PROMPT_0a93a880b54b3946_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -319,13 +354,19 @@ jobs:
stop immediately and report the limitation rather than spending turns trying to work around it.
- GH_AW_PROMPT_cc23fc39efd9d09a_EOF
+ GH_AW_PROMPT_0a93a880b54b3946_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_cc23fc39efd9d09a_EOF'
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
+ fi
+ if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
+ cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_push_to_pr_branch_guidance.md"
+ fi
+ cat << 'GH_AW_PROMPT_0a93a880b54b3946_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-update-cross-repo-pr.md}}
- GH_AW_PROMPT_cc23fc39efd9d09a_EOF
+ GH_AW_PROMPT_0a93a880b54b3946_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -357,8 +398,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: ${{ github.run_id }}
GH_AW_GITHUB_SERVER_URL: ${{ github.server_url }}
GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }}
+ GH_AW_IS_PR_COMMENT: ${{ github.event.issue.pull_request && 'true' || '' }}
GH_AW_MCP_CLI_SERVERS_LIST: '- `safeoutputs` — run `safeoutputs --help` to see available tools'
GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: ${{ needs.pre_activation.outputs.activated }}
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: ${{ needs.pre_activation.outputs.matched_command }}
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -382,8 +425,10 @@ jobs:
GH_AW_GITHUB_RUN_ID: process.env.GH_AW_GITHUB_RUN_ID,
GH_AW_GITHUB_SERVER_URL: process.env.GH_AW_GITHUB_SERVER_URL,
GH_AW_GITHUB_WORKSPACE: process.env.GH_AW_GITHUB_WORKSPACE,
+ GH_AW_IS_PR_COMMENT: process.env.GH_AW_IS_PR_COMMENT,
GH_AW_MCP_CLI_SERVERS_LIST: process.env.GH_AW_MCP_CLI_SERVERS_LIST,
- GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_ACTIVATED,
+ GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND: process.env.GH_AW_NEEDS_PRE_ACTIVATION_OUTPUTS_MATCHED_COMMAND
}
});
- name: Validate prompt placeholders
@@ -588,9 +633,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_e62548beb686644c_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_097628db74cb84d9_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_issue":{"close_older_issues":true,"expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_to_pull_request_branch":{"github-token":"${GH_AW_SECRET_GH_AW_SIDE_REPO_PAT}","if_no_changes":"error","max_patch_size":1024,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","AGENTS.md","CLAUDE.md","GEMINI.md"],"target":"1","target-repo":"github/gh-aw-side-repo"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_e62548beb686644c_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_097628db74cb84d9_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -843,7 +888,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_28882e8de5eb2b75_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_c572fc02a7a02585_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -889,7 +934,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_28882e8de5eb2b75_EOF
+ GH_AW_MCP_CONFIG_c572fc02a7a02585_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1035,6 +1080,7 @@ jobs:
GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,*.grafana.net,*.sentry.io,127.0.0.1,::1,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,app.renovatebot.com,appveyor.com,archive.ubuntu.com,azure.archive.ubuntu.com,badgen.net,circleci.com,codacy.com,codeclimate.com,codecov.io,codeload.github.com,coveralls.io,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deepsource.io,docs.github.com,drone.io,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.blog,github.com,github.githubassets.com,host.docker.internal,img.shields.io,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,localhost,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,patch-diff.githubusercontent.com,ppa.launchpad.net,raw.githubusercontent.com,readthedocs.io,readthedocs.org,registry.npmjs.org,renovatebot.com,s.symcb.com,s.symcd.com,security.ubuntu.com,semaphoreci.com,shields.io,snyk.io,sonarcloud.io,sonarqube.com,telemetry.enterprise.githubcopilot.com,travis-ci.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com"
GITHUB_SERVER_URL: ${{ github.server_url }}
GITHUB_API_URL: ${{ github.api_url }}
+ GH_AW_COMMANDS: "[\"smoke-update-cross-repo-pr\"]"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -1585,15 +1631,13 @@ jobs:
}
pre_activation:
- if: >
- (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
- (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-update-cross-repo-pr')
+ if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.issue.body, '/smoke-update-cross-repo-pr\n') || github.event.issue.body == '/smoke-update-cross-repo-pr') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.pull_request.body, '/smoke-update-cross-repo-pr\n') || github.event.pull_request.body == '/smoke-update-cross-repo-pr') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.discussion.body, '/smoke-update-cross-repo-pr\n') || github.event.discussion.body == '/smoke-update-cross-repo-pr') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-update-cross-repo-pr'))"
runs-on: ubuntu-slim
permissions:
contents: read
outputs:
- activated: ${{ steps.check_membership.outputs.is_team_member == 'true' }}
- matched_command: ''
+ activated: ${{ steps.check_membership.outputs.is_team_member == 'true' && steps.check_command_position.outputs.command_position_ok == 'true' }}
+ matched_command: ${{ steps.check_command_position.outputs.matched_command }}
setup-parent-span-id: ${{ steps.setup.outputs.parent-span-id || steps.setup.outputs.span-id }}
setup-span-id: ${{ steps.setup.outputs.span-id }}
setup-trace-id: ${{ steps.setup.outputs.trace-id }}
@@ -1617,7 +1661,7 @@ jobs:
GH_AW_INFO_VERSION: "1.0.55"
GH_AW_INFO_AWF_VERSION: "v0.25.58"
GH_AW_INFO_ENGINE_ID: "copilot"
- - name: Check team membership for workflow
+ - name: Check team membership for command workflow
id: check_membership
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
@@ -1629,6 +1673,17 @@ jobs:
setupGlobals(core, github, context, exec, io, getOctokit);
const { main } = require('${{ runner.temp }}/gh-aw/actions/check_membership.cjs');
await main();
+ - name: Check command position
+ id: check_command_position
+ uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
+ env:
+ GH_AW_COMMANDS: "[\"smoke-update-cross-repo-pr\"]"
+ with:
+ script: |
+ const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
+ setupGlobals(core, github, context, exec, io, getOctokit);
+ const { main } = require('${{ runner.temp }}/gh-aw/actions/check_command_position.cjs');
+ await main();
safe_outputs:
needs:
@@ -1645,6 +1700,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-update-cross-repo-pr"
+ GH_AW_COMMANDS: "[\"smoke-update-cross-repo-pr\"]"
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_DETECTION_REASON: ${{ needs.detection.outputs.detection_reason }}
GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
diff --git a/.github/workflows/smoke-update-cross-repo-pr.md b/.github/workflows/smoke-update-cross-repo-pr.md
index 4736415ce5b..2b629fe8c79 100644
--- a/.github/workflows/smoke-update-cross-repo-pr.md
+++ b/.github/workflows/smoke-update-cross-repo-pr.md
@@ -4,6 +4,7 @@ name: Smoke Update Cross-Repo PR
description: Smoke test validating cross-repo pull request updates in github/gh-aw-side-repo by adding lines from Homer's Odyssey to the README
on:
+ slash_command: smoke-update-cross-repo-pr
workflow_dispatch:
pull_request:
types: [labeled]
From f66cf7e0c7a68006eb6ac376346a785df2df10a7 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Tue, 2 Jun 2026 21:09:43 +0000
Subject: [PATCH 2/2] fix: change slash_command to strategy: centralized in all
smoke agentic workflows
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
.../workflows/smoke-agent-all-merged.lock.yml | 60 ++++--------
.github/workflows/smoke-agent-all-merged.md | 5 +-
.../workflows/smoke-agent-all-none.lock.yml | 60 ++++--------
.github/workflows/smoke-agent-all-none.md | 5 +-
.../smoke-agent-public-approved.lock.yml | 60 ++++--------
.../workflows/smoke-agent-public-approved.md | 5 +-
.../smoke-agent-public-none.lock.yml | 60 ++++--------
.github/workflows/smoke-agent-public-none.md | 5 +-
.../smoke-agent-scoped-approved.lock.yml | 60 ++++--------
.../workflows/smoke-agent-scoped-approved.md | 5 +-
.github/workflows/smoke-antigravity.lock.yml | 60 ++++--------
.github/workflows/smoke-antigravity.md | 5 +-
.../workflows/smoke-call-workflow.lock.yml | 80 ++++++----------
.github/workflows/smoke-call-workflow.md | 5 +-
.github/workflows/smoke-claude.lock.yml | 96 ++++++++-----------
.github/workflows/smoke-claude.md | 5 +-
.github/workflows/smoke-codex.lock.yml | 84 +++++++---------
.github/workflows/smoke-codex.md | 5 +-
.github/workflows/smoke-copilot-arm.lock.yml | 80 ++++++----------
.github/workflows/smoke-copilot-arm.md | 5 +-
.github/workflows/smoke-copilot-sdk.lock.yml | 67 +++++--------
.github/workflows/smoke-copilot-sdk.md | 5 +-
.github/workflows/smoke-copilot.lock.yml | 91 +++++++-----------
.github/workflows/smoke-copilot.md | 5 +-
.../smoke-create-cross-repo-pr.lock.yml | 64 +++++--------
.../workflows/smoke-create-cross-repo-pr.md | 5 +-
.github/workflows/smoke-crush.lock.yml | 60 ++++--------
.github/workflows/smoke-crush.md | 5 +-
.github/workflows/smoke-gemini.lock.yml | 60 ++++--------
.github/workflows/smoke-gemini.md | 5 +-
.github/workflows/smoke-multi-pr.lock.yml | 64 +++++--------
.github/workflows/smoke-multi-pr.md | 5 +-
.github/workflows/smoke-opencode.lock.yml | 60 ++++--------
.github/workflows/smoke-opencode.md | 5 +-
.../workflows/smoke-otel-backends.lock.yml | 67 +++++--------
.github/workflows/smoke-otel-backends.md | 5 +-
.github/workflows/smoke-pi.lock.yml | 56 ++++-------
.github/workflows/smoke-pi.md | 5 +-
.github/workflows/smoke-project.lock.yml | 64 +++++--------
.github/workflows/smoke-project.md | 5 +-
.../workflows/smoke-service-ports.lock.yml | 60 ++++--------
.github/workflows/smoke-service-ports.md | 5 +-
.github/workflows/smoke-temporary-id.lock.yml | 60 ++++--------
.github/workflows/smoke-temporary-id.md | 5 +-
.github/workflows/smoke-test-tools.lock.yml | 60 ++++--------
.github/workflows/smoke-test-tools.md | 5 +-
.../smoke-update-cross-repo-pr.lock.yml | 64 +++++--------
.../workflows/smoke-update-cross-repo-pr.md | 5 +-
48 files changed, 666 insertions(+), 1051 deletions(-)
diff --git a/.github/workflows/smoke-agent-all-merged.lock.yml b/.github/workflows/smoke-agent-all-merged.lock.yml
index 25dac212589..516daf51969 100644
--- a/.github/workflows/smoke-agent-all-merged.lock.yml
+++ b/.github/workflows/smoke-agent-all-merged.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"eebc5146d050c8078d4b7bf7113fec47f0f08b02ed9bc5e558172a6bd48c6f6f","body_hash":"d6f2db684c1be931739b55119a24f511d31320e899054a318a9f3d81c0a9e31e","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"b9598202dbfc50f33f30c0cbfee73cfd5806e3b61b969d0b10f8d695abdbeee1","body_hash":"d6f2db684c1be931739b55119a24f511d31320e899054a318a9f3d81c0a9e31e","strict":true,"agent_id":"claude"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -55,32 +55,11 @@
name: "Smoke Agent: all/merged"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - metal # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -107,12 +86,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-all-merged ') || startsWith(github.event.issue.body, '/smoke-agent-all-merged\n') || github.event.issue.body == '/smoke-agent-all-merged') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-all-merged ') || startsWith(github.event.pull_request.body, '/smoke-agent-all-merged\n') || github.event.pull_request.body == '/smoke-agent-all-merged') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-all-merged ') || startsWith(github.event.discussion.body, '/smoke-agent-all-merged\n') || github.event.discussion.body == '/smoke-agent-all-merged') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -204,7 +184,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -268,7 +248,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Agent: all/merged"
@@ -296,20 +276,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_1341bd1459e06faf_EOF'
+ cat << 'GH_AW_PROMPT_83bab20157b9ef13_EOF'
- GH_AW_PROMPT_1341bd1459e06faf_EOF
+ GH_AW_PROMPT_83bab20157b9ef13_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_1341bd1459e06faf_EOF'
+ cat << 'GH_AW_PROMPT_83bab20157b9ef13_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_1341bd1459e06faf_EOF
+ GH_AW_PROMPT_83bab20157b9ef13_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_1341bd1459e06faf_EOF'
+ cat << 'GH_AW_PROMPT_83bab20157b9ef13_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -338,16 +318,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_1341bd1459e06faf_EOF
+ GH_AW_PROMPT_83bab20157b9ef13_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_1341bd1459e06faf_EOF'
+ cat << 'GH_AW_PROMPT_83bab20157b9ef13_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-all-merged.md}}
- GH_AW_PROMPT_1341bd1459e06faf_EOF
+ GH_AW_PROMPT_83bab20157b9ef13_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -569,9 +549,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_3d73841cb789f073_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_9e8bf61301fa7673_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_3d73841cb789f073_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_9e8bf61301fa7673_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -762,7 +742,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_ed0f7ebdad8063fc_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_9754fa075eff8926_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -810,7 +790,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_ed0f7ebdad8063fc_EOF
+ GH_AW_MCP_CONFIG_9754fa075eff8926_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1541,7 +1521,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-all-merged ') || startsWith(github.event.issue.body, '/smoke-agent-all-merged\n') || github.event.issue.body == '/smoke-agent-all-merged') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-all-merged ') || startsWith(github.event.pull_request.body, '/smoke-agent-all-merged\n') || github.event.pull_request.body == '/smoke-agent-all-merged') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-all-merged ') || startsWith(github.event.discussion.body, '/smoke-agent-all-merged\n') || github.event.discussion.body == '/smoke-agent-all-merged') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-merged ') || startsWith(github.event.comment.body, '/smoke-agent-all-merged\n') || github.event.comment.body == '/smoke-agent-all-merged')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-agent-all-merged.md b/.github/workflows/smoke-agent-all-merged.md
index f0ce63dd482..8d553af3598 100644
--- a/.github/workflows/smoke-agent-all-merged.md
+++ b/.github/workflows/smoke-agent-all-merged.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: "Guard policy smoke test: repos=all, min-integrity=merged (most restrictive)"
on:
- slash_command: smoke-agent-all-merged
+ slash_command:
+ name: smoke-agent-all-merged
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-agent-all-none.lock.yml b/.github/workflows/smoke-agent-all-none.lock.yml
index a17f0f1688c..d3968e58d68 100644
--- a/.github/workflows/smoke-agent-all-none.lock.yml
+++ b/.github/workflows/smoke-agent-all-none.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"51b458992a0f51fda91877f6fc35462b6feb4ffe3d69a4b6db0538766889948b","body_hash":"593419fde63fbac2a601604c119d136ac207cb9a130cd0f2ac17b7e555e4cede","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"d7f2823a703d4118e9534eac086f47a155cc248fbf20d96f0c79698b00c5d63f","body_hash":"593419fde63fbac2a601604c119d136ac207cb9a130cd0f2ac17b7e555e4cede","strict":true,"agent_id":"claude"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -55,32 +55,11 @@
name: "Smoke Agent: all/none"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - metal # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -107,12 +86,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-all-none ') || startsWith(github.event.issue.body, '/smoke-agent-all-none\n') || github.event.issue.body == '/smoke-agent-all-none') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-all-none ') || startsWith(github.event.pull_request.body, '/smoke-agent-all-none\n') || github.event.pull_request.body == '/smoke-agent-all-none') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-all-none ') || startsWith(github.event.discussion.body, '/smoke-agent-all-none\n') || github.event.discussion.body == '/smoke-agent-all-none') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -204,7 +184,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -268,7 +248,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Agent: all/none"
@@ -296,20 +276,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_97f1d6582581ab92_EOF'
+ cat << 'GH_AW_PROMPT_dda3f48370e38e6f_EOF'
- GH_AW_PROMPT_97f1d6582581ab92_EOF
+ GH_AW_PROMPT_dda3f48370e38e6f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_97f1d6582581ab92_EOF'
+ cat << 'GH_AW_PROMPT_dda3f48370e38e6f_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_97f1d6582581ab92_EOF
+ GH_AW_PROMPT_dda3f48370e38e6f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_97f1d6582581ab92_EOF'
+ cat << 'GH_AW_PROMPT_dda3f48370e38e6f_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -338,16 +318,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_97f1d6582581ab92_EOF
+ GH_AW_PROMPT_dda3f48370e38e6f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_97f1d6582581ab92_EOF'
+ cat << 'GH_AW_PROMPT_dda3f48370e38e6f_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-all-none.md}}
- GH_AW_PROMPT_97f1d6582581ab92_EOF
+ GH_AW_PROMPT_dda3f48370e38e6f_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -569,9 +549,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_75751a486e660fbe_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_e9db8bc2c69fb10b_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_75751a486e660fbe_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_e9db8bc2c69fb10b_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -762,7 +742,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_b2fa6adb7754ae29_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_621fa6be18c88017_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -810,7 +790,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_b2fa6adb7754ae29_EOF
+ GH_AW_MCP_CONFIG_621fa6be18c88017_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1541,7 +1521,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-all-none ') || startsWith(github.event.issue.body, '/smoke-agent-all-none\n') || github.event.issue.body == '/smoke-agent-all-none') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-all-none ') || startsWith(github.event.pull_request.body, '/smoke-agent-all-none\n') || github.event.pull_request.body == '/smoke-agent-all-none') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-all-none ') || startsWith(github.event.discussion.body, '/smoke-agent-all-none\n') || github.event.discussion.body == '/smoke-agent-all-none') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-all-none ') || startsWith(github.event.comment.body, '/smoke-agent-all-none\n') || github.event.comment.body == '/smoke-agent-all-none')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-agent-all-none.md b/.github/workflows/smoke-agent-all-none.md
index 2d07fdda7e8..e567516401a 100644
--- a/.github/workflows/smoke-agent-all-none.md
+++ b/.github/workflows/smoke-agent-all-none.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: "Guard policy smoke test: repos=all, min-integrity=none (most permissive)"
on:
- slash_command: smoke-agent-all-none
+ slash_command:
+ name: smoke-agent-all-none
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-agent-public-approved.lock.yml b/.github/workflows/smoke-agent-public-approved.lock.yml
index d97ab6542c0..ea92bd54497 100644
--- a/.github/workflows/smoke-agent-public-approved.lock.yml
+++ b/.github/workflows/smoke-agent-public-approved.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"a64ef34321b27fdaab0984ba1cebb1e819edd69c1819b42214eee4b6278b58f2","body_hash":"d8ca9956f5003afef37390d4cb75044fdd1ae6625eb24359bd6184012f5c35a8","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"c93fe654713976529185d32fc46420de9ef4822bb89bdc5b5ddd8c4d3bf3c431","body_hash":"d8ca9956f5003afef37390d4cb75044fdd1ae6625eb24359bd6184012f5c35a8","strict":true,"agent_id":"claude"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_AGENT_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -57,32 +57,11 @@
name: "Smoke Agent: public/approved"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - metal # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -109,12 +88,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-public-approved ') || startsWith(github.event.issue.body, '/smoke-agent-public-approved\n') || github.event.issue.body == '/smoke-agent-public-approved') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-public-approved ') || startsWith(github.event.pull_request.body, '/smoke-agent-public-approved\n') || github.event.pull_request.body == '/smoke-agent-public-approved') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-public-approved ') || startsWith(github.event.discussion.body, '/smoke-agent-public-approved\n') || github.event.discussion.body == '/smoke-agent-public-approved') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -206,7 +186,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -270,7 +250,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Agent: public/approved"
@@ -298,20 +278,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_36eb0b629f959dc2_EOF'
+ cat << 'GH_AW_PROMPT_c27fe110418583ac_EOF'
- GH_AW_PROMPT_36eb0b629f959dc2_EOF
+ GH_AW_PROMPT_c27fe110418583ac_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_36eb0b629f959dc2_EOF'
+ cat << 'GH_AW_PROMPT_c27fe110418583ac_EOF'
Tools: add_comment(max:2), assign_to_agent, missing_tool, missing_data, noop
- GH_AW_PROMPT_36eb0b629f959dc2_EOF
+ GH_AW_PROMPT_c27fe110418583ac_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_36eb0b629f959dc2_EOF'
+ cat << 'GH_AW_PROMPT_c27fe110418583ac_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -340,17 +320,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_36eb0b629f959dc2_EOF
+ GH_AW_PROMPT_c27fe110418583ac_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_36eb0b629f959dc2_EOF'
+ cat << 'GH_AW_PROMPT_c27fe110418583ac_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-public-approved.md}}
- GH_AW_PROMPT_36eb0b629f959dc2_EOF
+ GH_AW_PROMPT_c27fe110418583ac_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -573,9 +553,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_3a3ba7aafd7ef25b_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_e022eddcd42a0224_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"assign_to_agent":{"allowed":["copilot"],"custom-agent":"agentic-workflows","max":1,"target":"*"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_3a3ba7aafd7ef25b_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_e022eddcd42a0224_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -794,7 +774,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_8603c61b01f21e23_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_dd0ee7571e3e1989_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -842,7 +822,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_8603c61b01f21e23_EOF
+ GH_AW_MCP_CONFIG_dd0ee7571e3e1989_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1576,7 +1556,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-public-approved ') || startsWith(github.event.issue.body, '/smoke-agent-public-approved\n') || github.event.issue.body == '/smoke-agent-public-approved') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-public-approved ') || startsWith(github.event.pull_request.body, '/smoke-agent-public-approved\n') || github.event.pull_request.body == '/smoke-agent-public-approved') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-public-approved ') || startsWith(github.event.discussion.body, '/smoke-agent-public-approved\n') || github.event.discussion.body == '/smoke-agent-public-approved') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-approved ') || startsWith(github.event.comment.body, '/smoke-agent-public-approved\n') || github.event.comment.body == '/smoke-agent-public-approved')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-agent-public-approved.md b/.github/workflows/smoke-agent-public-approved.md
index 0aa23ef9ba1..d3dc0c35fe5 100644
--- a/.github/workflows/smoke-agent-public-approved.md
+++ b/.github/workflows/smoke-agent-public-approved.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke test that validates assign-to-agent with the agentic-workflows custom agent
on:
- slash_command: smoke-agent-public-approved
+ slash_command:
+ name: smoke-agent-public-approved
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-agent-public-none.lock.yml b/.github/workflows/smoke-agent-public-none.lock.yml
index 4df4d157d93..ddfa430be32 100644
--- a/.github/workflows/smoke-agent-public-none.lock.yml
+++ b/.github/workflows/smoke-agent-public-none.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"c78aef2e763cfdeae863bab152b9ca47807289494a503101c74cb446f8b64c0a","body_hash":"2d0ad68f5c024b0a2128b098a6154283391acd919b9f4683730d58d93b6ff7d3","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"c4d26ae5856ca0018051376054777c88bc832ff4807e3cf6ad8fc1ab330deebe","body_hash":"2d0ad68f5c024b0a2128b098a6154283391acd919b9f4683730d58d93b6ff7d3","strict":true,"agent_id":"claude"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -55,32 +55,11 @@
name: "Smoke Agent: public/none"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - metal # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -107,12 +86,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-public-none ') || startsWith(github.event.issue.body, '/smoke-agent-public-none\n') || github.event.issue.body == '/smoke-agent-public-none') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-public-none ') || startsWith(github.event.pull_request.body, '/smoke-agent-public-none\n') || github.event.pull_request.body == '/smoke-agent-public-none') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-public-none ') || startsWith(github.event.discussion.body, '/smoke-agent-public-none\n') || github.event.discussion.body == '/smoke-agent-public-none') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -204,7 +184,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -268,7 +248,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Agent: public/none"
@@ -296,20 +276,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_bcafc658316a06e7_EOF'
+ cat << 'GH_AW_PROMPT_8b3e64320844eab0_EOF'
- GH_AW_PROMPT_bcafc658316a06e7_EOF
+ GH_AW_PROMPT_8b3e64320844eab0_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_bcafc658316a06e7_EOF'
+ cat << 'GH_AW_PROMPT_8b3e64320844eab0_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_bcafc658316a06e7_EOF
+ GH_AW_PROMPT_8b3e64320844eab0_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_bcafc658316a06e7_EOF'
+ cat << 'GH_AW_PROMPT_8b3e64320844eab0_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -338,16 +318,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_bcafc658316a06e7_EOF
+ GH_AW_PROMPT_8b3e64320844eab0_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_bcafc658316a06e7_EOF'
+ cat << 'GH_AW_PROMPT_8b3e64320844eab0_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-public-none.md}}
- GH_AW_PROMPT_bcafc658316a06e7_EOF
+ GH_AW_PROMPT_8b3e64320844eab0_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -569,9 +549,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_7579df0162f51be6_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_ea9a301b209cc220_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_7579df0162f51be6_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_ea9a301b209cc220_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -762,7 +742,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_6f0dd09f1c5b7b97_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_766cde83f56d9322_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -810,7 +790,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_6f0dd09f1c5b7b97_EOF
+ GH_AW_MCP_CONFIG_766cde83f56d9322_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1541,7 +1521,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-public-none ') || startsWith(github.event.issue.body, '/smoke-agent-public-none\n') || github.event.issue.body == '/smoke-agent-public-none') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-public-none ') || startsWith(github.event.pull_request.body, '/smoke-agent-public-none\n') || github.event.pull_request.body == '/smoke-agent-public-none') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-public-none ') || startsWith(github.event.discussion.body, '/smoke-agent-public-none\n') || github.event.discussion.body == '/smoke-agent-public-none') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-public-none ') || startsWith(github.event.comment.body, '/smoke-agent-public-none\n') || github.event.comment.body == '/smoke-agent-public-none')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-agent-public-none.md b/.github/workflows/smoke-agent-public-none.md
index b4bf662fa39..9d5d44e2f4c 100644
--- a/.github/workflows/smoke-agent-public-none.md
+++ b/.github/workflows/smoke-agent-public-none.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: "Guard policy smoke test: repos=public, min-integrity=none"
on:
- slash_command: smoke-agent-public-none
+ slash_command:
+ name: smoke-agent-public-none
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-agent-scoped-approved.lock.yml b/.github/workflows/smoke-agent-scoped-approved.lock.yml
index 0cb9d814e7a..d5aa6e07c8b 100644
--- a/.github/workflows/smoke-agent-scoped-approved.lock.yml
+++ b/.github/workflows/smoke-agent-scoped-approved.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"10e648d92c6ada0babeb696973d9fabd12c6196f4bd038450d927557972a6a03","body_hash":"2b9a4cb382ef451c5d8c0c0d3c70a40962955115a3e0abd100761b22bf0d08d2","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"5caa870ec7441989e5dd68d7f0c8afbe057b619158b5d3c94dcd98f97c6c169b","body_hash":"2b9a4cb382ef451c5d8c0c0d3c70a40962955115a3e0abd100761b22bf0d08d2","strict":true,"agent_id":"claude"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -56,32 +56,11 @@
name: "Smoke Agent: scoped/approved"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - metal # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -108,12 +87,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.issue.body, '/smoke-agent-scoped-approved\n') || github.event.issue.body == '/smoke-agent-scoped-approved') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.pull_request.body, '/smoke-agent-scoped-approved\n') || github.event.pull_request.body == '/smoke-agent-scoped-approved') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.discussion.body, '/smoke-agent-scoped-approved\n') || github.event.discussion.body == '/smoke-agent-scoped-approved') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -205,7 +185,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -269,7 +249,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Agent: scoped/approved"
@@ -297,20 +277,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_b60ef821e5d6084d_EOF'
+ cat << 'GH_AW_PROMPT_ef3d33fceea3627f_EOF'
- GH_AW_PROMPT_b60ef821e5d6084d_EOF
+ GH_AW_PROMPT_ef3d33fceea3627f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_b60ef821e5d6084d_EOF'
+ cat << 'GH_AW_PROMPT_ef3d33fceea3627f_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_b60ef821e5d6084d_EOF
+ GH_AW_PROMPT_ef3d33fceea3627f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_b60ef821e5d6084d_EOF'
+ cat << 'GH_AW_PROMPT_ef3d33fceea3627f_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -339,17 +319,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_b60ef821e5d6084d_EOF
+ GH_AW_PROMPT_ef3d33fceea3627f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_b60ef821e5d6084d_EOF'
+ cat << 'GH_AW_PROMPT_ef3d33fceea3627f_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-scoped-approved.md}}
- GH_AW_PROMPT_b60ef821e5d6084d_EOF
+ GH_AW_PROMPT_ef3d33fceea3627f_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -572,9 +552,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_5d30cc919b6aed51_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_43321aa426c13384_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_5d30cc919b6aed51_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_43321aa426c13384_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -765,7 +745,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_437c312df32e4ae2_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_e1f890a9458ab5d6_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -817,7 +797,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_437c312df32e4ae2_EOF
+ GH_AW_MCP_CONFIG_e1f890a9458ab5d6_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1548,7 +1528,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.issue.body, '/smoke-agent-scoped-approved\n') || github.event.issue.body == '/smoke-agent-scoped-approved') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.pull_request.body, '/smoke-agent-scoped-approved\n') || github.event.pull_request.body == '/smoke-agent-scoped-approved') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.discussion.body, '/smoke-agent-scoped-approved\n') || github.event.discussion.body == '/smoke-agent-scoped-approved') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-agent-scoped-approved ') || startsWith(github.event.comment.body, '/smoke-agent-scoped-approved\n') || github.event.comment.body == '/smoke-agent-scoped-approved')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'metal')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-agent-scoped-approved.md b/.github/workflows/smoke-agent-scoped-approved.md
index 5dd1fad8ce6..44d5723d3db 100644
--- a/.github/workflows/smoke-agent-scoped-approved.md
+++ b/.github/workflows/smoke-agent-scoped-approved.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: "Guard policy smoke test: repos=[github/gh-aw, github/*], min-integrity=approved (scoped patterns)"
on:
- slash_command: smoke-agent-scoped-approved
+ slash_command:
+ name: smoke-agent-scoped-approved
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-antigravity.lock.yml b/.github/workflows/smoke-antigravity.lock.yml
index 9e37065361f..7508d4c5575 100644
--- a/.github/workflows/smoke-antigravity.lock.yml
+++ b/.github/workflows/smoke-antigravity.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"52fa02e236e39ed46e54aa52d39e9504871f8f6a9983a5e377da696486cb15de","body_hash":"c31e389c6b38b324a3032f06974aee2fde8d1964907309aa367f4960338e4531","strict":true,"agent_id":"antigravity"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"76d5a042c906ef030e3e017ebdab5aeebaa0c3f0d762249536fa4732055d490a","body_hash":"c31e389c6b38b324a3032f06974aee2fde8d1964907309aa367f4960338e4531","strict":true,"agent_id":"antigravity"}
# gh-aw-manifest: {"version":1,"secrets":["ANTIGRAVITY_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -61,32 +61,11 @@
name: "Smoke Antigravity"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -113,12 +92,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-antigravity ') || startsWith(github.event.issue.body, '/smoke-antigravity\n') || github.event.issue.body == '/smoke-antigravity') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-antigravity ') || startsWith(github.event.pull_request.body, '/smoke-antigravity\n') || github.event.pull_request.body == '/smoke-antigravity') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-antigravity ') || startsWith(github.event.discussion.body, '/smoke-antigravity\n') || github.event.discussion.body == '/smoke-antigravity') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -210,7 +190,7 @@ jobs:
await main();
- name: Add rocket reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "rocket"
@@ -274,7 +254,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Antigravity"
@@ -338,21 +318,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_6d8eb607356343b2_EOF'
+ cat << 'GH_AW_PROMPT_f5e3248bbde4c9bd_EOF'
- GH_AW_PROMPT_6d8eb607356343b2_EOF
+ GH_AW_PROMPT_f5e3248bbde4c9bd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_6d8eb607356343b2_EOF'
+ cat << 'GH_AW_PROMPT_f5e3248bbde4c9bd_EOF'
Tools: add_comment(max:2), create_issue, add_labels, missing_tool, missing_data, noop
- GH_AW_PROMPT_6d8eb607356343b2_EOF
+ GH_AW_PROMPT_f5e3248bbde4c9bd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_6d8eb607356343b2_EOF'
+ cat << 'GH_AW_PROMPT_f5e3248bbde4c9bd_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -381,12 +361,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_6d8eb607356343b2_EOF
+ GH_AW_PROMPT_f5e3248bbde4c9bd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_6d8eb607356343b2_EOF'
+ cat << 'GH_AW_PROMPT_f5e3248bbde4c9bd_EOF'
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting-otlp.md}}
@@ -394,7 +374,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-antigravity.md}}
- GH_AW_PROMPT_6d8eb607356343b2_EOF
+ GH_AW_PROMPT_f5e3248bbde4c9bd_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -642,9 +622,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_681d4cbec555dfc3_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_e4a15e9721224b45_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-antigravity"]},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-antigravity","expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_681d4cbec555dfc3_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_e4a15e9721224b45_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -891,7 +871,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_9e7155f8dd81c294_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_b82210ccabe1fd98_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"safeoutputs": {
@@ -921,7 +901,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_9e7155f8dd81c294_EOF
+ GH_AW_MCP_CONFIG_b82210ccabe1fd98_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1611,7 +1591,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-antigravity ') || startsWith(github.event.issue.body, '/smoke-antigravity\n') || github.event.issue.body == '/smoke-antigravity') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-antigravity ') || startsWith(github.event.pull_request.body, '/smoke-antigravity\n') || github.event.pull_request.body == '/smoke-antigravity') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-antigravity ') || startsWith(github.event.discussion.body, '/smoke-antigravity\n') || github.event.discussion.body == '/smoke-antigravity') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-antigravity ') || startsWith(github.event.comment.body, '/smoke-antigravity\n') || github.event.comment.body == '/smoke-antigravity')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-antigravity.md b/.github/workflows/smoke-antigravity.md
index 15262a0c58f..273c5426e29 100644
--- a/.github/workflows/smoke-antigravity.md
+++ b/.github/workflows/smoke-antigravity.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke test workflow that validates Antigravity engine functionality twice daily
on:
- slash_command: smoke-antigravity
+ slash_command:
+ name: smoke-antigravity
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-call-workflow.lock.yml b/.github/workflows/smoke-call-workflow.lock.yml
index b9b34a86fd4..89a81fe85e2 100644
--- a/.github/workflows/smoke-call-workflow.lock.yml
+++ b/.github/workflows/smoke-call-workflow.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"cbff8d3c250607add6f62ba0a37457207f8f635de066e6a12a61d5aedf5bbb85","body_hash":"045828bb52fffb26f564965bec808ad613f31bdfa48fda8958696e41339e727b","strict":true,"agent_id":"codex","agent_model":"gpt-5.4-mini"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"5ea9b1f714eb368957a37d8c4ba17ec425c16d8f73a42b09b1d357041d192f59","body_hash":"045828bb52fffb26f564965bec808ad613f31bdfa48fda8958696e41339e727b","strict":true,"agent_id":"codex","agent_model":"gpt-5.4-mini"}
# gh-aw-manifest: {"version":1,"secrets":["CODEX_API_KEY","COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","OPENAI_API_KEY"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -58,32 +58,11 @@
name: "Smoke Call Workflow"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - water # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -110,12 +89,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-call-workflow ') || startsWith(github.event.issue.body, '/smoke-call-workflow\n') || github.event.issue.body == '/smoke-call-workflow') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-call-workflow ') || startsWith(github.event.pull_request.body, '/smoke-call-workflow\n') || github.event.pull_request.body == '/smoke-call-workflow') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-call-workflow ') || startsWith(github.event.discussion.body, '/smoke-call-workflow\n') || github.event.discussion.body == '/smoke-call-workflow') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -207,7 +187,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -272,7 +252,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Call Workflow"
@@ -299,20 +279,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_7cdadcff7ec45fcf_EOF'
+ cat << 'GH_AW_PROMPT_e71577668ed80485_EOF'
- GH_AW_PROMPT_7cdadcff7ec45fcf_EOF
+ GH_AW_PROMPT_e71577668ed80485_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_7cdadcff7ec45fcf_EOF'
+ cat << 'GH_AW_PROMPT_e71577668ed80485_EOF'
Tools: call_workflow, missing_tool, missing_data, noop
- GH_AW_PROMPT_7cdadcff7ec45fcf_EOF
+ GH_AW_PROMPT_e71577668ed80485_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_7cdadcff7ec45fcf_EOF'
+ cat << 'GH_AW_PROMPT_e71577668ed80485_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -341,16 +321,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_7cdadcff7ec45fcf_EOF
+ GH_AW_PROMPT_e71577668ed80485_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_7cdadcff7ec45fcf_EOF'
+ cat << 'GH_AW_PROMPT_e71577668ed80485_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-call-workflow.md}}
- GH_AW_PROMPT_7cdadcff7ec45fcf_EOF
+ GH_AW_PROMPT_e71577668ed80485_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -573,9 +553,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_493e539c98e5d11b_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_10b88111dcdf0c11_EOF'
{"call_workflow":{"max":1,"workflow_files":{"smoke-workflow-call":"./.github/workflows/smoke-workflow-call.lock.yml"},"workflows":["smoke-workflow-call"]},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_493e539c98e5d11b_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_10b88111dcdf0c11_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -772,7 +752,7 @@ jobs:
DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0')
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
- cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_6b4e6a3af55af611_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_158c1a17dbd25eba_EOF
[history]
persistence = "none"
@@ -799,11 +779,11 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_6b4e6a3af55af611_EOF
+ GH_AW_MCP_CONFIG_158c1a17dbd25eba_EOF
# Generate JSON config for MCP gateway
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_6b4e6a3af55af611_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_158c1a17dbd25eba_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -848,11 +828,11 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_6b4e6a3af55af611_EOF
+ GH_AW_MCP_CONFIG_158c1a17dbd25eba_EOF
# Sync converter output to writable CODEX_HOME for Codex
mkdir -p /tmp/gh-aw/mcp-config
- cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_2edca72be673f03f_EOF
+ cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_c64b531c58380cd1_EOF
model_provider = "openai-proxy"
@@ -864,7 +844,7 @@ jobs:
[shell_environment_policy]
inherit = "core"
include_only = ["^CODEX_API_KEY$", "^GH_AW_ASSETS_ALLOWED_EXTS$", "^GH_AW_ASSETS_BRANCH$", "^GH_AW_ASSETS_MAX_SIZE_KB$", "^GH_AW_SAFE_OUTPUTS$", "^GITHUB_PERSONAL_ACCESS_TOKEN$", "^GITHUB_REPOSITORY$", "^GITHUB_SERVER_URL$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"]
- GH_AW_CODEX_SHELL_POLICY_2edca72be673f03f_EOF
+ GH_AW_CODEX_SHELL_POLICY_c64b531c58380cd1_EOF
awk '
BEGIN { skip_openai_proxy = 0 }
/^[[:space:]]*model_provider[[:space:]]*=/ { next }
@@ -1464,18 +1444,18 @@ jobs:
DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0')
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
- cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_59af077345b1efdf_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_83989e723e4b6363_EOF
[history]
persistence = "none"
[shell_environment_policy]
inherit = "core"
include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"]
- GH_AW_MCP_CONFIG_59af077345b1efdf_EOF
+ GH_AW_MCP_CONFIG_83989e723e4b6363_EOF
# Generate JSON config for MCP gateway
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_86c58e2a0b00c686_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_74ef9f9e92463bcf_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
},
@@ -1486,11 +1466,11 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_86c58e2a0b00c686_EOF
+ GH_AW_MCP_CONFIG_74ef9f9e92463bcf_EOF
# Sync converter output to writable CODEX_HOME for Codex
mkdir -p /tmp/gh-aw/mcp-config
- cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_c77ce83186788eca_EOF
+ cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_127ee8cf23ee600e_EOF
model_provider = "openai-proxy"
[model_providers.openai-proxy]
name = "OpenAI AWF proxy"
@@ -1500,7 +1480,7 @@ jobs:
[shell_environment_policy]
inherit = "core"
include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"]
- GH_AW_CODEX_SHELL_POLICY_c77ce83186788eca_EOF
+ GH_AW_CODEX_SHELL_POLICY_127ee8cf23ee600e_EOF
awk '
BEGIN { skip_openai_proxy = 0 }
/^[[:space:]]*model_provider[[:space:]]*=/ { next }
@@ -1599,7 +1579,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-call-workflow ') || startsWith(github.event.issue.body, '/smoke-call-workflow\n') || github.event.issue.body == '/smoke-call-workflow') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-call-workflow ') || startsWith(github.event.pull_request.body, '/smoke-call-workflow\n') || github.event.pull_request.body == '/smoke-call-workflow') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-call-workflow ') || startsWith(github.event.discussion.body, '/smoke-call-workflow\n') || github.event.discussion.body == '/smoke-call-workflow') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-call-workflow ') || startsWith(github.event.comment.body, '/smoke-call-workflow\n') || github.event.comment.body == '/smoke-call-workflow')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-call-workflow.md b/.github/workflows/smoke-call-workflow.md
index 6626e9c5706..ce4554a4ca3 100644
--- a/.github/workflows/smoke-call-workflow.md
+++ b/.github/workflows/smoke-call-workflow.md
@@ -3,7 +3,10 @@ emoji: "🧪"
name: Smoke Call Workflow
description: Smoke test for the call-workflow safe output - orchestrator that calls a worker via workflow_call at compile-time fan-out
on:
- slash_command: smoke-call-workflow
+ slash_command:
+ name: smoke-call-workflow
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml
index d0681f8fd34..28f71244f4e 100644
--- a/.github/workflows/smoke-claude.lock.yml
+++ b/.github/workflows/smoke-claude.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"aeab7d4f45eebb569410e2fcdab09da5c5947952b679d6b4c4705aa1ad490dcc","body_hash":"53cbf40aa3b166906283c592df5eaaf98f7ae83ac7bfa99d4a939413a804dd24","agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"bdcf2ac3c6bdf12f308a7bcfe7e5119594c56f61afbb57cf2d95ee999361557e","body_hash":"53cbf40aa3b166906283c592df5eaaf98f7ae83ac7bfa99d4a939413a804dd24","agent_id":"claude"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","TAVILY_API_KEY"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"},{"repo":"github/codeql-action/upload-sarif","sha":"7211b7c8077ea37d8641b6271f6a365a22a5fbfa","version":"v4.36.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -76,32 +76,11 @@
name: "Smoke Claude"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -128,12 +107,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-claude ') || startsWith(github.event.issue.body, '/smoke-claude\n') || github.event.issue.body == '/smoke-claude') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-claude ') || startsWith(github.event.pull_request.body, '/smoke-claude\n') || github.event.pull_request.body == '/smoke-claude') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-claude ') || startsWith(github.event.discussion.body, '/smoke-claude\n') || github.event.discussion.body == '/smoke-claude') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -225,7 +205,7 @@ jobs:
await main();
- name: Add heart reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "heart"
@@ -289,7 +269,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Claude"
@@ -318,9 +298,9 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_f0826beead8d7c82_EOF'
+ cat << 'GH_AW_PROMPT_b6a0b4c383b3f520_EOF'
- GH_AW_PROMPT_f0826beead8d7c82_EOF
+ GH_AW_PROMPT_b6a0b4c383b3f520_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -328,16 +308,16 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_f0826beead8d7c82_EOF'
+ cat << 'GH_AW_PROMPT_b6a0b4c383b3f520_EOF'
Tools: add_comment(max:2), create_issue, close_pull_request, update_pull_request, create_pull_request_review_comment(max:5), submit_pull_request_review, resolve_pull_request_review_thread(max:5), add_labels, add_reviewer(max:2), push_to_pull_request_branch, create_code_scanning_alert, create_check_run, missing_tool, missing_data, noop, post_slack_message
- GH_AW_PROMPT_f0826beead8d7c82_EOF
+ GH_AW_PROMPT_b6a0b4c383b3f520_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_push_to_pr_branch.md"
- cat << 'GH_AW_PROMPT_f0826beead8d7c82_EOF'
+ cat << 'GH_AW_PROMPT_b6a0b4c383b3f520_EOF'
- GH_AW_PROMPT_f0826beead8d7c82_EOF
+ GH_AW_PROMPT_b6a0b4c383b3f520_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_f0826beead8d7c82_EOF'
+ cat << 'GH_AW_PROMPT_b6a0b4c383b3f520_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -379,7 +359,7 @@ jobs:
stop immediately and report the limitation rather than spending turns trying to work around it.
- GH_AW_PROMPT_f0826beead8d7c82_EOF
+ GH_AW_PROMPT_b6a0b4c383b3f520_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
@@ -387,7 +367,7 @@ jobs:
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_push_to_pr_branch_guidance.md"
fi
- cat << 'GH_AW_PROMPT_f0826beead8d7c82_EOF'
+ cat << 'GH_AW_PROMPT_b6a0b4c383b3f520_EOF'
## Serena Code Analysis
@@ -771,7 +751,7 @@ jobs:
{{#runtime-import shared/noop-reminder.md}}
- GH_AW_PROMPT_f0826beead8d7c82_EOF
+ GH_AW_PROMPT_b6a0b4c383b3f520_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -1113,9 +1093,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_f32cc23789f1f713_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_b0e3ea3984cfeaa3_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-claude"]},"add_reviewer":{"max":2,"target":"*"},"close_pull_request":{"max":1,"staged":true},"create_check_run":{"max":1,"name":"Smoke Claude: Agent Status"},"create_code_scanning_alert":{"driver":"Smoke Claude"},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-claude","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT","target":"*"},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"post_slack_message":{"description":"Post a message to a fictitious Slack channel (smoke test only — no real Slack integration)","inputs":{"channel":{"default":"#general","description":"Slack channel name to post to","required":false,"type":"string"},"message":{"description":"Message text to post","required":false,"type":"string"}}},"push_to_pull_request_branch":{"allowed_files":["smoke-test-files/smoke-claude-push-test.md"],"if_no_changes":"warn","max_patch_size":1024,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","CLAUDE.md","AGENTS.md"],"required_labels":["smoke-claude"],"staged":true,"target":"*"},"report_incomplete":{},"resolve_pull_request_review_thread":{"max":5},"submit_pull_request_review":{"footer":"always","max":1},"update_pull_request":{"allow_body":true,"allow_title":true,"max":1,"target":"*","update_branch":false}}
- GH_AW_SAFE_OUTPUTS_CONFIG_f32cc23789f1f713_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_b0e3ea3984cfeaa3_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1564,7 +1544,7 @@ jobs:
- name: Write MCP Scripts Config
run: |
mkdir -p "${RUNNER_TEMP}/gh-aw/mcp-scripts/logs"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_9cdef67c68a5b136_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_0d6827a13ac554cc_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -1694,8 +1674,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_9cdef67c68a5b136_EOF
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_d7b4d95d4cb0d37d_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_0d6827a13ac554cc_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_357560e26dfc8518_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -1709,12 +1689,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_d7b4d95d4cb0d37d_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_357560e26dfc8518_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs"
- name: Write MCP Scripts Tool Files
run: |
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_960094a635cd6c7c_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_961859ae3d733e52_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1851,9 +1831,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_960094a635cd6c7c_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_961859ae3d733e52_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_7fb69814400e716b_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_1914a369b47bc95f_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1933,9 +1913,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_7fb69814400e716b_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_1914a369b47bc95f_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_2efad3753abc3009_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_fa198a443cf80e4b_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -2021,9 +2001,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_2efad3753abc3009_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_fa198a443cf80e4b_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh" << 'GH_AW_MCP_SCRIPTS_SH_GO_b2fe128bb0145948_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh" << 'GH_AW_MCP_SCRIPTS_SH_GO_9e95bc097cb0c647_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: go
# Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -2035,9 +2015,9 @@ jobs:
go $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GO_b2fe128bb0145948_EOF
+ GH_AW_MCP_SCRIPTS_SH_GO_9e95bc097cb0c647_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh" << 'GH_AW_MCP_SCRIPTS_SH_MAKE_f65c18f85fd3dad4_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh" << 'GH_AW_MCP_SCRIPTS_SH_MAKE_3e5a1b7b6ddd752f_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: make
# Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -2049,7 +2029,7 @@ jobs:
make $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_MAKE_f65c18f85fd3dad4_EOF
+ GH_AW_MCP_SCRIPTS_SH_MAKE_3e5a1b7b6ddd752f_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh"
- name: Generate MCP Scripts Server Config
@@ -2124,7 +2104,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -e GH_TOKEN -e TAVILY_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_e94380aa05061ae5_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_2c597ac236547337_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"agenticworkflows": {
@@ -2232,7 +2212,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_e94380aa05061ae5_EOF
+ GH_AW_MCP_CONFIG_2c597ac236547337_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -3040,7 +3020,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-claude ') || startsWith(github.event.issue.body, '/smoke-claude\n') || github.event.issue.body == '/smoke-claude') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-claude ') || startsWith(github.event.pull_request.body, '/smoke-claude\n') || github.event.pull_request.body == '/smoke-claude') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-claude ') || startsWith(github.event.discussion.body, '/smoke-claude\n') || github.event.discussion.body == '/smoke-claude') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-claude ') || startsWith(github.event.comment.body, '/smoke-claude\n') || github.event.comment.body == '/smoke-claude')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke')
runs-on: ubuntu-slim
permissions:
contents: read
@@ -3186,7 +3168,7 @@ jobs:
echo "GH_HOST=${GH_HOST}" >> "$GITHUB_ENV"
- name: Configure Safe Outputs Custom Scripts
run: |
- cat > "${RUNNER_TEMP}/gh-aw/actions/safe_output_script_post_slack_message.cjs" << 'GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_7be68ac466c0688a_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/actions/safe_output_script_post_slack_message.cjs" << 'GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_0e53dbb3b5b071d6_EOF'
// @ts-check
///
// Auto-generated safe-output script handler: post-slack-message
@@ -3206,7 +3188,7 @@ jobs:
}
module.exports = { main };
- GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_7be68ac466c0688a_EOF
+ GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_0e53dbb3b5b071d6_EOF
- name: Process Safe Outputs
id: process_safe_outputs
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
diff --git a/.github/workflows/smoke-claude.md b/.github/workflows/smoke-claude.md
index e92baed1c1b..1b20b2a4127 100644
--- a/.github/workflows/smoke-claude.md
+++ b/.github/workflows/smoke-claude.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke test workflow that validates Claude engine functionality by reviewing recent PRs twice daily
on:
- slash_command: smoke-claude
+ slash_command:
+ name: smoke-claude
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml
index aef3d969094..dce5d0cd669 100644
--- a/.github/workflows/smoke-codex.lock.yml
+++ b/.github/workflows/smoke-codex.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"8b7f8ab2c767056b1db2e66a2fab46ac4bb7a076a2d43a6ae8a2987d37230d3c","body_hash":"3f86f90be7b76e4f629470b1e5dbf494f15ff00577f4598b6782cfb26007f947","agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"b341011f20b38de67f2e6a504653ae9d2456f4de75b4a2991c6586e2531de7ce","body_hash":"3f86f90be7b76e4f629470b1e5dbf494f15ff00577f4598b6782cfb26007f947","agent_id":"codex"}
# gh-aw-manifest: {"version":1,"secrets":["CODEX_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","OPENAI_API_KEY"],"actions":[{"repo":"actions-ecosystem/action-add-labels","sha":"c96b68fec76a0987cd93957189e9abd0b9a72ff1","version":"v1.1.3"},{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -69,32 +69,11 @@
name: "Smoke Codex"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -121,12 +100,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-codex ') || startsWith(github.event.issue.body, '/smoke-codex\n') || github.event.issue.body == '/smoke-codex') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-codex ') || startsWith(github.event.pull_request.body, '/smoke-codex\n') || github.event.pull_request.body == '/smoke-codex') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-codex ') || startsWith(github.event.discussion.body, '/smoke-codex\n') || github.event.discussion.body == '/smoke-codex') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -218,7 +198,7 @@ jobs:
await main();
- name: Add hooray reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "hooray"
@@ -283,7 +263,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Codex"
@@ -313,25 +293,25 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_3c0f916e92f35f20_EOF'
+ cat << 'GH_AW_PROMPT_fbf9ec94ce10d73b_EOF'
- GH_AW_PROMPT_3c0f916e92f35f20_EOF
+ GH_AW_PROMPT_fbf9ec94ce10d73b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/playwright_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_3c0f916e92f35f20_EOF'
+ cat << 'GH_AW_PROMPT_fbf9ec94ce10d73b_EOF'
Tools: add_comment(max:2), create_issue, add_labels, remove_labels, unassign_from_user, hide_comment(max:5), set_issue_field, missing_tool, missing_data, noop, add_smoked_label
- GH_AW_PROMPT_3c0f916e92f35f20_EOF
+ GH_AW_PROMPT_fbf9ec94ce10d73b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_comment_memory.md"
- cat << 'GH_AW_PROMPT_3c0f916e92f35f20_EOF'
+ cat << 'GH_AW_PROMPT_fbf9ec94ce10d73b_EOF'
- GH_AW_PROMPT_3c0f916e92f35f20_EOF
+ GH_AW_PROMPT_fbf9ec94ce10d73b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_3c0f916e92f35f20_EOF'
+ cat << 'GH_AW_PROMPT_fbf9ec94ce10d73b_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -373,12 +353,12 @@ jobs:
stop immediately and report the limitation rather than spending turns trying to work around it.
- GH_AW_PROMPT_3c0f916e92f35f20_EOF
+ GH_AW_PROMPT_fbf9ec94ce10d73b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_3c0f916e92f35f20_EOF'
+ cat << 'GH_AW_PROMPT_fbf9ec94ce10d73b_EOF'
## Serena Code Analysis
@@ -419,7 +399,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-codex.md}}
- GH_AW_PROMPT_3c0f916e92f35f20_EOF
+ GH_AW_PROMPT_fbf9ec94ce10d73b_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -700,9 +680,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_c479273e2e422054_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_a600254dfefca784_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-codex"]},"add_smoked_label":true,"comment_memory":{"max":1,"memory_id":"default"},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-codex","expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"hide_comment":{"max":5},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"report_incomplete":{},"set_issue_field":{"allowed_fields":["*"],"max":1},"unassign_from_user":{"allowed":["githubactionagent"],"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_c479273e2e422054_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_a600254dfefca784_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1096,7 +1076,7 @@ jobs:
DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0')
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
- cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_d52abf101afed3c0_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_805dea6f43c87be2_EOF
[history]
persistence = "none"
@@ -1138,11 +1118,11 @@ jobs:
[mcp_servers.serena."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_d52abf101afed3c0_EOF
+ GH_AW_MCP_CONFIG_805dea6f43c87be2_EOF
# Generate JSON config for MCP gateway
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_d52abf101afed3c0_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_805dea6f43c87be2_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -1213,11 +1193,11 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_d52abf101afed3c0_EOF
+ GH_AW_MCP_CONFIG_805dea6f43c87be2_EOF
# Sync converter output to writable CODEX_HOME for Codex
mkdir -p /tmp/gh-aw/mcp-config
- cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_74055f55fd38d036_EOF
+ cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_b684e3d57a289b09_EOF
model_provider = "openai-proxy"
@@ -1229,7 +1209,7 @@ jobs:
[shell_environment_policy]
inherit = "core"
include_only = ["^CODEX_API_KEY$", "^GH_AW_ASSETS_ALLOWED_EXTS$", "^GH_AW_ASSETS_BRANCH$", "^GH_AW_ASSETS_MAX_SIZE_KB$", "^GH_AW_SAFE_OUTPUTS$", "^GITHUB_PERSONAL_ACCESS_TOKEN$", "^GITHUB_REPOSITORY$", "^GITHUB_SERVER_URL$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"]
- GH_AW_CODEX_SHELL_POLICY_74055f55fd38d036_EOF
+ GH_AW_CODEX_SHELL_POLICY_b684e3d57a289b09_EOF
awk '
BEGIN { skip_openai_proxy = 0 }
/^[[:space:]]*model_provider[[:space:]]*=/ { next }
@@ -1862,18 +1842,18 @@ jobs:
DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0')
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
- cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_0505282866bf8277_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_3ec6f7bc202ed88f_EOF
[history]
persistence = "none"
[shell_environment_policy]
inherit = "core"
include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"]
- GH_AW_MCP_CONFIG_0505282866bf8277_EOF
+ GH_AW_MCP_CONFIG_3ec6f7bc202ed88f_EOF
# Generate JSON config for MCP gateway
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_ddb2bad4f2e72e1d_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_c9d12c5ecc0bedd1_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
},
@@ -1884,11 +1864,11 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_ddb2bad4f2e72e1d_EOF
+ GH_AW_MCP_CONFIG_c9d12c5ecc0bedd1_EOF
# Sync converter output to writable CODEX_HOME for Codex
mkdir -p /tmp/gh-aw/mcp-config
- cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_4c16ccbbcf589a2e_EOF
+ cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_875a78ef8dfaa927_EOF
model_provider = "openai-proxy"
[model_providers.openai-proxy]
name = "OpenAI AWF proxy"
@@ -1898,7 +1878,7 @@ jobs:
[shell_environment_policy]
inherit = "core"
include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"]
- GH_AW_CODEX_SHELL_POLICY_4c16ccbbcf589a2e_EOF
+ GH_AW_CODEX_SHELL_POLICY_875a78ef8dfaa927_EOF
awk '
BEGIN { skip_openai_proxy = 0 }
/^[[:space:]]*model_provider[[:space:]]*=/ { next }
@@ -1997,7 +1977,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-codex ') || startsWith(github.event.issue.body, '/smoke-codex\n') || github.event.issue.body == '/smoke-codex') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-codex ') || startsWith(github.event.pull_request.body, '/smoke-codex\n') || github.event.pull_request.body == '/smoke-codex') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-codex ') || startsWith(github.event.discussion.body, '/smoke-codex\n') || github.event.discussion.body == '/smoke-codex') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-codex ') || startsWith(github.event.comment.body, '/smoke-codex\n') || github.event.comment.body == '/smoke-codex')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-codex.md b/.github/workflows/smoke-codex.md
index 80d3fc879ff..6d3d161fecb 100644
--- a/.github/workflows/smoke-codex.md
+++ b/.github/workflows/smoke-codex.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke test workflow that validates Codex engine functionality by reviewing recent PRs twice daily
on:
- slash_command: smoke-codex
+ slash_command:
+ name: smoke-codex
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
inputs:
aw_context:
diff --git a/.github/workflows/smoke-copilot-arm.lock.yml b/.github/workflows/smoke-copilot-arm.lock.yml
index 252a8fe9750..906790348f6 100644
--- a/.github/workflows/smoke-copilot-arm.lock.yml
+++ b/.github/workflows/smoke-copilot-arm.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"89b620ce7bebb6281a9ecf6fe404616e2f9c34b296dd833190a6bfe4c252f012","body_hash":"5eaf4508ba953bd071b80322ab9aa26daf1e6ccfbc52bc2410d1c36a9f36b334","agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"4b50357bbeedb20bb52c6ac85446cf6b3eb645f22031b93c389ae86926088698","body_hash":"5eaf4508ba953bd071b80322ab9aa26daf1e6ccfbc52bc2410d1c36a9f36b334","agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -68,32 +68,11 @@
name: "Smoke Copilot ARM64"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - water # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -120,12 +99,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-copilot-arm ') || startsWith(github.event.issue.body, '/smoke-copilot-arm\n') || github.event.issue.body == '/smoke-copilot-arm') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-copilot-arm ') || startsWith(github.event.pull_request.body, '/smoke-copilot-arm\n') || github.event.pull_request.body == '/smoke-copilot-arm') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-copilot-arm ') || startsWith(github.event.discussion.body, '/smoke-copilot-arm\n') || github.event.discussion.body == '/smoke-copilot-arm') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -217,7 +197,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -281,7 +261,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Copilot ARM64"
@@ -310,9 +290,9 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_8b17bd52f5074603_EOF'
+ cat << 'GH_AW_PROMPT_d73e602c49237f7e_EOF'
- GH_AW_PROMPT_8b17bd52f5074603_EOF
+ GH_AW_PROMPT_d73e602c49237f7e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -320,13 +300,13 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_8b17bd52f5074603_EOF'
+ cat << 'GH_AW_PROMPT_d73e602c49237f7e_EOF'
Tools: add_comment(max:2), create_issue, create_discussion, create_pull_request_review_comment(max:5), submit_pull_request_review, add_labels, remove_labels, dispatch_workflow, missing_tool, missing_data, noop, send_slack_message
- GH_AW_PROMPT_8b17bd52f5074603_EOF
+ GH_AW_PROMPT_d73e602c49237f7e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_8b17bd52f5074603_EOF'
+ cat << 'GH_AW_PROMPT_d73e602c49237f7e_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -355,12 +335,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_8b17bd52f5074603_EOF
+ GH_AW_PROMPT_d73e602c49237f7e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_8b17bd52f5074603_EOF'
+ cat << 'GH_AW_PROMPT_d73e602c49237f7e_EOF'
## Serena Code Analysis
@@ -401,7 +381,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-copilot-arm.md}}
- GH_AW_PROMPT_8b17bd52f5074603_EOF
+ GH_AW_PROMPT_d73e602c49237f7e_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -734,9 +714,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_16c180a10120adc9_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_b5e0b3c79985b084_EOF'
{"add_comment":{"allowed_repos":["github/gh-aw"],"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-copilot-arm"],"allowed_repos":["github/gh-aw"]},"create_discussion":{"category":"announcements","close_older_discussions":true,"expires":2,"fallback_to_issue":true,"labels":["ai-generated"],"max":1},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-copilot-arm","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT"},"create_report_incomplete_issue":{},"dispatch_workflow":{"max":1,"workflow_files":{"haiku-printer":".yml"},"workflows":["haiku-printer"]},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"report_incomplete":{},"send-slack-message":{"description":"Send a message to Slack (stub for testing)","inputs":{"message":{"description":"The message to send","required":false,"type":"string"}},"output":"Slack message stub executed!"},"submit_pull_request_review":{"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_16c180a10120adc9_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_b5e0b3c79985b084_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1100,7 +1080,7 @@ jobs:
- name: Write MCP Scripts Config
run: |
mkdir -p "${RUNNER_TEMP}/gh-aw/mcp-scripts/logs"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_785e718cd8bc1e67_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_1f5f73b209ebedd8_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -1194,8 +1174,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_785e718cd8bc1e67_EOF
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_dca70f42e398bc8e_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_1f5f73b209ebedd8_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_f91a035be7a57cd6_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -1209,12 +1189,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_dca70f42e398bc8e_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_f91a035be7a57cd6_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs"
- name: Write MCP Scripts Tool Files
run: |
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_f590a57181d65683_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_4624efbdcb206181_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1351,9 +1331,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_f590a57181d65683_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_4624efbdcb206181_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_e01863c9de76bd98_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_51c89e100860ead3_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1433,9 +1413,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_e01863c9de76bd98_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_51c89e100860ead3_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_08e558e39f9dc555_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_37bd7260d837987b_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1521,7 +1501,7 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_08e558e39f9dc555_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_37bd7260d837987b_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh"
- name: Generate MCP Scripts Server Config
@@ -1601,7 +1581,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_0a9982489ada886e_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_fd63de6b5ec1db45_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"agenticworkflows": {
@@ -1709,7 +1689,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_0a9982489ada886e_EOF
+ GH_AW_MCP_CONFIG_fd63de6b5ec1db45_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -2409,7 +2389,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-copilot-arm ') || startsWith(github.event.issue.body, '/smoke-copilot-arm\n') || github.event.issue.body == '/smoke-copilot-arm') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-copilot-arm ') || startsWith(github.event.pull_request.body, '/smoke-copilot-arm\n') || github.event.pull_request.body == '/smoke-copilot-arm') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-copilot-arm ') || startsWith(github.event.discussion.body, '/smoke-copilot-arm\n') || github.event.discussion.body == '/smoke-copilot-arm') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-arm ') || startsWith(github.event.comment.body, '/smoke-copilot-arm\n') || github.event.comment.body == '/smoke-copilot-arm')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-copilot-arm.md b/.github/workflows/smoke-copilot-arm.md
index eb727c29118..bea8c3af85a 100644
--- a/.github/workflows/smoke-copilot-arm.md
+++ b/.github/workflows/smoke-copilot-arm.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke Copilot ARM64
on:
- slash_command: smoke-copilot-arm
+ slash_command:
+ name: smoke-copilot-arm
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-copilot-sdk.lock.yml b/.github/workflows/smoke-copilot-sdk.lock.yml
index e6388b6d9b0..d4cf88aaac2 100644
--- a/.github/workflows/smoke-copilot-sdk.lock.yml
+++ b/.github/workflows/smoke-copilot-sdk.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"060f21fc34dc7679b7dc6b32e39bf6c3c4a96a87ec1a870b53cd879a7060978c","body_hash":"c29aab69d3ce89bf57c600eccadae2604be0217feaf2b4247ae6c5a2d6c1d01d","strict":true,"agent_id":"copilot","agent_model":"gpt-5.4"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"d3a05b6c1db1d7c05ee9006ecf80636e74109785f47a4b15ad7d87a236fe2c84","body_hash":"c29aab69d3ce89bf57c600eccadae2604be0217feaf2b4247ae6c5a2d6c1d01d","strict":true,"agent_id":"copilot","agent_model":"gpt-5.4"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -48,33 +48,6 @@
name: "Smoke Copilot SDK"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
- pull_request:
- types:
- - opened
- - edited
- - reopened
- - labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -93,12 +66,14 @@ run-name: "Smoke Copilot SDK"
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-copilot-sdk ') || startsWith(github.event.issue.body, '/smoke-copilot-sdk\n') || github.event.issue.body == '/smoke-copilot-sdk') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-copilot-sdk ') || startsWith(github.event.pull_request.body, '/smoke-copilot-sdk\n') || github.event.pull_request.body == '/smoke-copilot-sdk') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-copilot-sdk ') || startsWith(github.event.discussion.body, '/smoke-copilot-sdk\n') || github.event.discussion.body == '/smoke-copilot-sdk') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')) || github.event_name == 'pull_request' && github.event.label.name == 'smoke-sdk')"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' &&
+ fromJSON(github.event.inputs.aw_context || '{}').trigger_label == 'smoke-sdk' || !(fromJSON(github.event.inputs.aw_context ||
+ '{}').event_type == 'pull_request'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -189,7 +164,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -255,7 +230,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Copilot SDK"
@@ -296,20 +271,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_88bb64c093b05d07_EOF'
+ cat << 'GH_AW_PROMPT_748f84b4c8306038_EOF'
- GH_AW_PROMPT_88bb64c093b05d07_EOF
+ GH_AW_PROMPT_748f84b4c8306038_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_88bb64c093b05d07_EOF'
+ cat << 'GH_AW_PROMPT_748f84b4c8306038_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_88bb64c093b05d07_EOF
+ GH_AW_PROMPT_748f84b4c8306038_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_88bb64c093b05d07_EOF'
+ cat << 'GH_AW_PROMPT_748f84b4c8306038_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -338,15 +313,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_88bb64c093b05d07_EOF
+ GH_AW_PROMPT_748f84b4c8306038_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_88bb64c093b05d07_EOF'
+ cat << 'GH_AW_PROMPT_748f84b4c8306038_EOF'
{{#runtime-import .github/workflows/smoke-copilot-sdk.md}}
- GH_AW_PROMPT_88bb64c093b05d07_EOF
+ GH_AW_PROMPT_748f84b4c8306038_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -574,9 +549,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_765a2737e8c7b0f7_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_429b14b3839bb146_EOF'
{"create_issue":{"close_older_issues":true,"close_older_key":"smoke-copilot-sdk","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_765a2737e8c7b0f7_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_429b14b3839bb146_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -784,7 +759,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_845b346914e1548c_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_648eb448eac524ac_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -825,7 +800,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_845b346914e1548c_EOF
+ GH_AW_MCP_CONFIG_648eb448eac524ac_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1475,7 +1450,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-copilot-sdk ') || startsWith(github.event.issue.body, '/smoke-copilot-sdk\n') || github.event.issue.body == '/smoke-copilot-sdk') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-copilot-sdk ') || startsWith(github.event.pull_request.body, '/smoke-copilot-sdk\n') || github.event.pull_request.body == '/smoke-copilot-sdk') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-copilot-sdk ') || startsWith(github.event.discussion.body, '/smoke-copilot-sdk\n') || github.event.discussion.body == '/smoke-copilot-sdk') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-copilot-sdk ') || startsWith(github.event.comment.body, '/smoke-copilot-sdk\n') || github.event.comment.body == '/smoke-copilot-sdk')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')) || github.event_name == 'pull_request' && github.event.label.name == 'smoke-sdk')"
+ if: >
+ fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' && fromJSON(github.event.inputs.aw_context ||
+ '{}').trigger_label == 'smoke-sdk' || !(fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-copilot-sdk.md b/.github/workflows/smoke-copilot-sdk.md
index 2ddfd200a74..c0259b0140d 100644
--- a/.github/workflows/smoke-copilot-sdk.md
+++ b/.github/workflows/smoke-copilot-sdk.md
@@ -2,7 +2,10 @@
emoji: "🔬"
description: Smoke Copilot SDK
on:
- slash_command: smoke-copilot-sdk
+ slash_command:
+ name: smoke-copilot-sdk
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
label_command:
name: smoke-sdk
diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml
index 93425b46615..fd8ef015219 100644
--- a/.github/workflows/smoke-copilot.lock.yml
+++ b/.github/workflows/smoke-copilot.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"fcbb90b61f8a1f7193579f84d7d867d1bc9141211b5885767a5bcd27b6085013","body_hash":"c2054c1d33644aad214f0f0cc8949a4f09c5d478872f4254fc413bf41d868061","agent_id":"copilot","agent_model":"gpt-5.4"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"6c2f1423362a13a9255a6876c4ebc430bb8879f6eec25f142df34df6f8151591","body_hash":"c2054c1d33644aad214f0f0cc8949a4f09c5d478872f4254fc413bf41d868061","agent_id":"copilot","agent_model":"gpt-5.4"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"},{"repo":"docker/build-push-action","sha":"f9f3042f7e2789586610d6e8b85c8f03e5195baf","version":"v7.2.0"},{"repo":"docker/setup-buildx-action","sha":"d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5","version":"v4.1.0"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"ghcr.io/github/serena-mcp-server:latest","digest":"sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5","pinned_image":"ghcr.io/github/serena-mcp-server:latest@sha256:bf343399e3725c45528f531a230f3a04521d4cdef29f9a5af6282ff0d3c393c5"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -68,33 +68,6 @@
name: "Smoke Copilot"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
- pull_request:
- types:
- - opened
- - edited
- - reopened
- - labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -121,12 +94,14 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-copilot ') || startsWith(github.event.issue.body, '/smoke-copilot\n') || github.event.issue.body == '/smoke-copilot') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-copilot ') || startsWith(github.event.pull_request.body, '/smoke-copilot\n') || github.event.pull_request.body == '/smoke-copilot') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-copilot ') || startsWith(github.event.discussion.body, '/smoke-copilot\n') || github.event.discussion.body == '/smoke-copilot') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')) || github.event_name == 'pull_request' && github.event.label.name == 'smoke')"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' &&
+ fromJSON(github.event.inputs.aw_context || '{}').trigger_label == 'smoke' || !(fromJSON(github.event.inputs.aw_context ||
+ '{}').event_type == 'pull_request'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -222,7 +197,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -288,7 +263,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Copilot"
@@ -367,9 +342,9 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_0da205c98d4777eb_EOF'
+ cat << 'GH_AW_PROMPT_0615b82f3f878597_EOF'
- GH_AW_PROMPT_0da205c98d4777eb_EOF
+ GH_AW_PROMPT_0615b82f3f878597_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -377,16 +352,16 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_0da205c98d4777eb_EOF'
+ cat << 'GH_AW_PROMPT_0615b82f3f878597_EOF'
Tools: add_comment(max:2), create_issue, create_discussion, create_pull_request_review_comment(max:5), submit_pull_request_review, reply_to_pull_request_review_comment(max:5), add_labels, remove_labels, create_check_run, set_issue_type, dispatch_workflow, missing_tool, missing_data, noop, send_slack_message
- GH_AW_PROMPT_0da205c98d4777eb_EOF
+ GH_AW_PROMPT_0615b82f3f878597_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_comment_memory.md"
- cat << 'GH_AW_PROMPT_0da205c98d4777eb_EOF'
+ cat << 'GH_AW_PROMPT_0615b82f3f878597_EOF'
- GH_AW_PROMPT_0da205c98d4777eb_EOF
+ GH_AW_PROMPT_0615b82f3f878597_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_0da205c98d4777eb_EOF'
+ cat << 'GH_AW_PROMPT_0615b82f3f878597_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -415,12 +390,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_0da205c98d4777eb_EOF
+ GH_AW_PROMPT_0615b82f3f878597_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_0da205c98d4777eb_EOF'
+ cat << 'GH_AW_PROMPT_0615b82f3f878597_EOF'
## Serena Code Analysis
@@ -461,7 +436,7 @@ jobs:
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-copilot.md}}
- GH_AW_PROMPT_0da205c98d4777eb_EOF
+ GH_AW_PROMPT_0615b82f3f878597_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -812,9 +787,9 @@ jobs:
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs/upload-artifacts"
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_8c9743fdab9f7184_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_8e27f952b1220c28_EOF'
{"add_comment":{"allowed_repos":["github/gh-aw"],"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-copilot"],"allowed_repos":["github/gh-aw"]},"comment_memory":{"max":1,"memory_id":"default"},"create_check_run":{"max":1,"name":"Smoke Copilot"},"create_discussion":{"category":"announcements","close_older_discussions":true,"close_older_key":"smoke-copilot","expires":2,"fallback_to_issue":true,"labels":["ai-generated"],"max":1},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-copilot","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT"},"create_report_incomplete_issue":{},"dispatch_workflow":{"max":1,"workflow_files":{"haiku-printer":".yml"},"workflows":["haiku-printer"]},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"reply_to_pull_request_review_comment":{"max":5},"report_incomplete":{},"send-slack-message":{"description":"Send a message to Slack (stub for testing)","inputs":{"message":{"description":"The message to send","required":false,"type":"string"}},"output":"Slack message stub executed!"},"set_issue_type":{},"submit_pull_request_review":{"max":1},"upload_artifact":{"max-size-bytes":104857600,"max-uploads":1,"retention-days":1,"skip-archive":true}}
- GH_AW_SAFE_OUTPUTS_CONFIG_8c9743fdab9f7184_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_8e27f952b1220c28_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1245,7 +1220,7 @@ jobs:
- name: Write MCP Scripts Config
run: |
mkdir -p "${RUNNER_TEMP}/gh-aw/mcp-scripts/logs"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_9b557e45aebf4282_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json" << 'GH_AW_MCP_SCRIPTS_TOOLS_bc9c8072071ce290_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -1339,8 +1314,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_9b557e45aebf4282_EOF
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_f1734778eb83cd01_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_bc9c8072071ce290_EOF
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs" << 'GH_AW_MCP_SCRIPTS_SERVER_863ed157f4520919_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -1354,12 +1329,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_f1734778eb83cd01_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_863ed157f4520919_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs"
- name: Write MCP Scripts Tool Files
run: |
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_26041a79d319da0a_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_6e200b0def5134db_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1496,9 +1471,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_26041a79d319da0a_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_6e200b0def5134db_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_443012c84b5640e2_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_0e5a17de0f27ed9e_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1578,9 +1553,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_443012c84b5640e2_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_0e5a17de0f27ed9e_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh"
- cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_a31753aa186417d5_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh" << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_73c00761f5ca3837_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1666,7 +1641,7 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_a31753aa186417d5_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_73c00761f5ca3837_EOF
chmod +x "${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh"
- name: Generate MCP Scripts Server Config
@@ -1743,7 +1718,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_c69c0221e58a6d7f_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_a43cae605b53d554_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"agenticworkflows": {
@@ -1835,7 +1810,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_c69c0221e58a6d7f_EOF
+ GH_AW_MCP_CONFIG_a43cae605b53d554_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -2567,7 +2542,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-copilot ') || startsWith(github.event.issue.body, '/smoke-copilot\n') || github.event.issue.body == '/smoke-copilot') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-copilot ') || startsWith(github.event.pull_request.body, '/smoke-copilot\n') || github.event.pull_request.body == '/smoke-copilot') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-copilot ') || startsWith(github.event.discussion.body, '/smoke-copilot\n') || github.event.discussion.body == '/smoke-copilot') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-copilot ') || startsWith(github.event.comment.body, '/smoke-copilot\n') || github.event.comment.body == '/smoke-copilot')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')) || github.event_name == 'pull_request' && github.event.label.name == 'smoke')"
+ if: >
+ fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' && fromJSON(github.event.inputs.aw_context ||
+ '{}').trigger_label == 'smoke' || !(fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-copilot.md b/.github/workflows/smoke-copilot.md
index 3865abe5846..116c8a3e2a1 100644
--- a/.github/workflows/smoke-copilot.md
+++ b/.github/workflows/smoke-copilot.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke Copilot
on:
- slash_command: smoke-copilot
+ slash_command:
+ name: smoke-copilot
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
label_command:
name: smoke
diff --git a/.github/workflows/smoke-create-cross-repo-pr.lock.yml b/.github/workflows/smoke-create-cross-repo-pr.lock.yml
index bcba67c2dc6..0930575a3ce 100644
--- a/.github/workflows/smoke-create-cross-repo-pr.lock.yml
+++ b/.github/workflows/smoke-create-cross-repo-pr.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"fef9dbe44a9b2aa3850843ad35d9242ac29577441c326009b1d7ad0747848cdb","body_hash":"e0cf2f21c14dcb9541b6ef43968d627b9a89fdc58f6f38349cd3bcaf2d16e64e","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"02599748c728cdae9dea1a9bbb123c178692535d4968a67faaa255973411a6af","body_hash":"e0cf2f21c14dcb9541b6ef43968d627b9a89fdc58f6f38349cd3bcaf2d16e64e","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["GH_AW_CI_TRIGGER_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GH_AW_SIDE_REPO_PAT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -57,32 +57,11 @@
name: "Smoke Create Cross-Repo PR"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke-create-cross-repo-pr # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -109,12 +88,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.issue.body, '/smoke-create-cross-repo-pr\n') || github.event.issue.body == '/smoke-create-cross-repo-pr') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.pull_request.body, '/smoke-create-cross-repo-pr\n') || github.event.pull_request.body == '/smoke-create-cross-repo-pr') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.discussion.body, '/smoke-create-cross-repo-pr\n') || github.event.discussion.body == '/smoke-create-cross-repo-pr') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-create-cross-repo-pr'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-create-cross-repo-pr'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -205,7 +185,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -264,7 +244,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Create Cross-Repo PR"
@@ -293,23 +273,23 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_4fcb8985612ce65c_EOF'
+ cat << 'GH_AW_PROMPT_f902aae9eb568685_EOF'
- GH_AW_PROMPT_4fcb8985612ce65c_EOF
+ GH_AW_PROMPT_f902aae9eb568685_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_4fcb8985612ce65c_EOF'
+ cat << 'GH_AW_PROMPT_f902aae9eb568685_EOF'
Tools: add_comment(max:2), create_issue, create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_4fcb8985612ce65c_EOF
+ GH_AW_PROMPT_f902aae9eb568685_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_4fcb8985612ce65c_EOF'
+ cat << 'GH_AW_PROMPT_f902aae9eb568685_EOF'
- GH_AW_PROMPT_4fcb8985612ce65c_EOF
+ GH_AW_PROMPT_f902aae9eb568685_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_4fcb8985612ce65c_EOF'
+ cat << 'GH_AW_PROMPT_f902aae9eb568685_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -351,16 +331,16 @@ jobs:
stop immediately and report the limitation rather than spending turns trying to work around it.
- GH_AW_PROMPT_4fcb8985612ce65c_EOF
+ GH_AW_PROMPT_f902aae9eb568685_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_4fcb8985612ce65c_EOF'
+ cat << 'GH_AW_PROMPT_f902aae9eb568685_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-create-cross-repo-pr.md}}
- GH_AW_PROMPT_4fcb8985612ce65c_EOF
+ GH_AW_PROMPT_f902aae9eb568685_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -599,9 +579,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_ecaea0149bd3fa0d_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_2ff020be753e589e_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_issue":{"close_older_issues":true,"expires":2,"labels":["automation","testing"],"max":1},"create_pull_request":{"draft":true,"expires":24,"fallback_as_issue":false,"github-token":"${GH_AW_SECRET_GH_AW_SIDE_REPO_PAT}","if_no_changes":"error","labels":["smoke-test"],"max":1,"max_patch_files":100,"max_patch_size":1024,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","AGENTS.md","CLAUDE.md","GEMINI.md"],"protected_files_policy":"request_review","target-repo":"github/gh-aw-side-repo","title_prefix":"[smoke] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_ecaea0149bd3fa0d_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_2ff020be753e589e_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -876,7 +856,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_2e1bce5ff032bbe7_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_52deed54d8423b54_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -922,7 +902,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_2e1bce5ff032bbe7_EOF
+ GH_AW_MCP_CONFIG_52deed54d8423b54_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1599,7 +1579,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.issue.body, '/smoke-create-cross-repo-pr\n') || github.event.issue.body == '/smoke-create-cross-repo-pr') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.pull_request.body, '/smoke-create-cross-repo-pr\n') || github.event.pull_request.body == '/smoke-create-cross-repo-pr') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.discussion.body, '/smoke-create-cross-repo-pr\n') || github.event.discussion.body == '/smoke-create-cross-repo-pr') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-create-cross-repo-pr\n') || github.event.comment.body == '/smoke-create-cross-repo-pr')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-create-cross-repo-pr'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-create-cross-repo-pr')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-create-cross-repo-pr.md b/.github/workflows/smoke-create-cross-repo-pr.md
index a39383661a6..d8fed7e38ac 100644
--- a/.github/workflows/smoke-create-cross-repo-pr.md
+++ b/.github/workflows/smoke-create-cross-repo-pr.md
@@ -3,7 +3,10 @@ emoji: "🧪"
name: Smoke Create Cross-Repo PR
description: Smoke test validating cross-repo pull request creation in github/gh-aw-side-repo
on:
- slash_command: smoke-create-cross-repo-pr
+ slash_command:
+ name: smoke-create-cross-repo-pr
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-crush.lock.yml b/.github/workflows/smoke-crush.lock.yml
index ce160cf0ca3..a244f9f1bcd 100644
--- a/.github/workflows/smoke-crush.lock.yml
+++ b/.github/workflows/smoke-crush.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"56a5bea9f0ec705bc4cbc319cc605c3691aa97f22eedef4c80e9c5b01cfc9448","body_hash":"ccbb31d4c57ee1e5970fa24740bd39ad4b104b4d329996322a8caf38a03613ba","strict":true,"agent_id":"crush","agent_model":"anthropic/claude-sonnet-4-20250514"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"f2d3bf65ff80b21286ab6bf38827e290806f1ac496e2aff24cc5f0dcf3acd726","body_hash":"ccbb31d4c57ee1e5970fa24740bd39ad4b104b4d329996322a8caf38a03613ba","strict":true,"agent_id":"crush","agent_model":"anthropic/claude-sonnet-4-20250514"}
# gh-aw-manifest: {"version":1,"secrets":["ANTHROPIC_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -58,32 +58,11 @@
name: "Smoke Crush"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - water # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -110,12 +89,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-crush ') || startsWith(github.event.issue.body, '/smoke-crush\n') || github.event.issue.body == '/smoke-crush') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-crush ') || startsWith(github.event.pull_request.body, '/smoke-crush\n') || github.event.pull_request.body == '/smoke-crush') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-crush ') || startsWith(github.event.discussion.body, '/smoke-crush\n') || github.event.discussion.body == '/smoke-crush') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -206,7 +186,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -270,7 +250,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Crush"
@@ -298,20 +278,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_693b01623eec2a44_EOF'
+ cat << 'GH_AW_PROMPT_1c25d040c6c87cf6_EOF'
- GH_AW_PROMPT_693b01623eec2a44_EOF
+ GH_AW_PROMPT_1c25d040c6c87cf6_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_693b01623eec2a44_EOF'
+ cat << 'GH_AW_PROMPT_1c25d040c6c87cf6_EOF'
Tools: add_comment(max:2), create_issue, add_labels, missing_tool, missing_data, noop
- GH_AW_PROMPT_693b01623eec2a44_EOF
+ GH_AW_PROMPT_1c25d040c6c87cf6_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_693b01623eec2a44_EOF'
+ cat << 'GH_AW_PROMPT_1c25d040c6c87cf6_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -340,19 +320,19 @@ jobs:
{{/if}}
- GH_AW_PROMPT_693b01623eec2a44_EOF
+ GH_AW_PROMPT_1c25d040c6c87cf6_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_693b01623eec2a44_EOF'
+ cat << 'GH_AW_PROMPT_1c25d040c6c87cf6_EOF'
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-crush.md}}
- GH_AW_PROMPT_693b01623eec2a44_EOF
+ GH_AW_PROMPT_1c25d040c6c87cf6_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -581,9 +561,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_bce59036e3685455_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_c382f7fdba31fa11_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-crush"]},"create_issue":{"close_older_issues":true,"expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_bce59036e3685455_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_c382f7fdba31fa11_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -833,7 +813,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_73ec18a9f5201c16_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_7e65382c76fd9c16_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -878,7 +858,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_73ec18a9f5201c16_EOF
+ GH_AW_MCP_CONFIG_7e65382c76fd9c16_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1500,7 +1480,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-crush ') || startsWith(github.event.issue.body, '/smoke-crush\n') || github.event.issue.body == '/smoke-crush') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-crush ') || startsWith(github.event.pull_request.body, '/smoke-crush\n') || github.event.pull_request.body == '/smoke-crush') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-crush ') || startsWith(github.event.discussion.body, '/smoke-crush\n') || github.event.discussion.body == '/smoke-crush') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-crush ') || startsWith(github.event.comment.body, '/smoke-crush\n') || github.event.comment.body == '/smoke-crush')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-crush.md b/.github/workflows/smoke-crush.md
index 8ef807ed382..3ca5a814aec 100644
--- a/.github/workflows/smoke-crush.md
+++ b/.github/workflows/smoke-crush.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke test workflow that validates Crush engine functionality
on:
- slash_command: smoke-crush
+ slash_command:
+ name: smoke-crush
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-gemini.lock.yml b/.github/workflows/smoke-gemini.lock.yml
index d39dca7ee79..ab000ce0299 100644
--- a/.github/workflows/smoke-gemini.lock.yml
+++ b/.github/workflows/smoke-gemini.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"3e4ea9048f710ad700863a5321cf227cfa377fc08d070378dd7f4101cca1d6b3","body_hash":"e6391525e0b408c59088189c4afeac1d643885a1f4f9d68465795d4e65427502","strict":true,"agent_id":"gemini"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"475d9418b2f603209c1439f25c9ec865ad93c6acae4f377a440eacf58dccb4d7","body_hash":"e6391525e0b408c59088189c4afeac1d643885a1f4f9d68465795d4e65427502","strict":true,"agent_id":"gemini"}
# gh-aw-manifest: {"version":1,"secrets":["GEMINI_API_KEY","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -62,32 +62,11 @@
name: "Smoke Gemini"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -114,12 +93,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-gemini ') || startsWith(github.event.issue.body, '/smoke-gemini\n') || github.event.issue.body == '/smoke-gemini') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-gemini ') || startsWith(github.event.pull_request.body, '/smoke-gemini\n') || github.event.pull_request.body == '/smoke-gemini') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-gemini ') || startsWith(github.event.discussion.body, '/smoke-gemini\n') || github.event.discussion.body == '/smoke-gemini') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -211,7 +191,7 @@ jobs:
await main();
- name: Add rocket reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "rocket"
@@ -275,7 +255,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Gemini"
@@ -339,21 +319,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_1fb184ad71a949fe_EOF'
+ cat << 'GH_AW_PROMPT_dcd847b1309fb460_EOF'
- GH_AW_PROMPT_1fb184ad71a949fe_EOF
+ GH_AW_PROMPT_dcd847b1309fb460_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_1fb184ad71a949fe_EOF'
+ cat << 'GH_AW_PROMPT_dcd847b1309fb460_EOF'
Tools: add_comment(max:2), create_issue, add_labels, missing_tool, missing_data, noop
- GH_AW_PROMPT_1fb184ad71a949fe_EOF
+ GH_AW_PROMPT_dcd847b1309fb460_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_1fb184ad71a949fe_EOF'
+ cat << 'GH_AW_PROMPT_dcd847b1309fb460_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -382,12 +362,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_1fb184ad71a949fe_EOF
+ GH_AW_PROMPT_dcd847b1309fb460_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_1fb184ad71a949fe_EOF'
+ cat << 'GH_AW_PROMPT_dcd847b1309fb460_EOF'
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting-otlp.md}}
@@ -395,7 +375,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-gemini.md}}
- GH_AW_PROMPT_1fb184ad71a949fe_EOF
+ GH_AW_PROMPT_dcd847b1309fb460_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -646,9 +626,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_32b1c499b37e829c_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_bddd51d658857ed9_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-gemini"]},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-gemini","expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_32b1c499b37e829c_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_bddd51d658857ed9_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -895,7 +875,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_a81bc8be12475e54_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_68dfbd14977adbb8_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"safeoutputs": {
@@ -925,7 +905,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_a81bc8be12475e54_EOF
+ GH_AW_MCP_CONFIG_68dfbd14977adbb8_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1616,7 +1596,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-gemini ') || startsWith(github.event.issue.body, '/smoke-gemini\n') || github.event.issue.body == '/smoke-gemini') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-gemini ') || startsWith(github.event.pull_request.body, '/smoke-gemini\n') || github.event.pull_request.body == '/smoke-gemini') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-gemini ') || startsWith(github.event.discussion.body, '/smoke-gemini\n') || github.event.discussion.body == '/smoke-gemini') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-gemini ') || startsWith(github.event.comment.body, '/smoke-gemini\n') || github.event.comment.body == '/smoke-gemini')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-gemini.md b/.github/workflows/smoke-gemini.md
index 067b4707ce5..7637a45e35b 100644
--- a/.github/workflows/smoke-gemini.md
+++ b/.github/workflows/smoke-gemini.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke test workflow that validates Gemini engine functionality twice daily
on:
- slash_command: smoke-gemini
+ slash_command:
+ name: smoke-gemini
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-multi-pr.lock.yml b/.github/workflows/smoke-multi-pr.lock.yml
index b4d5cf7fcf2..8e2dc5433ce 100644
--- a/.github/workflows/smoke-multi-pr.lock.yml
+++ b/.github/workflows/smoke-multi-pr.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"3e6e16aa525f3196defb9c8ec914fa653060ebb82ab614a0f879332f937516f0","body_hash":"9fcaee745024e93ac3797cec9ab4d7c11ea841686dbb8f4f6205100777549650","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"ad06c44499a78b5f540634ccbf318bc46d41e9ed3e9b1db0b69a6d4a9106e45e","body_hash":"9fcaee745024e93ac3797cec9ab4d7c11ea841686dbb8f4f6205100777549650","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_CI_TRIGGER_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -57,32 +57,11 @@
name: "Smoke Multi PR"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke-multi-pr # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -109,12 +88,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-multi-pr ') || startsWith(github.event.issue.body, '/smoke-multi-pr\n') || github.event.issue.body == '/smoke-multi-pr') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-multi-pr ') || startsWith(github.event.pull_request.body, '/smoke-multi-pr\n') || github.event.pull_request.body == '/smoke-multi-pr') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-multi-pr ') || startsWith(github.event.discussion.body, '/smoke-multi-pr\n') || github.event.discussion.body == '/smoke-multi-pr') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-multi-pr'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-multi-pr'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -206,7 +186,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -270,7 +250,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Multi PR"
@@ -298,23 +278,23 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_0009a87f54c3fc9a_EOF'
+ cat << 'GH_AW_PROMPT_3dadf8046461dd69_EOF'
- GH_AW_PROMPT_0009a87f54c3fc9a_EOF
+ GH_AW_PROMPT_3dadf8046461dd69_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_0009a87f54c3fc9a_EOF'
+ cat << 'GH_AW_PROMPT_3dadf8046461dd69_EOF'
Tools: add_comment, create_pull_request(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_0009a87f54c3fc9a_EOF
+ GH_AW_PROMPT_3dadf8046461dd69_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_0009a87f54c3fc9a_EOF'
+ cat << 'GH_AW_PROMPT_3dadf8046461dd69_EOF'
- GH_AW_PROMPT_0009a87f54c3fc9a_EOF
+ GH_AW_PROMPT_3dadf8046461dd69_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_0009a87f54c3fc9a_EOF'
+ cat << 'GH_AW_PROMPT_3dadf8046461dd69_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -343,17 +323,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_0009a87f54c3fc9a_EOF
+ GH_AW_PROMPT_3dadf8046461dd69_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_0009a87f54c3fc9a_EOF'
+ cat << 'GH_AW_PROMPT_3dadf8046461dd69_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-multi-pr.md}}
- GH_AW_PROMPT_0009a87f54c3fc9a_EOF
+ GH_AW_PROMPT_3dadf8046461dd69_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -578,9 +558,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_f5409529fe4d4edf_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_ae0fafbad83e4ebf_EOF'
{"add_comment":{"hide_older_comments":true,"max":1},"create_pull_request":{"expires":2,"if_no_changes":"warn","labels":["ai-generated"],"max":2,"max_patch_files":100,"max_patch_size":1024,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","AGENTS.md","CLAUDE.md","GEMINI.md"],"protected_files_policy":"request_review","title_prefix":"[smoke-multi-pr] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_f5409529fe4d4edf_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_ae0fafbad83e4ebf_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -818,7 +798,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_fdcb98ec4e4b9914_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_108f15eaeb5e973a_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -864,7 +844,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_fdcb98ec4e4b9914_EOF
+ GH_AW_MCP_CONFIG_108f15eaeb5e973a_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1555,7 +1535,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-multi-pr ') || startsWith(github.event.issue.body, '/smoke-multi-pr\n') || github.event.issue.body == '/smoke-multi-pr') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-multi-pr ') || startsWith(github.event.pull_request.body, '/smoke-multi-pr\n') || github.event.pull_request.body == '/smoke-multi-pr') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-multi-pr ') || startsWith(github.event.discussion.body, '/smoke-multi-pr\n') || github.event.discussion.body == '/smoke-multi-pr') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-multi-pr ') || startsWith(github.event.comment.body, '/smoke-multi-pr\n') || github.event.comment.body == '/smoke-multi-pr')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-multi-pr'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-multi-pr')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-multi-pr.md b/.github/workflows/smoke-multi-pr.md
index d8ea64bc2a6..9805334eb31 100644
--- a/.github/workflows/smoke-multi-pr.md
+++ b/.github/workflows/smoke-multi-pr.md
@@ -3,7 +3,10 @@ emoji: "🧪"
name: Smoke Multi PR
description: Test creating multiple pull requests in a single workflow run
on:
- slash_command: smoke-multi-pr
+ slash_command:
+ name: smoke-multi-pr
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-opencode.lock.yml b/.github/workflows/smoke-opencode.lock.yml
index 7907a913a70..25c1dcb54fe 100644
--- a/.github/workflows/smoke-opencode.lock.yml
+++ b/.github/workflows/smoke-opencode.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"018dadbfe0ec057b0ef4d92b626a40fa64b66bf713da35247e58e5b3224a79f5","body_hash":"fd8a2bdc8108d3170cf3743ed350b5139285a58f4d68875cf729458566659a22","strict":true,"agent_id":"opencode","agent_model":"copilot/gpt-5"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"a399ea77f23aabd63993b7ce241287b24130b2d70776125610946332475b20b4","body_hash":"fd8a2bdc8108d3170cf3743ed350b5139285a58f4d68875cf729458566659a22","strict":true,"agent_id":"opencode","agent_model":"copilot/gpt-5"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -59,32 +59,11 @@
name: "Smoke OpenCode"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - water # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -111,12 +90,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-opencode ') || startsWith(github.event.issue.body, '/smoke-opencode\n') || github.event.issue.body == '/smoke-opencode') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-opencode ') || startsWith(github.event.pull_request.body, '/smoke-opencode\n') || github.event.pull_request.body == '/smoke-opencode') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-opencode ') || startsWith(github.event.discussion.body, '/smoke-opencode\n') || github.event.discussion.body == '/smoke-opencode') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -207,7 +187,7 @@ jobs:
await main();
- name: Add rocket reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "rocket"
@@ -271,7 +251,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke OpenCode"
@@ -300,20 +280,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_c203203fcf6af794_EOF'
+ cat << 'GH_AW_PROMPT_26069c4eb3184f14_EOF'
- GH_AW_PROMPT_c203203fcf6af794_EOF
+ GH_AW_PROMPT_26069c4eb3184f14_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_c203203fcf6af794_EOF'
+ cat << 'GH_AW_PROMPT_26069c4eb3184f14_EOF'
Tools: add_comment(max:2), create_issue, add_labels, missing_tool, missing_data, noop
- GH_AW_PROMPT_c203203fcf6af794_EOF
+ GH_AW_PROMPT_26069c4eb3184f14_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_c203203fcf6af794_EOF'
+ cat << 'GH_AW_PROMPT_26069c4eb3184f14_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -342,12 +322,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_c203203fcf6af794_EOF
+ GH_AW_PROMPT_26069c4eb3184f14_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_c203203fcf6af794_EOF'
+ cat << 'GH_AW_PROMPT_26069c4eb3184f14_EOF'
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting-otlp.md}}
@@ -355,7 +335,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-opencode.md}}
- GH_AW_PROMPT_c203203fcf6af794_EOF
+ GH_AW_PROMPT_26069c4eb3184f14_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -585,9 +565,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_faf4e0d5287a0345_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_8f9d2535309af7f6_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-opencode"]},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-opencode","expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_faf4e0d5287a0345_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_8f9d2535309af7f6_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -837,7 +817,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GITHUB_AW_OTEL_TRACE_ID -e GITHUB_AW_OTEL_PARENT_SPAN_ID -e OTEL_EXPORTER_OTLP_HEADERS -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22'
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_61c0592bdd3a6aa7_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_f8e7e512608f71e0_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -882,7 +862,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_61c0592bdd3a6aa7_EOF
+ GH_AW_MCP_CONFIG_f8e7e512608f71e0_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1504,7 +1484,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-opencode ') || startsWith(github.event.issue.body, '/smoke-opencode\n') || github.event.issue.body == '/smoke-opencode') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-opencode ') || startsWith(github.event.pull_request.body, '/smoke-opencode\n') || github.event.pull_request.body == '/smoke-opencode') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-opencode ') || startsWith(github.event.discussion.body, '/smoke-opencode\n') || github.event.discussion.body == '/smoke-opencode') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-opencode ') || startsWith(github.event.comment.body, '/smoke-opencode\n') || github.event.comment.body == '/smoke-opencode')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-opencode.md b/.github/workflows/smoke-opencode.md
index 91dcdd3c178..999fa680f1c 100644
--- a/.github/workflows/smoke-opencode.md
+++ b/.github/workflows/smoke-opencode.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke test workflow that validates OpenCode engine functionality
on:
- slash_command: smoke-opencode
+ slash_command:
+ name: smoke-opencode
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-otel-backends.lock.yml b/.github/workflows/smoke-otel-backends.lock.yml
index 57fb0713816..5b2530d14fd 100644
--- a/.github/workflows/smoke-otel-backends.lock.yml
+++ b/.github/workflows/smoke-otel-backends.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"a1a551d4838ff9658976a21439e71aea74275591fa5e0d84fc7ca70027380253","body_hash":"46d8e16dcf47698ee4765caeecc91c2637367190b1fe910a1033ffda068fd839","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"1675c0dfa01483df98a7b50b914fc3b8ff7a5526c39c595f848704ee75459e9a","body_hash":"46d8e16dcf47698ee4765caeecc91c2637367190b1fe910a1033ffda068fd839","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","DD_API_KEY","DD_APPLICATION_KEY","DD_APP_KEY","DD_SITE","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_DATADOG_API_KEY","GH_AW_OTEL_DATADOG_ENDPOINT","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN","GRAFANA_SERVICE_ACCOUNT_TOKEN","GRAFANA_URL","SENTRY_ACCESS_TOKEN","SENTRY_OPENAI_API_KEY"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"grafana/mcp-grafana","digest":"sha256:60a4e3a417a69eeb864a72052c53b4aa4466ff3577d6ef9bacc671f4b77d7090","pinned_image":"grafana/mcp-grafana@sha256:60a4e3a417a69eeb864a72052c53b4aa4466ff3577d6ef9bacc671f4b77d7090"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -74,33 +74,6 @@
name: "Smoke OTEL"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
- pull_request:
- types:
- - opened
- - edited
- - reopened
- - labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -127,12 +100,14 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-otel-backends ') || startsWith(github.event.issue.body, '/smoke-otel-backends\n') || github.event.issue.body == '/smoke-otel-backends') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-otel-backends ') || startsWith(github.event.pull_request.body, '/smoke-otel-backends\n') || github.event.pull_request.body == '/smoke-otel-backends') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-otel-backends ') || startsWith(github.event.discussion.body, '/smoke-otel-backends\n') || github.event.discussion.body == '/smoke-otel-backends') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')) || github.event_name == 'pull_request' && github.event.label.name == 'smoke')"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' &&
+ fromJSON(github.event.inputs.aw_context || '{}').trigger_label == 'smoke' || !(fromJSON(github.event.inputs.aw_context ||
+ '{}').event_type == 'pull_request'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -225,7 +200,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -289,7 +264,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke OTEL"
@@ -328,20 +303,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_5f1a14e2f8576146_EOF'
+ cat << 'GH_AW_PROMPT_75091c9ae7b5eeac_EOF'
- GH_AW_PROMPT_5f1a14e2f8576146_EOF
+ GH_AW_PROMPT_75091c9ae7b5eeac_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_5f1a14e2f8576146_EOF'
+ cat << 'GH_AW_PROMPT_75091c9ae7b5eeac_EOF'
Tools: create_issue, missing_tool, missing_data, noop
- GH_AW_PROMPT_5f1a14e2f8576146_EOF
+ GH_AW_PROMPT_75091c9ae7b5eeac_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_5f1a14e2f8576146_EOF'
+ cat << 'GH_AW_PROMPT_75091c9ae7b5eeac_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -370,12 +345,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_5f1a14e2f8576146_EOF
+ GH_AW_PROMPT_75091c9ae7b5eeac_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_5f1a14e2f8576146_EOF'
+ cat << 'GH_AW_PROMPT_75091c9ae7b5eeac_EOF'
{{#runtime-import .github/workflows/shared/mcp/datadog.md}}
{{#runtime-import .github/workflows/shared/mcp/grafana.md}}
@@ -385,7 +360,7 @@ jobs:
{{#runtime-import .github/workflows/shared/grafana.md}}
{{#runtime-import .github/workflows/shared/datadog.md}}
{{#runtime-import .github/workflows/smoke-otel-backends.md}}
- GH_AW_PROMPT_5f1a14e2f8576146_EOF
+ GH_AW_PROMPT_75091c9ae7b5eeac_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -620,9 +595,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_10b1021294cfbc7d_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_dbec2eac7c1484b7_EOF'
{"create_issue":{"close_older_issues":true,"close_older_key":"smoke-otel-backends","expires":2,"labels":["automation","testing","observability"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_10b1021294cfbc7d_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_dbec2eac7c1484b7_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -838,7 +813,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_ebd1661808489064_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_3b144e238ccf37d4_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"datadog": {
@@ -965,7 +940,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_ebd1661808489064_EOF
+ GH_AW_MCP_CONFIG_3b144e238ccf37d4_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1650,7 +1625,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-otel-backends ') || startsWith(github.event.issue.body, '/smoke-otel-backends\n') || github.event.issue.body == '/smoke-otel-backends') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-otel-backends ') || startsWith(github.event.pull_request.body, '/smoke-otel-backends\n') || github.event.pull_request.body == '/smoke-otel-backends') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-otel-backends ') || startsWith(github.event.discussion.body, '/smoke-otel-backends\n') || github.event.discussion.body == '/smoke-otel-backends') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-otel-backends ') || startsWith(github.event.comment.body, '/smoke-otel-backends\n') || github.event.comment.body == '/smoke-otel-backends')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')) || github.event_name == 'pull_request' && github.event.label.name == 'smoke')"
+ if: >
+ fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' && fromJSON(github.event.inputs.aw_context ||
+ '{}').trigger_label == 'smoke' || !(fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-otel-backends.md b/.github/workflows/smoke-otel-backends.md
index db3abbbc433..e6b275fa979 100644
--- a/.github/workflows/smoke-otel-backends.md
+++ b/.github/workflows/smoke-otel-backends.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke test that validates OTEL span export and query access for Sentry, Grafana, and Datadog
on:
- slash_command: smoke-otel-backends
+ slash_command:
+ name: smoke-otel-backends
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
label_command:
name: smoke
diff --git a/.github/workflows/smoke-pi.lock.yml b/.github/workflows/smoke-pi.lock.yml
index 102e128c56d..5240f0a980d 100644
--- a/.github/workflows/smoke-pi.lock.yml
+++ b/.github/workflows/smoke-pi.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"970fa3b83ff0f7385dd38b59aa7444865abc84990dd2ec9c15bd31109cd1899c","body_hash":"07ea62dc335d2b124062d5af97b2e7ea5f4ec4305c9829a2fd52b147247c8902","strict":true,"agent_id":"pi","agent_model":"copilot/gpt-5.4"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"76edb0c56e7dab4c1bb7014bf5cf7f4f7895c49fb63dc0e187903320f5221218","body_hash":"07ea62dc335d2b124062d5af97b2e7ea5f4ec4305c9829a2fd52b147247c8902","strict":true,"agent_id":"pi","agent_model":"copilot/gpt-5.4"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/cli-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -62,32 +62,11 @@
name: "Smoke Pi"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -114,12 +93,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-pi ') || startsWith(github.event.issue.body, '/smoke-pi\n') || github.event.issue.body == '/smoke-pi') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-pi ') || startsWith(github.event.pull_request.body, '/smoke-pi\n') || github.event.pull_request.body == '/smoke-pi') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-pi ') || startsWith(github.event.discussion.body, '/smoke-pi\n') || github.event.discussion.body == '/smoke-pi') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -212,7 +192,7 @@ jobs:
await main();
- name: Add rocket reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "rocket"
@@ -276,7 +256,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Pi"
@@ -340,21 +320,21 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_17249391ddb09f29_EOF'
+ cat << 'GH_AW_PROMPT_0d62500847a60c4c_EOF'
- GH_AW_PROMPT_17249391ddb09f29_EOF
+ GH_AW_PROMPT_0d62500847a60c4c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_17249391ddb09f29_EOF'
+ cat << 'GH_AW_PROMPT_0d62500847a60c4c_EOF'
Tools: add_comment(max:2), create_issue, add_labels, missing_tool, missing_data, noop
- GH_AW_PROMPT_17249391ddb09f29_EOF
+ GH_AW_PROMPT_0d62500847a60c4c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_17249391ddb09f29_EOF'
+ cat << 'GH_AW_PROMPT_0d62500847a60c4c_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -383,12 +363,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_17249391ddb09f29_EOF
+ GH_AW_PROMPT_0d62500847a60c4c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/cli_proxy_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_17249391ddb09f29_EOF'
+ cat << 'GH_AW_PROMPT_0d62500847a60c4c_EOF'
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting-otlp.md}}
@@ -396,7 +376,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-pi.md}}
- GH_AW_PROMPT_17249391ddb09f29_EOF
+ GH_AW_PROMPT_0d62500847a60c4c_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -653,9 +633,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_6f55fd4fc34d043f_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_0c8825c854fd3b36_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-pi"]},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-pi","expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_6f55fd4fc34d043f_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_0c8825c854fd3b36_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -1562,7 +1542,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-pi ') || startsWith(github.event.issue.body, '/smoke-pi\n') || github.event.issue.body == '/smoke-pi') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-pi ') || startsWith(github.event.pull_request.body, '/smoke-pi\n') || github.event.pull_request.body == '/smoke-pi') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-pi ') || startsWith(github.event.discussion.body, '/smoke-pi\n') || github.event.discussion.body == '/smoke-pi') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-pi ') || startsWith(github.event.comment.body, '/smoke-pi\n') || github.event.comment.body == '/smoke-pi')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-pi.md b/.github/workflows/smoke-pi.md
index 7adb062f2df..34bf71c1ee8 100644
--- a/.github/workflows/smoke-pi.md
+++ b/.github/workflows/smoke-pi.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke test workflow that validates Pi engine functionality
on:
- slash_command: smoke-pi
+ slash_command:
+ name: smoke-pi
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-project.lock.yml b/.github/workflows/smoke-project.lock.yml
index bb69b7be81d..aa682382c35 100644
--- a/.github/workflows/smoke-project.lock.yml
+++ b/.github/workflows/smoke-project.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"4589dce3925f94537a49135860b0ee9e408b4a6ec7ffc3fbe8a7707732f2e5d2","body_hash":"4dafe397926fe786f54ea2afca462f7bfcc970ef87173677a41fdbb2346d4460","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"8827f8a138cbdfc8eef9d0e1f5ef17976557188651d964adc0a760a540ffb64a","body_hash":"4dafe397926fe786f54ea2afca462f7bfcc970ef87173677a41fdbb2346d4460","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_CI_TRIGGER_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GH_AW_PROJECT_GITHUB_TOKEN","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -58,32 +58,11 @@
name: "Smoke Project"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - water # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -110,12 +89,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-project ') || startsWith(github.event.issue.body, '/smoke-project\n') || github.event.issue.body == '/smoke-project') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-project ') || startsWith(github.event.pull_request.body, '/smoke-project\n') || github.event.pull_request.body == '/smoke-project') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-project ') || startsWith(github.event.discussion.body, '/smoke-project\n') || github.event.discussion.body == '/smoke-project') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -207,7 +187,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -271,7 +251,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Project"
@@ -299,23 +279,23 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_2f100cf01696d2de_EOF'
+ cat << 'GH_AW_PROMPT_f3453bfec5c1e375_EOF'
- GH_AW_PROMPT_2f100cf01696d2de_EOF
+ GH_AW_PROMPT_f3453bfec5c1e375_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_2f100cf01696d2de_EOF'
+ cat << 'GH_AW_PROMPT_f3453bfec5c1e375_EOF'
Tools: add_comment(max:2), create_issue, create_pull_request, add_labels, remove_labels, update_project(max:20), create_project_status_update, missing_tool, missing_data, noop
- GH_AW_PROMPT_2f100cf01696d2de_EOF
+ GH_AW_PROMPT_f3453bfec5c1e375_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_2f100cf01696d2de_EOF'
+ cat << 'GH_AW_PROMPT_f3453bfec5c1e375_EOF'
- GH_AW_PROMPT_2f100cf01696d2de_EOF
+ GH_AW_PROMPT_f3453bfec5c1e375_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_2f100cf01696d2de_EOF'
+ cat << 'GH_AW_PROMPT_f3453bfec5c1e375_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -344,17 +324,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_2f100cf01696d2de_EOF
+ GH_AW_PROMPT_f3453bfec5c1e375_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_2f100cf01696d2de_EOF'
+ cat << 'GH_AW_PROMPT_f3453bfec5c1e375_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-project.md}}
- GH_AW_PROMPT_2f100cf01696d2de_EOF
+ GH_AW_PROMPT_f3453bfec5c1e375_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -582,9 +562,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_3b81980cf13c361c_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_eed6693baa4b0927_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-project"]},"create_issue":{"close_older_issues":true,"expires":2,"group":true,"labels":["ai-generated","automation","testing"],"max":1},"create_project_status_update":{"github-token":"${GH_AW_SECRET_GH_AW_PROJECT_GITHUB_TOKEN}","max":1,"project":"https://github.com/orgs/github/projects/24068"},"create_pull_request":{"expires":2,"if_no_changes":"warn","labels":["ai-generated"],"max":1,"max_patch_files":100,"max_patch_size":1024,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","AGENTS.md","CLAUDE.md","GEMINI.md"],"protected_files_policy":"request_review","title_prefix":"[smoke-project] "},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke-project"]},"report_incomplete":{},"update_project":{"github-token":"${GH_AW_SECRET_GH_AW_PROJECT_GITHUB_TOKEN}","max":20,"project":"https://github.com/orgs/github/projects/24068","views":[{"name":"Smoke Test Board","layout":"board","filter":"is:open"}]}}
- GH_AW_SAFE_OUTPUTS_CONFIG_3b81980cf13c361c_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_eed6693baa4b0927_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -983,7 +963,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_b91f62a34300fc0b_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_8ee655db89b10fb4_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -1029,7 +1009,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_b91f62a34300fc0b_EOF
+ GH_AW_MCP_CONFIG_8ee655db89b10fb4_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1696,7 +1676,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-project ') || startsWith(github.event.issue.body, '/smoke-project\n') || github.event.issue.body == '/smoke-project') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-project ') || startsWith(github.event.pull_request.body, '/smoke-project\n') || github.event.pull_request.body == '/smoke-project') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-project ') || startsWith(github.event.discussion.body, '/smoke-project\n') || github.event.discussion.body == '/smoke-project') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-project ') || startsWith(github.event.comment.body, '/smoke-project\n') || github.event.comment.body == '/smoke-project')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-project.md b/.github/workflows/smoke-project.md
index ffc592e0ecd..ced668c460f 100644
--- a/.github/workflows/smoke-project.md
+++ b/.github/workflows/smoke-project.md
@@ -3,7 +3,10 @@ emoji: "🧪"
name: Smoke Project
description: Smoke Project - Test project operations
on:
- slash_command: smoke-project
+ slash_command:
+ name: smoke-project
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
#schedule: every 12h
pull_request:
diff --git a/.github/workflows/smoke-service-ports.lock.yml b/.github/workflows/smoke-service-ports.lock.yml
index 31110427eb2..6c7638266ef 100644
--- a/.github/workflows/smoke-service-ports.lock.yml
+++ b/.github/workflows/smoke-service-ports.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"7172ac74b6fdd2f98dccc53692b2f160a95f7c16528a658bcd889f1dd7bcdf22","body_hash":"f0d52a8ac256d3e86659f87c0811c0ad3901a243a5b96432e69002106b780c42","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"a9ea2f6dee31944327c04e453202af8336cc79c74f9a095f9f54716967f72211","body_hash":"f0d52a8ac256d3e86659f87c0811c0ad3901a243a5b96432e69002106b780c42","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -56,32 +56,6 @@
name: "Smoke Service Ports"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
- pull_request:
- types:
- - opened
- - edited
- - reopened
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -108,12 +82,11 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-service-ports ') || startsWith(github.event.issue.body, '/smoke-service-ports\n') || github.event.issue.body == '/smoke-service-ports') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-service-ports ') || startsWith(github.event.pull_request.body, '/smoke-service-ports\n') || github.event.pull_request.body == '/smoke-service-ports') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-service-ports ') || startsWith(github.event.discussion.body, '/smoke-service-ports\n') || github.event.discussion.body == '/smoke-service-ports') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')))"
+ if: needs.pre_activation.outputs.activated == 'true'
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -205,7 +178,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -269,7 +242,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Service Ports"
@@ -297,20 +270,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_0b11b1c3a5151133_EOF'
+ cat << 'GH_AW_PROMPT_5188ce008aa93792_EOF'
- GH_AW_PROMPT_0b11b1c3a5151133_EOF
+ GH_AW_PROMPT_5188ce008aa93792_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_0b11b1c3a5151133_EOF'
+ cat << 'GH_AW_PROMPT_5188ce008aa93792_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_0b11b1c3a5151133_EOF
+ GH_AW_PROMPT_5188ce008aa93792_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_0b11b1c3a5151133_EOF'
+ cat << 'GH_AW_PROMPT_5188ce008aa93792_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -339,16 +312,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_0b11b1c3a5151133_EOF
+ GH_AW_PROMPT_5188ce008aa93792_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_0b11b1c3a5151133_EOF'
+ cat << 'GH_AW_PROMPT_5188ce008aa93792_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-service-ports.md}}
- GH_AW_PROMPT_0b11b1c3a5151133_EOF
+ GH_AW_PROMPT_5188ce008aa93792_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -579,9 +552,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_bd1b50e1054c6c5c_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_7d98558b918248ca_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_bd1b50e1054c6c5c_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_7d98558b918248ca_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -775,7 +748,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_67e0f75c76cf2670_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_e1d5f9c6b68dc948_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -821,7 +794,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_67e0f75c76cf2670_EOF
+ GH_AW_MCP_CONFIG_e1d5f9c6b68dc948_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1485,7 +1458,6 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-service-ports ') || startsWith(github.event.issue.body, '/smoke-service-ports\n') || github.event.issue.body == '/smoke-service-ports') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-service-ports ') || startsWith(github.event.pull_request.body, '/smoke-service-ports\n') || github.event.pull_request.body == '/smoke-service-ports') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-service-ports ') || startsWith(github.event.discussion.body, '/smoke-service-ports\n') || github.event.discussion.body == '/smoke-service-ports') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-service-ports ') || startsWith(github.event.comment.body, '/smoke-service-ports\n') || github.event.comment.body == '/smoke-service-ports')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment')))"
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-service-ports.md b/.github/workflows/smoke-service-ports.md
index 975fa9e1bf9..842a00f8f65 100644
--- a/.github/workflows/smoke-service-ports.md
+++ b/.github/workflows/smoke-service-ports.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke test to validate --allow-host-service-ports with Redis service container
on:
- slash_command: smoke-service-ports
+ slash_command:
+ name: smoke-service-ports
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
status-comment: true
permissions:
diff --git a/.github/workflows/smoke-temporary-id.lock.yml b/.github/workflows/smoke-temporary-id.lock.yml
index 88298fa47a7..036ee85d708 100644
--- a/.github/workflows/smoke-temporary-id.lock.yml
+++ b/.github/workflows/smoke-temporary-id.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"2abbcf6a9919caec3282b00f1ce91bbdd7c9daedc90f9daee5c824dfd06864bd","body_hash":"837357879ba43b6a872a306ef6aa48f02a2b63b43cf0a142dd3860175463961b","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"047362b91ac3045ef5a1ccfc7df8b289acb5c95539d0bfb7f57e4e724d674d24","body_hash":"837357879ba43b6a872a306ef6aa48f02a2b63b43cf0a142dd3860175463961b","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -56,32 +56,11 @@
name: "Smoke Temporary ID"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - water # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -108,12 +87,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-temporary-id ') || startsWith(github.event.issue.body, '/smoke-temporary-id\n') || github.event.issue.body == '/smoke-temporary-id') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-temporary-id ') || startsWith(github.event.pull_request.body, '/smoke-temporary-id\n') || github.event.pull_request.body == '/smoke-temporary-id') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-temporary-id ') || startsWith(github.event.discussion.body, '/smoke-temporary-id\n') || github.event.discussion.body == '/smoke-temporary-id') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -207,7 +187,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -271,7 +251,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Temporary ID"
@@ -334,20 +314,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_536d697b2c0f378d_EOF'
+ cat << 'GH_AW_PROMPT_31df2bb07b420d68_EOF'
- GH_AW_PROMPT_536d697b2c0f378d_EOF
+ GH_AW_PROMPT_31df2bb07b420d68_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_536d697b2c0f378d_EOF'
+ cat << 'GH_AW_PROMPT_31df2bb07b420d68_EOF'
Tools: add_comment(max:2), create_issue(max:5), link_sub_issue(max:3), missing_tool, missing_data, noop
- GH_AW_PROMPT_536d697b2c0f378d_EOF
+ GH_AW_PROMPT_31df2bb07b420d68_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_536d697b2c0f378d_EOF'
+ cat << 'GH_AW_PROMPT_31df2bb07b420d68_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -376,17 +356,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_536d697b2c0f378d_EOF
+ GH_AW_PROMPT_31df2bb07b420d68_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_536d697b2c0f378d_EOF'
+ cat << 'GH_AW_PROMPT_31df2bb07b420d68_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-temporary-id.md}}
- GH_AW_PROMPT_536d697b2c0f378d_EOF
+ GH_AW_PROMPT_31df2bb07b420d68_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -614,9 +594,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_414d615f26333a8e_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_6e986c10f85e9835_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_issue":{"close_older_issues":true,"expires":2,"group":true,"labels":["ai-generated","automation","testing"],"max":5,"title_prefix":"[smoke-temporary-id] "},"create_report_incomplete_issue":{},"link_sub_issue":{"max":3},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_414d615f26333a8e_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_6e986c10f85e9835_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -868,7 +848,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_6d047c1bf86c5136_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_988dc6ca371e3f7b_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -914,7 +894,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_6d047c1bf86c5136_EOF
+ GH_AW_MCP_CONFIG_988dc6ca371e3f7b_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1585,7 +1565,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-temporary-id ') || startsWith(github.event.issue.body, '/smoke-temporary-id\n') || github.event.issue.body == '/smoke-temporary-id') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-temporary-id ') || startsWith(github.event.pull_request.body, '/smoke-temporary-id\n') || github.event.pull_request.body == '/smoke-temporary-id') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-temporary-id ') || startsWith(github.event.discussion.body, '/smoke-temporary-id\n') || github.event.discussion.body == '/smoke-temporary-id') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-temporary-id ') || startsWith(github.event.comment.body, '/smoke-temporary-id\n') || github.event.comment.body == '/smoke-temporary-id')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'water')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-temporary-id.md b/.github/workflows/smoke-temporary-id.md
index f9f951193c3..6e47d6ba75f 100644
--- a/.github/workflows/smoke-temporary-id.md
+++ b/.github/workflows/smoke-temporary-id.md
@@ -3,7 +3,10 @@ emoji: "🧪"
name: Smoke Temporary ID
description: Test temporary ID functionality for issue chaining and cross-references
on:
- slash_command: smoke-temporary-id
+ slash_command:
+ name: smoke-temporary-id
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
#schedule: every 24h
pull_request:
diff --git a/.github/workflows/smoke-test-tools.lock.yml b/.github/workflows/smoke-test-tools.lock.yml
index b5df98295ed..24355a7fc54 100644
--- a/.github/workflows/smoke-test-tools.lock.yml
+++ b/.github/workflows/smoke-test-tools.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"3b791de5f8e6b42af55feb5c51d86f3f0eb8a45cbe854f64cb9f5221405bb0a3","body_hash":"81f2125a67a8ec3e67401b66459850f8ca4c45d4f70c874e470b359ae4733083","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"c422a649ce5ee6b7ddfcda716adae1e338c5233119a308f0e73480b0fc3df283","body_hash":"81f2125a67a8ec3e67401b66459850f8ca4c45d4f70c874e470b359ae4733083","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["COPILOT_GITHUB_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GITHUB_TOKEN"],"actions":[{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-dotnet","sha":"9a946fdbd5fb07b82b2f5a4466058b876ab72bb2","version":"v5.3.0"},{"repo":"actions/setup-go","sha":"4a3601121dd01d1626a1e23e37211e3254c1c06c","version":"v6.4.0"},{"repo":"actions/setup-java","sha":"be666c2fcd27ec809703dec50e508c2fdc7f6654","version":"v5.2.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/setup-python","sha":"a309ff8b426b58ec0e2a45f0f869d46889d02405","version":"v6.2.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -60,32 +60,11 @@
name: "Agent Container Smoke Test"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -112,12 +91,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-test-tools ') || startsWith(github.event.issue.body, '/smoke-test-tools\n') || github.event.issue.body == '/smoke-test-tools') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-test-tools ') || startsWith(github.event.pull_request.body, '/smoke-test-tools\n') || github.event.pull_request.body == '/smoke-test-tools') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-test-tools ') || startsWith(github.event.discussion.body, '/smoke-test-tools\n') || github.event.discussion.body == '/smoke-test-tools') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -209,7 +189,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -273,7 +253,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Agent Container Smoke Test"
@@ -301,20 +281,20 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_d5270a98913e7e32_EOF'
+ cat << 'GH_AW_PROMPT_0fb16f03fdaa9523_EOF'
- GH_AW_PROMPT_d5270a98913e7e32_EOF
+ GH_AW_PROMPT_0fb16f03fdaa9523_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_d5270a98913e7e32_EOF'
+ cat << 'GH_AW_PROMPT_0fb16f03fdaa9523_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_d5270a98913e7e32_EOF
+ GH_AW_PROMPT_0fb16f03fdaa9523_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_d5270a98913e7e32_EOF'
+ cat << 'GH_AW_PROMPT_0fb16f03fdaa9523_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -343,17 +323,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_d5270a98913e7e32_EOF
+ GH_AW_PROMPT_0fb16f03fdaa9523_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_d5270a98913e7e32_EOF'
+ cat << 'GH_AW_PROMPT_0fb16f03fdaa9523_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/shared/noop-reminder.md}}
{{#runtime-import .github/workflows/smoke-test-tools.md}}
- GH_AW_PROMPT_d5270a98913e7e32_EOF
+ GH_AW_PROMPT_0fb16f03fdaa9523_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -603,9 +583,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_7c5eb03dd79ecea0_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_f7b3d48c3405f979_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_7c5eb03dd79ecea0_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_f7b3d48c3405f979_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -799,7 +779,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_1b07d10d61c4e9cc_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_9d43d5d020c83b8d_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -845,7 +825,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_1b07d10d61c4e9cc_EOF
+ GH_AW_MCP_CONFIG_9d43d5d020c83b8d_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1509,7 +1489,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-test-tools ') || startsWith(github.event.issue.body, '/smoke-test-tools\n') || github.event.issue.body == '/smoke-test-tools') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-test-tools ') || startsWith(github.event.pull_request.body, '/smoke-test-tools\n') || github.event.pull_request.body == '/smoke-test-tools') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-test-tools ') || startsWith(github.event.discussion.body, '/smoke-test-tools\n') || github.event.discussion.body == '/smoke-test-tools') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-test-tools ') || startsWith(github.event.comment.body, '/smoke-test-tools\n') || github.event.comment.body == '/smoke-test-tools')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-test-tools.md b/.github/workflows/smoke-test-tools.md
index d20e788f691..8092d6e92ce 100644
--- a/.github/workflows/smoke-test-tools.md
+++ b/.github/workflows/smoke-test-tools.md
@@ -2,7 +2,10 @@
emoji: "🧪"
description: Smoke test to validate common development tools are available in the agent container
on:
- slash_command: smoke-test-tools
+ slash_command:
+ name: smoke-test-tools
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]
diff --git a/.github/workflows/smoke-update-cross-repo-pr.lock.yml b/.github/workflows/smoke-update-cross-repo-pr.lock.yml
index 4b5e93efb13..32c31548868 100644
--- a/.github/workflows/smoke-update-cross-repo-pr.lock.yml
+++ b/.github/workflows/smoke-update-cross-repo-pr.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"cd543323af7e872ecc77702bffa67f8aa180ab85f93d708b55b3df69084fde80","body_hash":"909201281f5e5701574a4f0ff4a41ae102f90b6bd01093fda00e7570018a54e0","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v4","frontmatter_hash":"2357a0141f8a6f855cc56173de53fa29fa78303f5293272373a172fa3f2d5c75","body_hash":"909201281f5e5701574a4f0ff4a41ae102f90b6bd01093fda00e7570018a54e0","strict":true,"agent_id":"copilot"}
# gh-aw-manifest: {"version":1,"secrets":["GH_AW_CI_TRIGGER_TOKEN","GH_AW_GITHUB_MCP_SERVER_TOKEN","GH_AW_GITHUB_TOKEN","GH_AW_OTEL_GRAFANA_AUTHORIZATION","GH_AW_OTEL_GRAFANA_ENDPOINT","GH_AW_OTEL_SENTRY_AUTHORIZATION","GH_AW_OTEL_SENTRY_ENDPOINT","GH_AW_SIDE_REPO_PAT","GITHUB_TOKEN"],"actions":[{"repo":"actions/cache/restore","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/cache/save","sha":"27d5ce7f107fe9357f9df03efb73ab90386fccae","version":"v5.0.5"},{"repo":"actions/checkout","sha":"de0fac2e4500dabe0009e67214ff5f5447ce83dd","version":"v6.0.2"},{"repo":"actions/download-artifact","sha":"3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c","version":"v8.0.1"},{"repo":"actions/github-script","sha":"3a2844b7e9c422d3c10d287c895573f7108da1b3","version":"v9.0.0"},{"repo":"actions/setup-node","sha":"48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e","version":"v6.4.0"},{"repo":"actions/upload-artifact","sha":"043fb46d1a93c77aae656e7c1c64a875d1fc6a0a","version":"v7.0.1"}],"containers":[{"image":"ghcr.io/github/gh-aw-firewall/agent:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/api-proxy:0.25.58"},{"image":"ghcr.io/github/gh-aw-firewall/squid:0.25.58"},{"image":"ghcr.io/github/gh-aw-mcpg:v0.3.22"},{"image":"ghcr.io/github/github-mcp-server:v1.1.0"},{"image":"node:lts-alpine","digest":"sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14","pinned_image":"node:lts-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14"}]}
# ___ _ _
# / _ \ | | (_)
@@ -59,32 +59,11 @@
name: "Smoke Update Cross-Repo PR"
on:
- discussion:
- types:
- - created
- - edited
- discussion_comment:
- types:
- - created
- - edited
- issue_comment:
- types:
- - created
- - edited
- issues:
- types:
- - opened
- - edited
- - reopened
pull_request:
# names: # Label filtering applied via job conditions
# - smoke-update-cross-repo-pr # Label filtering applied via job conditions
types:
- labeled
- pull_request_review_comment:
- types:
- - created
- - edited
workflow_dispatch:
inputs:
aw_context:
@@ -111,12 +90,13 @@ env:
jobs:
activation:
needs: pre_activation
- if: "needs.pre_activation.outputs.activated == 'true' && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.issue.body, '/smoke-update-cross-repo-pr\n') || github.event.issue.body == '/smoke-update-cross-repo-pr') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.pull_request.body, '/smoke-update-cross-repo-pr\n') || github.event.pull_request.body == '/smoke-update-cross-repo-pr') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.discussion.body, '/smoke-update-cross-repo-pr\n') || github.event.discussion.body == '/smoke-update-cross-repo-pr') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-update-cross-repo-pr'))"
+ if: >
+ needs.pre_activation.outputs.activated == 'true' && ((github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-update-cross-repo-pr'))
runs-on: ubuntu-slim
permissions:
actions: read
contents: read
- discussions: write
issues: write
pull-requests: write
outputs:
@@ -207,7 +187,7 @@ jobs:
await main();
- name: Add eyes reaction for immediate feedback
id: react
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_REACTION: "eyes"
@@ -266,7 +246,7 @@ jobs:
await main();
- name: Add comment with workflow run link
id: add-comment
- if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id
+ if: github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment' || github.event_name == 'pull_request' && github.event.pull_request.head.repo.id == github.repository_id || github.event_name == 'workflow_dispatch' && (fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issues' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'issue_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request_review_comment' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'pull_request' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion' || fromJSON(github.event.inputs.aw_context || '{}').event_type == 'discussion_comment')
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
GH_AW_WORKFLOW_NAME: "Smoke Update Cross-Repo PR"
@@ -295,24 +275,24 @@ jobs:
run: |
bash "${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh"
{
- cat << 'GH_AW_PROMPT_0a93a880b54b3946_EOF'
+ cat << 'GH_AW_PROMPT_cc6192aee283446b_EOF'
- GH_AW_PROMPT_0a93a880b54b3946_EOF
+ GH_AW_PROMPT_cc6192aee283446b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_0a93a880b54b3946_EOF'
+ cat << 'GH_AW_PROMPT_cc6192aee283446b_EOF'
Tools: add_comment(max:2), create_issue, push_to_pull_request_branch, missing_tool, missing_data, noop
- GH_AW_PROMPT_0a93a880b54b3946_EOF
+ GH_AW_PROMPT_cc6192aee283446b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_push_to_pr_branch.md"
- cat << 'GH_AW_PROMPT_0a93a880b54b3946_EOF'
+ cat << 'GH_AW_PROMPT_cc6192aee283446b_EOF'
- GH_AW_PROMPT_0a93a880b54b3946_EOF
+ GH_AW_PROMPT_cc6192aee283446b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/mcp_cli_tools_prompt.md"
- cat << 'GH_AW_PROMPT_0a93a880b54b3946_EOF'
+ cat << 'GH_AW_PROMPT_cc6192aee283446b_EOF'
The following GitHub context information is available for this workflow:
{{#if github.actor}}
@@ -354,7 +334,7 @@ jobs:
stop immediately and report the limitation rather than spending turns trying to work around it.
- GH_AW_PROMPT_0a93a880b54b3946_EOF
+ GH_AW_PROMPT_cc6192aee283446b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
@@ -362,11 +342,11 @@ jobs:
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_push_to_pr_branch_guidance.md"
fi
- cat << 'GH_AW_PROMPT_0a93a880b54b3946_EOF'
+ cat << 'GH_AW_PROMPT_cc6192aee283446b_EOF'
{{#runtime-import .github/workflows/shared/otlp.md}}
{{#runtime-import .github/workflows/smoke-update-cross-repo-pr.md}}
- GH_AW_PROMPT_0a93a880b54b3946_EOF
+ GH_AW_PROMPT_cc6192aee283446b_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
@@ -633,9 +613,9 @@ jobs:
mkdir -p "${RUNNER_TEMP}/gh-aw/safeoutputs"
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_097628db74cb84d9_EOF'
+ cat > "${RUNNER_TEMP}/gh-aw/safeoutputs/config.json" << 'GH_AW_SAFE_OUTPUTS_CONFIG_998c6628db2050e4_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_issue":{"close_older_issues":true,"expires":2,"labels":["automation","testing"],"max":1},"create_report_incomplete_issue":{},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_to_pull_request_branch":{"github-token":"${GH_AW_SECRET_GH_AW_SIDE_REPO_PAT}","if_no_changes":"error","max_patch_size":1024,"protect_top_level_dot_folders":true,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS","DESIGN.md","README.md","CONTRIBUTING.md","CHANGELOG.md","SECURITY.md","CODE_OF_CONDUCT.md","AGENTS.md","CLAUDE.md","GEMINI.md"],"target":"1","target-repo":"github/gh-aw-side-repo"},"report_incomplete":{}}
- GH_AW_SAFE_OUTPUTS_CONFIG_097628db74cb84d9_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_998c6628db2050e4_EOF
- name: Generate Safe Outputs Tools
env:
GH_AW_TOOLS_META_JSON: |
@@ -888,7 +868,7 @@ jobs:
mkdir -p /home/runner/.copilot
GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node)
- cat << GH_AW_MCP_CONFIG_c572fc02a7a02585_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
+ cat << GH_AW_MCP_CONFIG_57da82a848f70b7d_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs"
{
"mcpServers": {
"github": {
@@ -934,7 +914,7 @@ jobs:
}
}
}
- GH_AW_MCP_CONFIG_c572fc02a7a02585_EOF
+ GH_AW_MCP_CONFIG_57da82a848f70b7d_EOF
- name: Mount MCP servers as CLIs
id: mount-mcp-clis
continue-on-error: true
@@ -1631,7 +1611,9 @@ jobs:
}
pre_activation:
- if: "(github.event_name != 'issue_comment' && github.event_name != 'pull_request_review_comment' || contains(fromJSON('[\"OWNER\",\"MEMBER\",\"COLLABORATOR\"]'), github.event.comment.author_association)) && ((((github.event_name == 'issues' || github.event_name == 'issue_comment' || github.event_name == 'pull_request' || github.event_name == 'pull_request_review_comment' || github.event_name == 'discussion' || github.event_name == 'discussion_comment') && (github.event_name == 'issues' && (startsWith(github.event.issue.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.issue.body, '/smoke-update-cross-repo-pr\n') || github.event.issue.body == '/smoke-update-cross-repo-pr') || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr') && github.event.issue.pull_request == null || github.event_name == 'issue_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr') && github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr') || github.event_name == 'pull_request' && (startsWith(github.event.pull_request.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.pull_request.body, '/smoke-update-cross-repo-pr\n') || github.event.pull_request.body == '/smoke-update-cross-repo-pr') || github.event_name == 'discussion' && (startsWith(github.event.discussion.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.discussion.body, '/smoke-update-cross-repo-pr\n') || github.event.discussion.body == '/smoke-update-cross-repo-pr') || github.event_name == 'discussion_comment' && (startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr ') || startsWith(github.event.comment.body, '/smoke-update-cross-repo-pr\n') || github.event.comment.body == '/smoke-update-cross-repo-pr')) || (!(github.event_name == 'issues')) && (!(github.event_name == 'issue_comment')) && (!(github.event_name == 'pull_request')) && (!(github.event_name == 'pull_request_review_comment')) && (!(github.event_name == 'discussion')) && (!(github.event_name == 'discussion_comment'))) && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id)) && (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-update-cross-repo-pr'))"
+ if: >
+ (github.event_name != 'pull_request' || github.event.pull_request.head.repo.id == github.repository_id) &&
+ (github.event_name != 'pull_request' || github.event.action != 'labeled' || github.event.label.name == 'smoke-update-cross-repo-pr')
runs-on: ubuntu-slim
permissions:
contents: read
diff --git a/.github/workflows/smoke-update-cross-repo-pr.md b/.github/workflows/smoke-update-cross-repo-pr.md
index 2b629fe8c79..b9a50ddf742 100644
--- a/.github/workflows/smoke-update-cross-repo-pr.md
+++ b/.github/workflows/smoke-update-cross-repo-pr.md
@@ -4,7 +4,10 @@ name: Smoke Update Cross-Repo PR
description: Smoke test validating cross-repo pull request updates in github/gh-aw-side-repo by adding lines from Homer's Odyssey to the README
on:
- slash_command: smoke-update-cross-repo-pr
+ slash_command:
+ name: smoke-update-cross-repo-pr
+ strategy: centralized
+ events: [issues, issue_comment, pull_request, pull_request_comment]
workflow_dispatch:
pull_request:
types: [labeled]