Conversation
- Add BuildNpmEngineInstallStepsWithAWF helper to remove AWF-injection boilerplate from Claude, Gemini, and Copilot GetInstallationSteps - Add BuildDefaultSecretValidationStep helper to consolidate the custom-command guard + GenerateMultiSecretValidationStep call across all four engine GetSecretValidationStep implementations - Add collectCommonMCPSecrets helper to remove repeated MCP_GATEWAY_API_KEY and mcp-scripts secret collection from Claude, Codex, and Gemini GetRequiredSecretNames implementations Net: -118 lines; no behavioral changes; all tests pass Agent-Logs-Url: https://github.com/github/gh-aw/sessions/03077ca9-404d-4c4f-b816-eb0aaa4c505c Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
This comment has been minimized.
This comment has been minimized.
|
Hey One thing worth addressing before this lands:
If you'd like a hand, here's a prompt for the coding agent:
|
There was a problem hiding this comment.
Pull request overview
This PR refactors shared workflow-engine logic to remove duplicated code across multiple engine implementations (AWF injection into install steps, secret validation step generation, and common MCP secret collection), centralizing it into new helpers.
Changes:
- Added shared helpers in
engine_helpers.gofor AWF step injection, default secret validation step creation, and common MCP secret collection. - Updated Claude, Codex, and Gemini engines to use the new secret/MCP helpers.
- Updated Gemini and Copilot installation step generation to use the shared AWF-injection helper.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/workflow/gemini_engine.go | Uses shared helpers for MCP secret collection, secret validation, and AWF injection into install steps. |
| pkg/workflow/engine_helpers.go | Adds new helper functions to centralize AWF injection, secret validation step creation, and common MCP secret collection. |
| pkg/workflow/copilot_engine_installation.go | Switches secret validation to helper and routes install steps through shared AWF injection helper; updates install-order comment partially. |
| pkg/workflow/codex_engine.go | Uses shared helpers for secret validation and common MCP secret collection. |
| pkg/workflow/claude_engine.go | Uses shared helpers for secret validation, common MCP secret collection, and AWF injection into install steps. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| // GetInstallationSteps generates the complete installation workflow for Copilot CLI. | ||
| // This includes Node.js setup, sandbox installation (SRT or AWF), and Copilot CLI installation. | ||
| // Secret validation is handled separately in the activation job via GetSecretValidationStep. | ||
| // The installation order is: | ||
| // 1. Node.js setup | ||
| // 2. Sandbox installation (SRT or AWF, if needed) | ||
| // 2. Sandbox installation (AWF, if needed) | ||
| // 3. Copilot CLI installation |
There was a problem hiding this comment.
The docstring for GetInstallationSteps is now partially updated to AWF-only, but it still says “sandbox installation (SRT or AWF)” and the header comment above also references SRT. Since the implementation/comments now indicate SRT is removed, please update the remaining SRT references in this comment block to avoid misleading readers about supported sandbox modes.
| // BuildNpmEngineInstallStepsWithAWF injects an AWF installation step between the Node.js | ||
| // setup step and the CLI install steps when the firewall is enabled. This eliminates the | ||
| // duplicated AWF-injection pattern shared by Claude, Gemini, and Copilot engines. | ||
| // | ||
| // The expected layout of npmSteps is: | ||
| // - npmSteps[0] – Node.js setup step | ||
| // - npmSteps[1:] – CLI installation step(s) | ||
| // | ||
| // Parameters: | ||
| // - npmSteps: Pre-computed npm installation steps (from BuildStandardNpmEngineInstallSteps | ||
| // or GenerateCopilotInstallerSteps) | ||
| // - workflowData: The workflow data (used to determine firewall configuration) | ||
| // | ||
| // Returns: | ||
| // - []GitHubActionStep: Steps in order: Node.js setup, AWF (if enabled), CLI install | ||
| func BuildNpmEngineInstallStepsWithAWF(npmSteps []GitHubActionStep, workflowData *WorkflowData) []GitHubActionStep { | ||
| var steps []GitHubActionStep | ||
|
|
||
| if len(npmSteps) > 0 { | ||
| steps = append(steps, npmSteps[0]) // Node.js setup step | ||
| } | ||
|
|
There was a problem hiding this comment.
BuildNpmEngineInstallStepsWithAWF’s contract/docs assume npmSteps[0] is a Node.js setup step and explicitly mention GenerateCopilotInstallerSteps as a valid producer of npmSteps. However, GenerateCopilotInstallerSteps currently returns only the Copilot install step (no Node.js setup), so this helper will treat the install step as “Node.js setup” and append the AWF install after it. Please either update the helper to handle step lists without a Node.js setup step (e.g., detect uses: actions/setup-node and otherwise insert AWF before the first step), or tighten/update the docs to avoid implying this works with GenerateCopilotInstallerSteps.
|
@copilot review comments |
Three near-identical code blocks were copy-pasted across 4 engine files.
claude_engine.goandgemini_engine.goeach implemented AWF-between-Node-and-CLI injection manually (~50 lines each); all four engines duplicated the custom-command guard +GenerateMultiSecretValidationStepcall; Claude, Codex, and Gemini each repeated the MCP_GATEWAY_API_KEY + mcp-scripts secrets tail.New helpers in
engine_helpers.goBuildNpmEngineInstallStepsWithAWF(npmSteps, workflowData)— injects AWF betweennpmSteps[0](Node.js setup) andnpmSteps[1:](CLI install) when firewall is enabled. Replaces ~50 duplicated lines in Claude, Gemini, and CopilotGetInstallationSteps.BuildDefaultSecretValidationStep(workflowData, secrets, name, docsURL)— handles the custom-command guard and delegates toGenerateMultiSecretValidationStep. Each engine'sGetSecretValidationStepbecomes a one-liner (Copilot keeps its extra feature-flag check before calling it).collectCommonMCPSecrets(workflowData)— returnsMCP_GATEWAY_API_KEY(when MCP servers present) plus mcp-scripts secrets. Claude, Codex, and GeminiGetRequiredSecretNamesreduce toappend([]string{"ENGINE_KEY"}, collectCommonMCPSecrets(workflowData)...).Before / After (Claude as example)
Net: −118 lines, no behavioral changes.
Warning
Firewall rules blocked me from connecting to one or more addresses (expand for details)
I tried to connect to the following addresses, but was blocked by firewall rules:
https://api.github.com/graphql/usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw GO111MODULE 64/bin/go git rev-�� --show-toplevel node /usr/bin/git prettier --check 64/bin/go git(http block)/usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw Sc8KyN6c6 ache/go/1.25.0/x--show-toplevel git rev-�� --show-toplevel ache/go/1.25.0/x--json /usr/bin/git 7/001/test-inlingit IyVHpgO_3 ache/go/1.25.0/x--show-toplevel git(http block)/usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw sh /usr/bin/gh infocmp -1 xterm-color gh /usr/bin/git DefaultBranchFrogit DefaultBranchFrorev-parse /usr/bin/git git(http block)https://api.github.com/orgs/test-owner/actions/secrets/usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name go1.25.0 -c=4 -nolocalimports -importcfg /tmp/go-build2508215149/b396/importcfg -pack /tmp/go-build2508215149/b396/_testmain.go env -json onrpc.go 64/bin/go GOINSECURE GOMOD GOMODCACHE tomic_wasm.s(http block)/usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name "prettier" --wriGOINSECURE git 64/bin/go --show-toplevel git-upload-pack ache/node/24.14."prettier" --check '**/*.cjs' '**/*.ts' '**/*.json' --ignore-path ../../../.prettierignore go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name 1202/001/stability-test.md GO111MODULE t GOINSECURE GOMOD GOMODCACHE go env ace-editor.md GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)https://api.github.com/repos/actions/ai-inference/git/ref/tags/v1/usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE /opt/hostedtoolcache/node/24.14.0/x64/bin/bash GOINSECURE GOMOD GOMODCACHE bash(http block)/usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha --show-toplevel x_amd64/compile /usr/bin/git -json t/format.go x_amd64/compile git rev-�� --show-toplevel x_amd64/compile /usr/bin/gh -json GO111MODULE 64/pkg/tool/linu--show-toplevel gh(http block)/usr/bin/gh gh api /repos/actions/ai-inference/git/ref/tags/v1 --jq .object.sha github.event.issue.number ache/go/1.25.0/x64/pkg/tool/linux_amd64/asm /usr/bin/git -json GO111MODULE(http block)https://api.github.com/repos/actions/checkout/git/ref/tags/v3/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha -json GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env " GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha -test.paniconexit0 l /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/link -test.timeout=10git -test.run=^Test -test.short=true--show-toplevel /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/link -o /tmp/go-build2508215149/b431/semverutil.test -importcfg /usr/bin/git -s -w -buildmode=exe git(http block)/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha --show-toplevel go /tmp/go-build1413974702/b418/repoutil.test -json GO111MODULE h /tmp/go-build1413974702/b418/repoutil.test -tes�� -test.timeout=10m0s -test.count=1 /usr/bin/git */*.ts' '**/*.jsgit GO111MODULE ache/go/1.25.0/x--show-toplevel git(http block)https://api.github.com/repos/actions/checkout/git/ref/tags/v5/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE node(http block)/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha -json GO111MODULE /usr/bin/git GOINSECURE GOMOD GOMODCACHE git rev-�� --show-toplevel GOPROXY /usr/bin/git GOSUMDB GOWORK 64/bin/go git(http block)/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git(http block)https://api.github.com/repos/actions/checkout/git/ref/tags/v6/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha --show-toplevel git /usr/bin/git blob b0681201baecc5b1rev-parse 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git(http block)/usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha /repos/actions/github-script/git/ref/tags/v8 --jq /usr/bin/git -json GO111MODULE x_amd64/compile git remo�� remove origin /usr/bin/git -json GO111MODULE x_amd64/compile git(http block)https://api.github.com/repos/actions/github-script/git/ref/tags/v8/usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha --show-toplevel /opt/hostedtoolcache/go/1.25.0/xGO111MODULE /usr/bin/git x_amd64/vet sh 64/bin/go git rev-�� --show-toplevel go /usr/bin/git -json GO111MODULE 64/bin/go git(http block)/usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha go1.25.0 -c=4 -nolocalimports -importcfg /tmp/go-build3208304525/b251/importcfg -pack /home/REDACTED/work/gh-aw/gh-aw/pkg/gitutil/gitutil.go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)https://api.github.com/repos/actions/setup-go/git/ref/tags/v4/usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha /tmp/TestHashStability_SameInputSameOutput2595528767/001/stability-test.md go r,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,disp--show-toplevel -json flow-test-12345 x_amd64/compile git rev-�� --show-toplevel J_pvEl_0q8G_ /usr/bin/git -json GO111MODULE x_amd64/compile git(http block)/usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha xterm-color go /usr/bin/git heck '**/*.cjs' git GO111MODULE /opt/hostedtoolc--show-toplevel git -C /home/REDACTED/work/gh-aw/gh-aw/pkg/cli rev-parse /usr/bin/git ck 'scripts/**/*git GO111MODULE e/git-upload-pac--show-toplevel git(http block)https://api.github.com/repos/actions/setup-node/git/ref/tags/v4/usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha /tmp/TestHashStability_SameInputSameOutput2595528767/001/stability-test.md -extld=gcc /usr/bin/git -json GO111MODULE x_amd64/compile git rev-�� --show-toplevel x_amd64/compile /usr/bin/git -json GO111MODULE x_amd64/compile git(http block)/usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha --show-toplevel go /usr/bin/git Onlyrepos_only_wgit GO111MODULE sh git conf�� --get remote.origin.url /usr/bin/git y-frontmatter.mdgit GO111MODULE /opt/hostedtoolc--show-toplevel git(http block)https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v0.1.2/usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha L7FfJruFmYGlbeAP7i0U/L7FfJruFmYGlbeAP7i0U -goversion r,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,disp--show-toplevel -c=4 flow-12345 -importcfg git rese�� HEAD .github/workflows/test.md /usr/bin/git -json GO111MODULE x_amd64/compile git(http block)/usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v0.1.2 --jq .object.sha --show-toplevel go /usr/bin/git Onlymin-integritgit GO111MODULE cal/bin/sh git rev-�� --show-toplevel go 0/x64/bin/node ck 'scripts/**/*git GO111MODULE e/git-upload-pac--show-toplevel 0/x64/bin/node(http block)https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0/usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha licyBlockedUsersExpressionCompiledOutput3501747756/001 -trimpath /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/cgo l github.com/goccyrev-parse -lang=go1.21 /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/cgo -V=f�� -aw/git/ref/tags/v2.0.0 -dwarf=false /usr/lib/git-core/git-upload-pack go1.25.0 -c=4 -nolocalimports git-upload-pack(http block)/usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha sistency_GoAndJavaScript3750966978/001/test-frontmatter-with-arrays.md go /usr/local/sbin/iptables th .prettierigno/opt/hostedtoolcache/node/24.14.0/x64/bin/node GO111MODULE 64/bin/go iptables -w k/gh-aw/gh-aw/.github/workflows security /usr/bin/git -nxv GO111MODULE 64/bin/node git(http block)https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3/usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha 0354-46904/test-1972425857 g/sliceutil/sliceutil_test.go ache/go/1.25.0/x64/pkg/tool/linux_amd64/compile -p log/slog -lang=go1.25 ache/go/1.25.0/x64/pkg/tool/linux_amd64/compile -V=f�� 8215149/b436/_pkg_.a BnHvriLGPCMV_McQl5bd/BnHvriLGPCMV_McQl5bd 8215149/b436=> -goversion b/gh-aw/pkg/strirev-parse -c=4 git(http block)/usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha licyMinIntegrityOnlymin-integrity_with_repos=public_394588442/001 go 3974702/b412/vet.cfg th .prettierignogit GO111MODULE 64/bin/go iptables -w -t security /tmp/go-build1413974702/b407/logger.test OUTPUT -d 168.63.129.16 /tmp/go-build1413974702/b407/log5(http block)https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts/usr/bin/gh gh run download 1 --dir test-logs/run-1 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile env 1044548712/.github/workflows GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile(http block)/usr/bin/gh gh run download 1 --dir test-logs/run-1 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE tions/setup/js/node_modules/.bin/sh GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh run download 1 --dir test-logs/run-1 rev-parse /usr/bin/git -json GO111MODULE 64/bin/go git conf�� Onlymin-integrity_with_explicit_repo2399638164/001 test@example.com es re GO111MODULE 64/bin/go git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts/usr/bin/gh gh run download 12345 --dir test-logs/run-12345 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile env g_.a rotocol/go-sdk@v1.4.1/internal/xcontext/xcontext.go 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile(http block)/usr/bin/gh gh run download 12345 --dir test-logs/run-12345 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env LsRemoteWithRealGitbranch_with_hyphen2872737704/001' LsRemoteWithRealGitbranch_with_hyphen2872737704/001' ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh run download 12345 --dir test-logs/run-12345 sRemoteWithRealGitmaster_branch376439608/002/work 64/pkg/tool/linux_amd64/compile -json GO111MODULE /node 64/pkg/tool/linux_amd64/compile rev-�� g_.a go /usr/bin/git -json GO111MODULE 64/bin/go git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts/usr/bin/gh gh run download 12346 --dir test-logs/run-12346 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile env g_.a @v1.1.3/ascii/ascii.go 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile(http block)/usr/bin/gh gh run download 12346 --dir test-logs/run-12346 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go itbr�� -json GO111MODULE 0/x64/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin/node GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh run download 12346 --dir test-logs/run-12346 test@example.com At,event,headBranch,headSha,displayTitle -json GO111MODULE 6f64e706797a457e--git-dir git rev-�� 1306-62680/test-384024709/.github/workflows go .cfg -json GO111MODULE 64/bin/go /usr/lib/git-core/git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts/usr/bin/gh gh run download 2 --dir test-logs/run-2 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile env 1044548712/.github/workflows 0/internal/language/compact/compact.go 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile(http block)/usr/bin/gh gh run download 2 --dir test-logs/run-2 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE tions/setup/js/node_modules/.bin/sh GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh run download 2 --dir test-logs/run-2 go 0/x64/bin/node q "All matched fgit GO111MODULE 64/bin/go git t-ha�� vaScript3750966978/001/test-frontmatter-with-nested-objects.md go iptables re GO111MODULE 64/bin/go git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts/usr/bin/gh gh run download 3 --dir test-logs/run-3 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile env 1044548712/.github/workflows til.go 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile(http block)/usr/bin/gh gh run download 3 --dir test-logs/run-3 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go eWit�� -json GO111MODULE tions/node_modules/.bin/sh GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh run download 3 --dir test-logs/run-3 go /usr/bin/git -json GO111MODULE 64/bin/go git rev-�� Onlymin-integrity_with_repos=public_394588442/001 go .cfg re GO111MODULE 64/bin/go /usr/lib/git-core/git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts/usr/bin/gh gh run download 4 --dir test-logs/run-4 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile env g_.a 0/language/coverage.go 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD abis 64/pkg/tool/linux_amd64/compile(http block)/usr/bin/gh gh run download 4 --dir test-logs/run-4 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE tions/setup/node_modules/.bin/sh GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh run download 4 --dir test-logs/run-4 remote.origin.url At,event,headBranch,headSha,displayTitle led-with-body-cogit GO111MODULE 64/bin/go git conf�� Onlymin-integrity_with_explicit_repo2399638164/001 Test User ptables re GO111MODULE 64/bin/go git(http block)https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts/usr/bin/gh gh run download 5 --dir test-logs/run-5 GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile env g_.a l.go 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile(http block)/usr/bin/gh gh run download 5 --dir test-logs/run-5 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE de_modules/.bin/sh GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh run download 5 --dir test-logs/run-5 rev-parse /usr/bin/git -json GO111MODULE 64/bin/go git conf�� Onlymin-integrity_with_repos=public_394588442/00remote.origin.url remote.origin.url 0/x64/bin/node re GO111MODULE 64/bin/go git(http block)https://api.github.com/repos/github/gh-aw/actions/workflows/usr/bin/gh gh workflow list --json name,state,path 997474827/001' 997474827/001' 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD wasm.s go(http block)/usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 GOMOD GOMODCACHE go ules�� -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)/usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 GOMOD GOMODCACHE Ji/C9QlQHE-d6LXM.github/workflows/test.md eWit�� g_.a GO111MODULE 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile(http block)https://api.github.com/repos/github/gh-aw/git/ref/tags/v0.47.4/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel GOPROXY /usr/bin/git GOSUMDB GOWORK 64/bin/go git rev-�� --show-toplevel ache/go/1.25.0/xGO111MODULE /usr/bin/git 1141716/b425/_pkgit GO111MODULE 64/bin/go git(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha --show-toplevel 64/pkg/tool/linux_amd64/asm /usr/bin/git itbranch_with_hygit itbranch_with_hyrev-parse 64/pkg/tool/linu--show-toplevel git rev-�� --show-toplevel 64/pkg/tool/linux_amd64/compile /usr/bin/git g_.a GO111MODULE 64/pkg/tool/linu--verify git(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v0.47.4 --jq .object.sha Safe: ${{ github.actor }}, Unsafe: ${{ secrets.TOKEN }} node /opt/hostedtoolcache/node/24.14.0/x64/bin/node prettier --check ache/node/24.14.--show-toplevel /opt/hostedtoolcache/node/24.14.0/x64/bin/node /tmp�� github.actor git-receive-pack /usr/bin/git k/gh-aw/gh-aw/.ggit node 64/pkg/tool/linu--verify git(http block)https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha GOSUMDB GOWORK 64/bin/go r code style"; tgo GOMOD GOMODCACHE ache/go/1.25.0/xGO111MODULE env 1141716/b415/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE b/gh-aw/pkg/semvenv GOMODCACHE go(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha -json GO111MODULE At,event,headBranch,headSha,displayTitle GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linu/home/REDACTED/work/gh-aw/gh-aw/pkg/timeutil/format_test.go ache�� g_.a GO111MODULE x_amd64/vet GOINSECURE GOMOD abis x_amd64/vet(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha Onlyrepos_only_without_min-integrity2592912476/001 GO111MODULE h GOINSECURE GOMOD GOMODCACHE go env ck 'scripts/**/*remote.origin.url GO111MODULE 0/x64/bin/node GOINSECURE GOMOD GOMODCACHE u1NbgiD/UJSY33iu2tL8yBtXfKXT(http block)https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha h ../../../.pret.prettierignore GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE TPsx8tr/2Zi3zfhVconfig(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha efaultBranchFromLsRemoteWithRealGitcustom_branch2287122059/001' efaultBranchFromLsRemoteWithRealGitcustom_branch2287122059/001' k/gh-aw/node_modules/.bin/node GOINSECURE GOMOD GOMODCACHE go ache�� 8430379/001 8430379/002/work-w /opt/hostedtoolc-buildmode=exe GOINSECURE GOMOD GOMODCACHE erignore(http block)https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha on' --ignore-patgo1.25.0 GO111MODULE 64/bin/go GOINSECURE GOMOD s go env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha on' --ignore-pat-goversion GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha on' --ignore-pat-errorsas GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha on' --ignore-pat-errorsas GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha h ../../../.prettierignore GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha efaultBranchFrom-s efaultBranchFrom-w in/node GOINSECURE GOMOD GOMODCACHE go ache�� RequiresMinInteg-errorsas GO111MODULE 0/x64/bin/node GOINSECURE GOMOD GOMODCACHE erignore(http block)https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999/usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD GOMODCACHE ache/go/1.25.0/xGO111MODULE env 1141716/b417/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE b/gh-aw/pkg/slicenv GOMODCACHE go(http block)/usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha g_.a GO111MODULE 64/pkg/tool/linu-nolocalimports GOINSECURE id GOMODCACHE 64/pkg/tool/linu/tmp/go-build2508215149/b446/_testmain.go ache�� g_.a GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet(http block)/usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha OnlyCompiledOutput3554873753/001 GO111MODULE m/_npx/b388654678d519d9/node_modules/.bin/prettier GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE /opt/hostedtoolc-lang=go1.25 GOINSECURE GOMOD GOMODCACHE go(http block)https://api.github.com/repos/nonexistent/repo/actions/runs/12345/usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion en \ PATH="$GOPgit GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/compile env y_with_explicit_repo4087451904/0remote.origin.url 4.0/internal/doc.go 64/pkg/tool/linux_amd64/compile GOINSECURE GOMOD abis 64/pkg/tool/linux_amd64/compile(http block)/usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE de/node/bin/sh GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion -json GO111MODULE 64/bin/go git -C 1306-62680/test-1319802500/.github/workflows config /usr/bin/git remote.origin.urgit GO111MODULE 64/bin/go git(http block)https://api.github.com/repos/owner/repo/actions/workflows/usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json d.go 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh workflow list --json name,state,path --repo owner/repo -nolocalimports -importcfg /tmp/go-build2508215149/b414/importcfg -pack /tmp/go-build2508215149/b414/_testmain.go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go --show-toplevel ache/go/1.25.0/x-c /usr/bin/git go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)https://api.github.com/repos/owner/repo/contents/file.md/tmp/go-build2508215149/b396/cli.test /tmp/go-build2508215149/b396/cli.test -test.testlogfile=/tmp/go-build2508215149/b396/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true -nolocalimports -importcfg /tmp/go-build3208304525/b206/importcfg -pack env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)/tmp/go-build1657547137/b396/cli.test /tmp/go-build1657547137/b396/cli.test -test.testlogfile=/tmp/go-build1657547137/b396/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true tierignore ortcfg /usr/bin/git node /hom�� --write ../../../**/*.jsGOMOD 64/bin/go --ignore-path ../../../.pretti-c ch go(http block)/tmp/go-build1413974702/b001/cli.test /tmp/go-build1413974702/b001/cli.test -test.paniconexit0 -test.timeout=10m0s -test.count=1 env -json GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go 0/x6�� -json GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet(http block)https://api.github.com/repos/test-owner/test-repo/actions/secrets/usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE node GOINSECURE GOMOD GOMODCACHE s not exist yet"-trimpath(http block)/usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name "prettier" --wriGOINSECURE git 64/bin/go --show-toplevel git /usr/bin/git go env -json GO111MODULE /node GOINSECURE GOMOD GOMODCACHE go(http block)/usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name go1.25.0 -c=4 -nolocalimports -importcfg /tmp/go-build1413974702/b395/importcfg -pack /tmp/go-build1413974702/b395/_testmain.go 8d51�� -json GO111MODULE ache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go(http block)If you need me to access, download, or install something from one of these locations, you can either: