diff --git a/.github/workflows/ace-editor.lock.yml b/.github/workflows/ace-editor.lock.yml
index 7c80b8ed1df..3006f4078a9 100644
--- a/.github/workflows/ace-editor.lock.yml
+++ b/.github/workflows/ace-editor.lock.yml
@@ -291,6 +291,7 @@ jobs:
env:
GH_AW_WORKFLOW_ID_SANITIZED: aceeditor
outputs:
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
steps:
@@ -496,6 +497,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
diff --git a/.github/workflows/agent-performance-analyzer.lock.yml b/.github/workflows/agent-performance-analyzer.lock.yml
index f52e61cf986..d11c9d7b75a 100644
--- a/.github/workflows/agent-performance-analyzer.lock.yml
+++ b/.github/workflows/agent-performance-analyzer.lock.yml
@@ -281,6 +281,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: agentperformanceanalyzer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -833,6 +834,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1293,6 +1295,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/agent-performance-analyzer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "agent-performance-analyzer"
diff --git a/.github/workflows/agent-persona-explorer.lock.yml b/.github/workflows/agent-persona-explorer.lock.yml
index 009387aacdb..d489b9d1d87 100644
--- a/.github/workflows/agent-persona-explorer.lock.yml
+++ b/.github/workflows/agent-persona-explorer.lock.yml
@@ -279,6 +279,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: agentpersonaexplorer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -783,6 +784,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1155,6 +1157,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/agent-persona-explorer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "agent-persona-explorer"
diff --git a/.github/workflows/agentic-observability-kit.lock.yml b/.github/workflows/agentic-observability-kit.lock.yml
index fe389c4875e..17c0700f949 100644
--- a/.github/workflows/agentic-observability-kit.lock.yml
+++ b/.github/workflows/agentic-observability-kit.lock.yml
@@ -269,6 +269,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: agenticobservabilitykit
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -793,6 +794,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1127,6 +1129,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/agentic-observability-kit"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "agentic-observability-kit"
diff --git a/.github/workflows/ai-moderator.lock.yml b/.github/workflows/ai-moderator.lock.yml
index cead4c5549a..9c3f25163b8 100644
--- a/.github/workflows/ai-moderator.lock.yml
+++ b/.github/workflows/ai-moderator.lock.yml
@@ -314,6 +314,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: aimoderator
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -750,6 +751,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1005,6 +1007,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/ai-moderator"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "ai-moderator"
diff --git a/.github/workflows/archie.lock.yml b/.github/workflows/archie.lock.yml
index d9e6abca5e2..24899ca5d18 100644
--- a/.github/workflows/archie.lock.yml
+++ b/.github/workflows/archie.lock.yml
@@ -27,7 +27,7 @@
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"6af46128c4298eac4f6604318a343f01923c8bcbd477f9e3b1e0bb6ea8ade2db","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"cef991e4899d8eed54259bc2844f9b763d5a1731bea07632148890e4163e9f8a","strict":true,"agent_id":"copilot"}
name: "Archie"
"on":
@@ -158,7 +158,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Archie"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Diagram rendered by [{workflow_name}]({run_url})*{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ง *Workflow sync report by [{workflow_name}]({run_url}) for {repository}*\",\"footerWorkflowRecompileComment\":\"\\u003e ๐ *Update from [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing the architecture for this {event_type}...\",\"runSuccess\":\"๐จ [{workflow_name}]({run_url}) has completed the architecture visualization. โ
\",\"runFailure\":\"๐ [{workflow_name}]({run_url}) encountered an issue and could not complete the architecture diagram. Check the [run logs]({run_url}) for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Diagram rendered by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ง *Workflow sync report by [{workflow_name}]({run_url}) for {repository}*\",\"footerWorkflowRecompileComment\":\"\\u003e ๐ *Update from [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing the architecture for this {event_type}...\",\"runSuccess\":\"๐จ [{workflow_name}]({run_url}) has completed the architecture visualization. โ
\",\"runFailure\":\"๐ [{workflow_name}]({run_url}) encountered an issue and could not complete the architecture diagram. Check the [run logs]({run_url}) for details.\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -184,14 +184,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_4b84f2f3d00883a1_EOF'
+ cat << 'GH_AW_PROMPT_fea01d6cbd51c9c0_EOF'
- GH_AW_PROMPT_4b84f2f3d00883a1_EOF
+ GH_AW_PROMPT_fea01d6cbd51c9c0_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_4b84f2f3d00883a1_EOF'
+ cat << 'GH_AW_PROMPT_fea01d6cbd51c9c0_EOF'
Tools: add_comment, missing_tool, missing_data, noop
@@ -223,12 +223,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_4b84f2f3d00883a1_EOF
+ GH_AW_PROMPT_fea01d6cbd51c9c0_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_4b84f2f3d00883a1_EOF'
+ cat << 'GH_AW_PROMPT_fea01d6cbd51c9c0_EOF'
## Serena Code Analysis
@@ -263,7 +263,7 @@ jobs:
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
{{#runtime-import .github/workflows/archie.md}}
- GH_AW_PROMPT_4b84f2f3d00883a1_EOF
+ GH_AW_PROMPT_fea01d6cbd51c9c0_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -361,6 +361,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: archie
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -441,12 +442,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_18ad26f30dfa7220_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_68712204a30a8565_EOF'
{"add_comment":{"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_18ad26f30dfa7220_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_68712204a30a8565_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_8017af394b06678c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_526ba01ff1747211_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added."
@@ -454,8 +455,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_8017af394b06678c_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_7923d9b19526dd70_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_526ba01ff1747211_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_015fc4782c2ab8b0_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -533,7 +534,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_7923d9b19526dd70_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_015fc4782c2ab8b0_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -603,7 +604,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_881f7498ce266add_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_1aecf03afd94e396_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -673,7 +674,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_881f7498ce266add_EOF
+ GH_AW_MCP_CONFIG_1aecf03afd94e396_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -798,6 +799,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -950,7 +952,7 @@ jobs:
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_INFERENCE_ACCESS_ERROR: ${{ needs.agent.outputs.inference_access_error }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Diagram rendered by [{workflow_name}]({run_url})*{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ง *Workflow sync report by [{workflow_name}]({run_url}) for {repository}*\",\"footerWorkflowRecompileComment\":\"\\u003e ๐ *Update from [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing the architecture for this {event_type}...\",\"runSuccess\":\"๐จ [{workflow_name}]({run_url}) has completed the architecture visualization. โ
\",\"runFailure\":\"๐ [{workflow_name}]({run_url}) encountered an issue and could not complete the architecture diagram. Check the [run logs]({run_url}) for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Diagram rendered by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ง *Workflow sync report by [{workflow_name}]({run_url}) for {repository}*\",\"footerWorkflowRecompileComment\":\"\\u003e ๐ *Update from [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing the architecture for this {event_type}...\",\"runSuccess\":\"๐จ [{workflow_name}]({run_url}) has completed the architecture visualization. โ
\",\"runFailure\":\"๐ [{workflow_name}]({run_url}) encountered an issue and could not complete the architecture diagram. Check the [run logs]({run_url}) for details.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -972,7 +974,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Archie"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Diagram rendered by [{workflow_name}]({run_url})*{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ง *Workflow sync report by [{workflow_name}]({run_url}) for {repository}*\",\"footerWorkflowRecompileComment\":\"\\u003e ๐ *Update from [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing the architecture for this {event_type}...\",\"runSuccess\":\"๐จ [{workflow_name}]({run_url}) has completed the architecture visualization. โ
\",\"runFailure\":\"๐ [{workflow_name}]({run_url}) encountered an issue and could not complete the architecture diagram. Check the [run logs]({run_url}) for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Diagram rendered by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ง *Workflow sync report by [{workflow_name}]({run_url}) for {repository}*\",\"footerWorkflowRecompileComment\":\"\\u003e ๐ *Update from [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing the architecture for this {event_type}...\",\"runSuccess\":\"๐จ [{workflow_name}]({run_url}) has completed the architecture visualization. โ
\",\"runFailure\":\"๐ [{workflow_name}]({run_url}) encountered an issue and could not complete the architecture diagram. Check the [run logs]({run_url}) for details.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1191,9 +1193,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/archie"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Diagram rendered by [{workflow_name}]({run_url})*{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ง *Workflow sync report by [{workflow_name}]({run_url}) for {repository}*\",\"footerWorkflowRecompileComment\":\"\\u003e ๐ *Update from [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing the architecture for this {event_type}...\",\"runSuccess\":\"๐จ [{workflow_name}]({run_url}) has completed the architecture visualization. โ
\",\"runFailure\":\"๐ [{workflow_name}]({run_url}) encountered an issue and could not complete the architecture diagram. Check the [run logs]({run_url}) for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Diagram rendered by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ง *Workflow sync report by [{workflow_name}]({run_url}) for {repository}*\",\"footerWorkflowRecompileComment\":\"\\u003e ๐ *Update from [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing the architecture for this {event_type}...\",\"runSuccess\":\"๐จ [{workflow_name}]({run_url}) has completed the architecture visualization. โ
\",\"runFailure\":\"๐ [{workflow_name}]({run_url}) encountered an issue and could not complete the architecture diagram. Check the [run logs]({run_url}) for details.\"}"
GH_AW_WORKFLOW_ID: "archie"
GH_AW_WORKFLOW_NAME: "Archie"
outputs:
diff --git a/.github/workflows/archie.md b/.github/workflows/archie.md
index 66cd9bbc2be..a0bb6601daa 100644
--- a/.github/workflows/archie.md
+++ b/.github/workflows/archie.md
@@ -26,7 +26,7 @@ safe-outputs:
add-comment:
max: 1
messages:
- footer: "> ๐ *Diagram rendered by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ *Diagram rendered by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
footer-workflow-recompile: "> ๐ง *Workflow sync report by [{workflow_name}]({run_url}) for {repository}*"
footer-workflow-recompile-comment: "> ๐ *Update from [{workflow_name}]({run_url}) for {repository}*"
run-started: "๐ [{workflow_name}]({run_url}) is analyzing the architecture for this {event_type}..."
diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml
index eae96eaca6d..d249552475d 100644
--- a/.github/workflows/artifacts-summary.lock.yml
+++ b/.github/workflows/artifacts-summary.lock.yml
@@ -262,6 +262,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: artifactssummary
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -677,6 +678,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1006,6 +1008,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/artifacts-summary"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "artifacts-summary"
diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml
index 3a4094e586e..fd09eda9a8f 100644
--- a/.github/workflows/audit-workflows.lock.yml
+++ b/.github/workflows/audit-workflows.lock.yml
@@ -297,6 +297,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: auditworkflows
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -918,6 +919,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1382,6 +1384,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/audit-workflows"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "audit-workflows-daily"
diff --git a/.github/workflows/auto-triage-issues.lock.yml b/.github/workflows/auto-triage-issues.lock.yml
index 8589e4f3ead..e64519f6e97 100644
--- a/.github/workflows/auto-triage-issues.lock.yml
+++ b/.github/workflows/auto-triage-issues.lock.yml
@@ -279,6 +279,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: autotriageissues
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -729,6 +730,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1110,6 +1112,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/auto-triage-issues"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "auto-triage-issues"
diff --git a/.github/workflows/blog-auditor.lock.yml b/.github/workflows/blog-auditor.lock.yml
index 81d6ee2f6da..a63ade88ae0 100644
--- a/.github/workflows/blog-auditor.lock.yml
+++ b/.github/workflows/blog-auditor.lock.yml
@@ -273,6 +273,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: blogauditor
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -813,6 +814,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -986,6 +988,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/blog-auditor"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "blog-auditor-weekly"
diff --git a/.github/workflows/bot-detection.lock.yml b/.github/workflows/bot-detection.lock.yml
index 211023a97e3..a659de1836b 100644
--- a/.github/workflows/bot-detection.lock.yml
+++ b/.github/workflows/bot-detection.lock.yml
@@ -283,6 +283,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: botdetection
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -760,6 +761,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1737,6 +1739,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/bot-detection"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "bot-detection"
diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml
index 05764cdfa8f..f5399b49383 100644
--- a/.github/workflows/brave.lock.yml
+++ b/.github/workflows/brave.lock.yml
@@ -26,7 +26,7 @@
# Imports:
# - shared/mcp/brave.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"b27bdb18dacbcbd2f7d40d0ca89db8dd0efb0f607bddc789f78e6394f596ca9f","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"7a1207f23c543fac19ce5c6a56703ce4c48c2bbdc62e8147af2d2325d31c7a51","strict":true,"agent_id":"copilot"}
name: "Brave Web Search Agent"
"on":
@@ -147,7 +147,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Brave Web Search Agent"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฆ *Search results brought to you by [{workflow_name}]({run_url})*{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ *Maintenance report by [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is searching the web on this {event_type}.\",\"runSuccess\":\"โ
Research complete. [{workflow_name}]({run_url}) has returned with results.\",\"runFailure\":\"โ Search failed. [{workflow_name}]({run_url}) {status}. Unable to retrieve web sources.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฆ *Search results brought to you by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ *Maintenance report by [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is searching the web on this {event_type}.\",\"runSuccess\":\"โ
Research complete. [{workflow_name}]({run_url}) has returned with results.\",\"runFailure\":\"โ Search failed. [{workflow_name}]({run_url}) {status}. Unable to retrieve web sources.\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -173,14 +173,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_36df2bec060ac754_EOF'
+ cat << 'GH_AW_PROMPT_9779d2a58f3441be_EOF'
- GH_AW_PROMPT_36df2bec060ac754_EOF
+ GH_AW_PROMPT_9779d2a58f3441be_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_36df2bec060ac754_EOF'
+ cat << 'GH_AW_PROMPT_9779d2a58f3441be_EOF'
Tools: add_comment, missing_tool, missing_data, noop
@@ -212,16 +212,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_36df2bec060ac754_EOF
+ GH_AW_PROMPT_9779d2a58f3441be_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_36df2bec060ac754_EOF'
+ cat << 'GH_AW_PROMPT_9779d2a58f3441be_EOF'
{{#runtime-import .github/workflows/shared/mcp/brave.md}}
{{#runtime-import .github/workflows/brave.md}}
- GH_AW_PROMPT_36df2bec060ac754_EOF
+ GH_AW_PROMPT_9779d2a58f3441be_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -317,6 +317,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: brave
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -397,12 +398,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_acd9ca58f5d2022b_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_1e334fe555031930_EOF'
{"add_comment":{"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_acd9ca58f5d2022b_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_1e334fe555031930_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_d24d1e4930d3dfb6_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_b9d73fb8ea52ce82_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added."
@@ -410,8 +411,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_d24d1e4930d3dfb6_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_c594ef72d6e5d34d_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_b9d73fb8ea52ce82_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_c1fa7b24a18806a6_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -489,7 +490,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_c594ef72d6e5d34d_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_c1fa7b24a18806a6_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -560,7 +561,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e BRAVE_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_afad2ce787ba8917_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_bdc9ed36a6083efb_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"brave-search": {
@@ -618,7 +619,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_afad2ce787ba8917_EOF
+ GH_AW_MCP_CONFIG_bdc9ed36a6083efb_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -744,6 +745,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -896,7 +898,7 @@ jobs:
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_INFERENCE_ACCESS_ERROR: ${{ needs.agent.outputs.inference_access_error }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฆ *Search results brought to you by [{workflow_name}]({run_url})*{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ *Maintenance report by [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is searching the web on this {event_type}.\",\"runSuccess\":\"โ
Research complete. [{workflow_name}]({run_url}) has returned with results.\",\"runFailure\":\"โ Search failed. [{workflow_name}]({run_url}) {status}. Unable to retrieve web sources.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฆ *Search results brought to you by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ *Maintenance report by [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is searching the web on this {event_type}.\",\"runSuccess\":\"โ
Research complete. [{workflow_name}]({run_url}) has returned with results.\",\"runFailure\":\"โ Search failed. [{workflow_name}]({run_url}) {status}. Unable to retrieve web sources.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -918,7 +920,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Brave Web Search Agent"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฆ *Search results brought to you by [{workflow_name}]({run_url})*{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ *Maintenance report by [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is searching the web on this {event_type}.\",\"runSuccess\":\"โ
Research complete. [{workflow_name}]({run_url}) has returned with results.\",\"runFailure\":\"โ Search failed. [{workflow_name}]({run_url}) {status}. Unable to retrieve web sources.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฆ *Search results brought to you by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ *Maintenance report by [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is searching the web on this {event_type}.\",\"runSuccess\":\"โ
Research complete. [{workflow_name}]({run_url}) has returned with results.\",\"runFailure\":\"โ Search failed. [{workflow_name}]({run_url}) {status}. Unable to retrieve web sources.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1137,9 +1139,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/brave"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฆ *Search results brought to you by [{workflow_name}]({run_url})*{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ *Maintenance report by [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is searching the web on this {event_type}.\",\"runSuccess\":\"โ
Research complete. [{workflow_name}]({run_url}) has returned with results.\",\"runFailure\":\"โ Search failed. [{workflow_name}]({run_url}) {status}. Unable to retrieve web sources.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฆ *Search results brought to you by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ *Maintenance report by [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is searching the web on this {event_type}.\",\"runSuccess\":\"โ
Research complete. [{workflow_name}]({run_url}) has returned with results.\",\"runFailure\":\"โ Search failed. [{workflow_name}]({run_url}) {status}. Unable to retrieve web sources.\"}"
GH_AW_WORKFLOW_ID: "brave"
GH_AW_WORKFLOW_NAME: "Brave Web Search Agent"
outputs:
diff --git a/.github/workflows/brave.md b/.github/workflows/brave.md
index b581cdf0060..a4cdb35d374 100644
--- a/.github/workflows/brave.md
+++ b/.github/workflows/brave.md
@@ -16,7 +16,7 @@ safe-outputs:
add-comment:
max: 1
messages:
- footer: "> ๐ฆ *Search results brought to you by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ฆ *Search results brought to you by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
footer-workflow-recompile: "> ๐ *Maintenance report by [{workflow_name}]({run_url}) for {repository}*"
run-started: "๐ [{workflow_name}]({run_url}) is searching the web on this {event_type}."
run-success: "โ
Research complete. [{workflow_name}]({run_url}) has returned with results."
diff --git a/.github/workflows/breaking-change-checker.lock.yml b/.github/workflows/breaking-change-checker.lock.yml
index 80da44ef151..951aa4c2228 100644
--- a/.github/workflows/breaking-change-checker.lock.yml
+++ b/.github/workflows/breaking-change-checker.lock.yml
@@ -27,7 +27,7 @@
# - shared/activation-app.md
# - shared/reporting.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"5c78b7dbacfc2b07ac10f20e72d0c68083854323af4295a77582ccb1e300e579","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"72c5d14586c0c054bfab13bebc68d2cb455854b9e4f86832cc1fa24920e2bea0","strict":true,"agent_id":"copilot"}
name: "Breaking Change Checker"
"on":
@@ -135,14 +135,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_6d76d0eb8e9e7a75_EOF'
+ cat << 'GH_AW_PROMPT_349ac2b8333d75c8_EOF'
- GH_AW_PROMPT_6d76d0eb8e9e7a75_EOF
+ GH_AW_PROMPT_349ac2b8333d75c8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_6d76d0eb8e9e7a75_EOF'
+ cat << 'GH_AW_PROMPT_349ac2b8333d75c8_EOF'
Tools: create_issue, missing_tool, missing_data, noop
@@ -174,14 +174,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_6d76d0eb8e9e7a75_EOF
+ GH_AW_PROMPT_349ac2b8333d75c8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_6d76d0eb8e9e7a75_EOF'
+ cat << 'GH_AW_PROMPT_349ac2b8333d75c8_EOF'
{{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/breaking-change-checker.md}}
- GH_AW_PROMPT_6d76d0eb8e9e7a75_EOF
+ GH_AW_PROMPT_349ac2b8333d75c8_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -269,6 +269,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: breakingchangechecker
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -349,12 +350,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_ad967867b3db07ea_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_076cc1319bc76cab_EOF'
{"create_issue":{"assignees":["copilot"],"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_ad967867b3db07ea_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_076cc1319bc76cab_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_0b06fff49721f527_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_26946dee3b930582_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Assignees [\"copilot\"] will be automatically assigned."
@@ -362,8 +363,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_0b06fff49721f527_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_a3abf1bd0253509b_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_26946dee3b930582_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_0981cb525321af8b_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -456,7 +457,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_a3abf1bd0253509b_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_0981cb525321af8b_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -526,7 +527,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_e7ca309c4263bee2_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_1c57e2cab2f2caf9_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -567,7 +568,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_e7ca309c4263bee2_EOF
+ GH_AW_MCP_CONFIG_1c57e2cab2f2caf9_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -711,6 +712,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -866,7 +868,7 @@ jobs:
GH_AW_ASSIGN_COPILOT_FAILURE_COUNT: ${{ needs.safe_outputs.outputs.assign_copilot_failure_count }}
GH_AW_ASSIGN_COPILOT_ERRORS: ${{ needs.safe_outputs.outputs.assign_copilot_errors }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โ ๏ธ *Compatibility report by [{workflow_name}]({run_url})*{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ ๏ธ *Workflow maintenance by [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ฌ Breaking Change Checker online! [{workflow_name}]({run_url}) is analyzing API compatibility on this {event_type}...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has reviewed all changes. Compatibility verdict delivered! ๐\",\"runFailure\":\"๐ฌ Analysis interrupted! [{workflow_name}]({run_url}) {status}. Compatibility status unknown...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โ ๏ธ *Compatibility report by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ ๏ธ *Workflow maintenance by [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ฌ Breaking Change Checker online! [{workflow_name}]({run_url}) is analyzing API compatibility on this {event_type}...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has reviewed all changes. Compatibility verdict delivered! ๐\",\"runFailure\":\"๐ฌ Analysis interrupted! [{workflow_name}]({run_url}) {status}. Compatibility status unknown...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -1087,9 +1089,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/breaking-change-checker"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โ ๏ธ *Compatibility report by [{workflow_name}]({run_url})*{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ ๏ธ *Workflow maintenance by [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ฌ Breaking Change Checker online! [{workflow_name}]({run_url}) is analyzing API compatibility on this {event_type}...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has reviewed all changes. Compatibility verdict delivered! ๐\",\"runFailure\":\"๐ฌ Analysis interrupted! [{workflow_name}]({run_url}) {status}. Compatibility status unknown...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โ ๏ธ *Compatibility report by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"footerWorkflowRecompile\":\"\\u003e ๐ ๏ธ *Workflow maintenance by [{workflow_name}]({run_url}) for {repository}*\",\"runStarted\":\"๐ฌ Breaking Change Checker online! [{workflow_name}]({run_url}) is analyzing API compatibility on this {event_type}...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has reviewed all changes. Compatibility verdict delivered! ๐\",\"runFailure\":\"๐ฌ Analysis interrupted! [{workflow_name}]({run_url}) {status}. Compatibility status unknown...\"}"
GH_AW_TRACKER_ID: "breaking-change-checker"
GH_AW_WORKFLOW_ID: "breaking-change-checker"
GH_AW_WORKFLOW_NAME: "Breaking Change Checker"
diff --git a/.github/workflows/breaking-change-checker.md b/.github/workflows/breaking-change-checker.md
index 660e1bfe0c4..fbaaf114322 100644
--- a/.github/workflows/breaking-change-checker.md
+++ b/.github/workflows/breaking-change-checker.md
@@ -27,7 +27,7 @@ safe-outputs:
assignees: copilot
max: 1
messages:
- footer: "> โ ๏ธ *Compatibility report by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> โ ๏ธ *Compatibility report by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
footer-workflow-recompile: "> ๐ ๏ธ *Workflow maintenance by [{workflow_name}]({run_url}) for {repository}*"
run-started: "๐ฌ Breaking Change Checker online! [{workflow_name}]({run_url}) is analyzing API compatibility on this {event_type}..."
run-success: "โ
Analysis complete! [{workflow_name}]({run_url}) has reviewed all changes. Compatibility verdict delivered! ๐"
diff --git a/.github/workflows/changeset.lock.yml b/.github/workflows/changeset.lock.yml
index f8563040825..ce485300992 100644
--- a/.github/workflows/changeset.lock.yml
+++ b/.github/workflows/changeset.lock.yml
@@ -319,6 +319,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: changeset
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -782,6 +783,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -992,6 +994,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/changeset"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: "gpt-5.1-codex-mini"
GH_AW_WORKFLOW_ID: "changeset"
diff --git a/.github/workflows/ci-coach.lock.yml b/.github/workflows/ci-coach.lock.yml
index f4ffdd0af0c..4ad705b5f25 100644
--- a/.github/workflows/ci-coach.lock.yml
+++ b/.github/workflows/ci-coach.lock.yml
@@ -282,6 +282,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: cicoach
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -761,6 +762,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1106,6 +1108,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/ci-coach"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "ci-coach-daily"
diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml
index 685115c221e..c41e7722e51 100644
--- a/.github/workflows/ci-doctor.lock.yml
+++ b/.github/workflows/ci-doctor.lock.yml
@@ -24,7 +24,7 @@
#
# Source: githubnext/agentics/workflows/ci-doctor.md@ea350161ad5dcc9624cf510f134c6a9e39a6f94d
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"c04ef6b8efbe17ec36dbc44234bb63a6414d6d81cee238faf15a2121a7c91d60","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"5404f8388d84220339b85fb4faafea682153a585d96ed5dd434c4205ce0290ca","strict":true,"agent_id":"codex"}
name: "CI Failure Doctor"
"on":
@@ -152,7 +152,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "CI Failure Doctor"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉบ *Diagnosis provided by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฅ CI Doctor reporting for duty! [{workflow_name}]({run_url}) is examining the patient on this {event_type}...\",\"runSuccess\":\"๐ฉบ Examination complete! [{workflow_name}]({run_url}) has delivered the diagnosis. Prescription issued! ๐\",\"runFailure\":\"๐ฅ Medical emergency! [{workflow_name}]({run_url}) {status}. Doctor needs assistance...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉบ *Diagnosis provided by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฅ CI Doctor reporting for duty! [{workflow_name}]({run_url}) is examining the patient on this {event_type}...\",\"runSuccess\":\"๐ฉบ Examination complete! [{workflow_name}]({run_url}) has delivered the diagnosis. Prescription issued! ๐\",\"runFailure\":\"๐ฅ Medical emergency! [{workflow_name}]({run_url}) {status}. Doctor needs assistance...\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -194,15 +194,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_dfc5b6c507538446_EOF'
+ cat << 'GH_AW_PROMPT_75352ddc0790880c_EOF'
- GH_AW_PROMPT_dfc5b6c507538446_EOF
+ GH_AW_PROMPT_75352ddc0790880c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_dfc5b6c507538446_EOF'
+ cat << 'GH_AW_PROMPT_75352ddc0790880c_EOF'
Tools: add_comment, create_issue, update_issue, missing_tool, missing_data, noop
@@ -234,12 +234,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_dfc5b6c507538446_EOF
+ GH_AW_PROMPT_75352ddc0790880c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_dfc5b6c507538446_EOF'
+ cat << 'GH_AW_PROMPT_75352ddc0790880c_EOF'
{{#runtime-import .github/workflows/ci-doctor.md}}
- GH_AW_PROMPT_dfc5b6c507538446_EOF
+ GH_AW_PROMPT_75352ddc0790880c_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -357,6 +357,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: cidoctor
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -472,12 +473,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_b0985d1a17fa7436_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_65a1f0bd46060b99_EOF'
{"add_comment":{"hide_older_comments":true,"max":1},"create_issue":{"close_older_issues":true,"expires":24,"labels":["cookie"],"max":1,"title_prefix":"[CI Failure Doctor] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"update_issue":{"allow_body":true,"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_b0985d1a17fa7436_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_65a1f0bd46060b99_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_b731b6a9074393bd_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_72097a93a4b630f5_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added.",
@@ -487,8 +488,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_b731b6a9074393bd_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_dff5bb3dda899ed1_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_72097a93a4b630f5_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_b8c600812ca6a49f_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -653,7 +654,7 @@ jobs:
"customValidation": "requiresOneOf:status,title,body"
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_dff5bb3dda899ed1_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_b8c600812ca6a49f_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -722,7 +723,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_a557e126439eddee_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_a6198c3e524b5cdb_EOF
[history]
persistence = "none"
@@ -749,10 +750,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_a557e126439eddee_EOF
+ GH_AW_MCP_CONFIG_a6198c3e524b5cdb_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_a557e126439eddee_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_a6198c3e524b5cdb_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -792,7 +793,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_a557e126439eddee_EOF
+ GH_AW_MCP_CONFIG_a6198c3e524b5cdb_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -901,6 +902,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1071,7 +1073,7 @@ jobs:
GH_AW_SECRET_VERIFICATION_RESULT: ${{ needs.activation.outputs.secret_verification_result }}
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉบ *Diagnosis provided by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฅ CI Doctor reporting for duty! [{workflow_name}]({run_url}) is examining the patient on this {event_type}...\",\"runSuccess\":\"๐ฉบ Examination complete! [{workflow_name}]({run_url}) has delivered the diagnosis. Prescription issued! ๐\",\"runFailure\":\"๐ฅ Medical emergency! [{workflow_name}]({run_url}) {status}. Doctor needs assistance...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉบ *Diagnosis provided by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฅ CI Doctor reporting for duty! [{workflow_name}]({run_url}) is examining the patient on this {event_type}...\",\"runSuccess\":\"๐ฉบ Examination complete! [{workflow_name}]({run_url}) has delivered the diagnosis. Prescription issued! ๐\",\"runFailure\":\"๐ฅ Medical emergency! [{workflow_name}]({run_url}) {status}. Doctor needs assistance...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "20"
@@ -1093,7 +1095,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "CI Failure Doctor"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉบ *Diagnosis provided by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฅ CI Doctor reporting for duty! [{workflow_name}]({run_url}) is examining the patient on this {event_type}...\",\"runSuccess\":\"๐ฉบ Examination complete! [{workflow_name}]({run_url}) has delivered the diagnosis. Prescription issued! ๐\",\"runFailure\":\"๐ฅ Medical emergency! [{workflow_name}]({run_url}) {status}. Doctor needs assistance...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉบ *Diagnosis provided by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฅ CI Doctor reporting for duty! [{workflow_name}]({run_url}) is examining the patient on this {event_type}...\",\"runSuccess\":\"๐ฉบ Examination complete! [{workflow_name}]({run_url}) has delivered the diagnosis. Prescription issued! ๐\",\"runFailure\":\"๐ฅ Medical emergency! [{workflow_name}]({run_url}) {status}. Doctor needs assistance...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1299,9 +1301,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/ci-doctor"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉบ *Diagnosis provided by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฅ CI Doctor reporting for duty! [{workflow_name}]({run_url}) is examining the patient on this {event_type}...\",\"runSuccess\":\"๐ฉบ Examination complete! [{workflow_name}]({run_url}) has delivered the diagnosis. Prescription issued! ๐\",\"runFailure\":\"๐ฅ Medical emergency! [{workflow_name}]({run_url}) {status}. Doctor needs assistance...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉบ *Diagnosis provided by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฅ CI Doctor reporting for duty! [{workflow_name}]({run_url}) is examining the patient on this {event_type}...\",\"runSuccess\":\"๐ฉบ Examination complete! [{workflow_name}]({run_url}) has delivered the diagnosis. Prescription issued! ๐\",\"runFailure\":\"๐ฅ Medical emergency! [{workflow_name}]({run_url}) {status}. Doctor needs assistance...\"}"
GH_AW_WORKFLOW_ID: "ci-doctor"
GH_AW_WORKFLOW_NAME: "CI Failure Doctor"
GH_AW_WORKFLOW_SOURCE: "githubnext/agentics/workflows/ci-doctor.md@ea350161ad5dcc9624cf510f134c6a9e39a6f94d"
diff --git a/.github/workflows/ci-doctor.md b/.github/workflows/ci-doctor.md
index e94ef9b929f..ee03d89fed6 100644
--- a/.github/workflows/ci-doctor.md
+++ b/.github/workflows/ci-doctor.md
@@ -28,7 +28,7 @@ safe-outputs:
update-issue:
noop:
messages:
- footer: "> ๐ฉบ *Diagnosis provided by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ฉบ *Diagnosis provided by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ฅ CI Doctor reporting for duty! [{workflow_name}]({run_url}) is examining the patient on this {event_type}..."
run-success: "๐ฉบ Examination complete! [{workflow_name}]({run_url}) has delivered the diagnosis. Prescription issued! ๐"
run-failure: "๐ฅ Medical emergency! [{workflow_name}]({run_url}) {status}. Doctor needs assistance..."
diff --git a/.github/workflows/claude-code-user-docs-review.lock.yml b/.github/workflows/claude-code-user-docs-review.lock.yml
index d313592e3b9..65442559478 100644
--- a/.github/workflows/claude-code-user-docs-review.lock.yml
+++ b/.github/workflows/claude-code-user-docs-review.lock.yml
@@ -278,6 +278,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: claudecodeuserdocsreview
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -772,6 +773,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -950,6 +952,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/claude-code-user-docs-review"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "claude-code-user-docs-review"
diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml
index 1131674e808..8ab38f7187e 100644
--- a/.github/workflows/cli-consistency-checker.lock.yml
+++ b/.github/workflows/cli-consistency-checker.lock.yml
@@ -258,6 +258,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: cliconsistencychecker
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -680,6 +681,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1005,6 +1007,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/cli-consistency-checker"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "cli-consistency-checker"
diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml
index 0384b5f81b8..433f423bff5 100644
--- a/.github/workflows/cli-version-checker.lock.yml
+++ b/.github/workflows/cli-version-checker.lock.yml
@@ -276,6 +276,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: cliversionchecker
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -781,6 +782,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1131,6 +1133,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/cli-version-checker"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "cli-version-checker"
diff --git a/.github/workflows/cloclo.lock.yml b/.github/workflows/cloclo.lock.yml
index 59114a3c0b4..2564194151c 100644
--- a/.github/workflows/cloclo.lock.yml
+++ b/.github/workflows/cloclo.lock.yml
@@ -27,7 +27,7 @@
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"a3cb501aeb4d18b51f0d60dd1aa981b00209979945246d3a177ad46f78dd8f90","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"d5d748e083e16fd9f74dbf57ee5acc541750f35020c710b49599ced64d34ae87","strict":true,"agent_id":"claude"}
name: "/cloclo"
"on":
@@ -181,7 +181,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "/cloclo"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Magnifique! Performance by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ต Comme d'habitude! [{workflow_name}]({run_url}) takes the stage on this {event_type}...\",\"runSuccess\":\"๐ค Bravo! [{workflow_name}]({run_url}) has delivered a stunning performance! Standing ovation! ๐\",\"runFailure\":\"๐ต Intermission... [{workflow_name}]({run_url}) {status}. The show must go on... eventually!\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Magnifique! Performance by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ต Comme d'habitude! [{workflow_name}]({run_url}) takes the stage on this {event_type}...\",\"runSuccess\":\"๐ค Bravo! [{workflow_name}]({run_url}) has delivered a stunning performance! Standing ovation! ๐\",\"runFailure\":\"๐ต Intermission... [{workflow_name}]({run_url}) {status}. The show must go on... eventually!\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -221,9 +221,9 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_babc3430dd91037f_EOF'
+ cat << 'GH_AW_PROMPT_910c108d300753ae_EOF'
- GH_AW_PROMPT_babc3430dd91037f_EOF
+ GH_AW_PROMPT_910c108d300753ae_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -231,12 +231,12 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_babc3430dd91037f_EOF'
+ cat << 'GH_AW_PROMPT_910c108d300753ae_EOF'
Tools: add_comment, create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_babc3430dd91037f_EOF
+ GH_AW_PROMPT_910c108d300753ae_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_babc3430dd91037f_EOF'
+ cat << 'GH_AW_PROMPT_910c108d300753ae_EOF'
The following GitHub context information is available for this workflow:
@@ -266,12 +266,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_babc3430dd91037f_EOF
+ GH_AW_PROMPT_910c108d300753ae_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_babc3430dd91037f_EOF'
+ cat << 'GH_AW_PROMPT_910c108d300753ae_EOF'
## Serena Code Analysis
@@ -307,7 +307,7 @@ jobs:
{{#runtime-import .github/workflows/shared/jqschema.md}}
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
{{#runtime-import .github/workflows/cloclo.md}}
- GH_AW_PROMPT_babc3430dd91037f_EOF
+ GH_AW_PROMPT_910c108d300753ae_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -423,6 +423,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: cloclo
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -579,12 +580,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_f788252fdefd4865_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_4f1be287ae4acab7_EOF'
{"add_comment":{"max":1},"create_pull_request":{"excluded_files":[".github/workflows/*.lock.yml"],"expires":48,"labels":["automation","cloclo"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_files_policy":"fallback-to-issue","protected_path_prefixes":[".github/",".agents/"],"title_prefix":"[cloclo] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_f788252fdefd4865_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_4f1be287ae4acab7_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_5b7ee4d3d01e24f0_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_3adf9421ee0c3e19_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added.",
@@ -593,8 +594,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_5b7ee4d3d01e24f0_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_e5a7c3f9d3d347df_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_3adf9421ee0c3e19_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_d21e1d9a589c9f4e_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -708,7 +709,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_e5a7c3f9d3d347df_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_d21e1d9a589c9f4e_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -779,7 +780,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat << GH_AW_MCP_CONFIG_3365b5ad87f7bb78_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_16ec4d0414e29855_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -887,7 +888,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_3365b5ad87f7bb78_EOF
+ GH_AW_MCP_CONFIG_16ec4d0414e29855_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -1118,6 +1119,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1282,7 +1284,7 @@ jobs:
GH_AW_CODE_PUSH_FAILURE_ERRORS: ${{ needs.safe_outputs.outputs.code_push_failure_errors }}
GH_AW_CODE_PUSH_FAILURE_COUNT: ${{ needs.safe_outputs.outputs.code_push_failure_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Magnifique! Performance by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ต Comme d'habitude! [{workflow_name}]({run_url}) takes the stage on this {event_type}...\",\"runSuccess\":\"๐ค Bravo! [{workflow_name}]({run_url}) has delivered a stunning performance! Standing ovation! ๐\",\"runFailure\":\"๐ต Intermission... [{workflow_name}]({run_url}) {status}. The show must go on... eventually!\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Magnifique! Performance by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ต Comme d'habitude! [{workflow_name}]({run_url}) takes the stage on this {event_type}...\",\"runSuccess\":\"๐ค Bravo! [{workflow_name}]({run_url}) has delivered a stunning performance! Standing ovation! ๐\",\"runFailure\":\"๐ต Intermission... [{workflow_name}]({run_url}) {status}. The show must go on... eventually!\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "20"
@@ -1304,7 +1306,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "/cloclo"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Magnifique! Performance by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ต Comme d'habitude! [{workflow_name}]({run_url}) takes the stage on this {event_type}...\",\"runSuccess\":\"๐ค Bravo! [{workflow_name}]({run_url}) has delivered a stunning performance! Standing ovation! ๐\",\"runFailure\":\"๐ต Intermission... [{workflow_name}]({run_url}) {status}. The show must go on... eventually!\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Magnifique! Performance by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ต Comme d'habitude! [{workflow_name}]({run_url}) takes the stage on this {event_type}...\",\"runSuccess\":\"๐ค Bravo! [{workflow_name}]({run_url}) has delivered a stunning performance! Standing ovation! ๐\",\"runFailure\":\"๐ต Intermission... [{workflow_name}]({run_url}) {status}. The show must go on... eventually!\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1539,9 +1541,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/cloclo"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Magnifique! Performance by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ต Comme d'habitude! [{workflow_name}]({run_url}) takes the stage on this {event_type}...\",\"runSuccess\":\"๐ค Bravo! [{workflow_name}]({run_url}) has delivered a stunning performance! Standing ovation! ๐\",\"runFailure\":\"๐ต Intermission... [{workflow_name}]({run_url}) {status}. The show must go on... eventually!\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Magnifique! Performance by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ต Comme d'habitude! [{workflow_name}]({run_url}) takes the stage on this {event_type}...\",\"runSuccess\":\"๐ค Bravo! [{workflow_name}]({run_url}) has delivered a stunning performance! Standing ovation! ๐\",\"runFailure\":\"๐ต Intermission... [{workflow_name}]({run_url}) {status}. The show must go on... eventually!\"}"
GH_AW_WORKFLOW_ID: "cloclo"
GH_AW_WORKFLOW_NAME: "/cloclo"
outputs:
diff --git a/.github/workflows/cloclo.md b/.github/workflows/cloclo.md
index 77103bd6abe..b00dbf55b4d 100644
--- a/.github/workflows/cloclo.md
+++ b/.github/workflows/cloclo.md
@@ -37,7 +37,7 @@ safe-outputs:
add-comment:
max: 1
messages:
- footer: "> ๐ค *Magnifique! Performance by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ค *Magnifique! Performance by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ต Comme d'habitude! [{workflow_name}]({run_url}) takes the stage on this {event_type}..."
run-success: "๐ค Bravo! [{workflow_name}]({run_url}) has delivered a stunning performance! Standing ovation! ๐"
run-failure: "๐ต Intermission... [{workflow_name}]({run_url}) {status}. The show must go on... eventually!"
diff --git a/.github/workflows/code-scanning-fixer.lock.yml b/.github/workflows/code-scanning-fixer.lock.yml
index 30ffc2acc2e..8cae2ff4e68 100644
--- a/.github/workflows/code-scanning-fixer.lock.yml
+++ b/.github/workflows/code-scanning-fixer.lock.yml
@@ -275,6 +275,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: codescanningfixer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -745,6 +746,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1229,6 +1231,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/code-scanning-fixer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "code-scanning-fixer"
diff --git a/.github/workflows/code-simplifier.lock.yml b/.github/workflows/code-simplifier.lock.yml
index b6d7915d15e..03e491c149c 100644
--- a/.github/workflows/code-simplifier.lock.yml
+++ b/.github/workflows/code-simplifier.lock.yml
@@ -277,6 +277,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: codesimplifier
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -702,6 +703,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1079,6 +1081,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/code-simplifier"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "code-simplifier"
diff --git a/.github/workflows/codex-github-remote-mcp-test.lock.yml b/.github/workflows/codex-github-remote-mcp-test.lock.yml
index 7c216fc3e45..afb2c9dd7f1 100644
--- a/.github/workflows/codex-github-remote-mcp-test.lock.yml
+++ b/.github/workflows/codex-github-remote-mcp-test.lock.yml
@@ -246,6 +246,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: codexgithubremotemcptest
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
model: ${{ needs.activation.outputs.model }}
steps:
- name: Checkout actions folder
@@ -469,6 +470,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
diff --git a/.github/workflows/commit-changes-analyzer.lock.yml b/.github/workflows/commit-changes-analyzer.lock.yml
index da7a498ab72..754e37a6f8c 100644
--- a/.github/workflows/commit-changes-analyzer.lock.yml
+++ b/.github/workflows/commit-changes-analyzer.lock.yml
@@ -270,6 +270,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: commitchangesanalyzer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -746,6 +747,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1088,6 +1090,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/commit-changes-analyzer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "commit-changes-analyzer"
diff --git a/.github/workflows/constraint-solving-potd.lock.yml b/.github/workflows/constraint-solving-potd.lock.yml
index e68cd91c96f..113429ed77f 100644
--- a/.github/workflows/constraint-solving-potd.lock.yml
+++ b/.github/workflows/constraint-solving-potd.lock.yml
@@ -264,6 +264,7 @@ jobs:
GH_AW_MCP_LOG_DIR: /tmp/gh-aw/mcp-logs/safeoutputs
GH_AW_WORKFLOW_ID_SANITIZED: constraintsolvingpotd
outputs:
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -681,6 +682,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1020,6 +1022,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/constraint-solving-potd"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "constraint-solving-potd"
diff --git a/.github/workflows/contribution-check.lock.yml b/.github/workflows/contribution-check.lock.yml
index 25f52254e18..c053ed3c181 100644
--- a/.github/workflows/contribution-check.lock.yml
+++ b/.github/workflows/contribution-check.lock.yml
@@ -267,6 +267,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: contributioncheck
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -726,6 +727,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1056,6 +1058,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/contribution-check"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "contribution-check"
diff --git a/.github/workflows/copilot-agent-analysis.lock.yml b/.github/workflows/copilot-agent-analysis.lock.yml
index db9f8393162..9637d0cebc1 100644
--- a/.github/workflows/copilot-agent-analysis.lock.yml
+++ b/.github/workflows/copilot-agent-analysis.lock.yml
@@ -296,6 +296,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: copilotagentanalysis
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -811,6 +812,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1081,6 +1083,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/copilot-agent-analysis"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "copilot-agent-analysis"
diff --git a/.github/workflows/copilot-cli-deep-research.lock.yml b/.github/workflows/copilot-cli-deep-research.lock.yml
index 2530e476678..ae19ee6ad16 100644
--- a/.github/workflows/copilot-cli-deep-research.lock.yml
+++ b/.github/workflows/copilot-cli-deep-research.lock.yml
@@ -279,6 +279,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: copilotclideepresearch
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -726,6 +727,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1152,6 +1154,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/copilot-cli-deep-research"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "copilot-cli-deep-research"
diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml
index a2d6f79a58c..fca8be88b23 100644
--- a/.github/workflows/copilot-pr-merged-report.lock.yml
+++ b/.github/workflows/copilot-pr-merged-report.lock.yml
@@ -279,6 +279,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: copilotprmergedreport
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -850,6 +851,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1028,6 +1030,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/copilot-pr-merged-report"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "copilot-pr-merged-report"
diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml
index 49299e20b97..ca30a729139 100644
--- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml
+++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml
@@ -298,6 +298,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: copilotprnlpanalysis
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -798,6 +799,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1080,6 +1082,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/copilot-pr-nlp-analysis"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "copilot-pr-nlp-analysis"
diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml
index 10ec470d81a..0811de6b108 100644
--- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml
+++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml
@@ -292,6 +292,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: copilotprpromptanalysis
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -743,6 +744,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1015,6 +1017,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/copilot-pr-prompt-analysis"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "copilot-pr-prompt-analysis"
diff --git a/.github/workflows/copilot-session-insights.lock.yml b/.github/workflows/copilot-session-insights.lock.yml
index d1ac18c168a..ea50d435fbf 100644
--- a/.github/workflows/copilot-session-insights.lock.yml
+++ b/.github/workflows/copilot-session-insights.lock.yml
@@ -307,6 +307,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: copilotsessioninsights
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -864,6 +865,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1144,6 +1146,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/copilot-session-insights"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "copilot-session-insights"
diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml
index 0e21b9bbe7b..c8ef89ac8ea 100644
--- a/.github/workflows/craft.lock.yml
+++ b/.github/workflows/craft.lock.yml
@@ -22,7 +22,7 @@
#
# Generates new agentic workflow markdown files based on user requests when invoked with /craft command
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"ec234868e45fe0e4849c2b73f9ef1181d4d0e9072b1f6beaef8b2d7d403860f4","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"5a2cd3baa75635b0241c0e8214512a7b4e64e27c1b16d1d2829f3bfae850df92","strict":true,"agent_id":"copilot"}
name: "Workflow Craft Agent"
"on":
@@ -144,7 +144,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Workflow Craft Agent"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โ๏ธ *Crafted with care by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ ๏ธ Master Crafter at work! [{workflow_name}]({run_url}) is forging a new workflow on this {event_type}...\",\"runSuccess\":\"โ๏ธ Masterpiece complete! [{workflow_name}]({run_url}) has crafted your workflow. May it serve you well! ๐๏ธ\",\"runFailure\":\"๐ ๏ธ Forge cooling down! [{workflow_name}]({run_url}) {status}. The anvil awaits another attempt...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โ๏ธ *Crafted with care by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ ๏ธ Master Crafter at work! [{workflow_name}]({run_url}) is forging a new workflow on this {event_type}...\",\"runSuccess\":\"โ๏ธ Masterpiece complete! [{workflow_name}]({run_url}) has crafted your workflow. May it serve you well! ๐๏ธ\",\"runFailure\":\"๐ ๏ธ Forge cooling down! [{workflow_name}]({run_url}) {status}. The anvil awaits another attempt...\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -169,19 +169,19 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_4438e0d43626c214_EOF'
+ cat << 'GH_AW_PROMPT_c7b97f63987d3f1e_EOF'
- GH_AW_PROMPT_4438e0d43626c214_EOF
+ GH_AW_PROMPT_c7b97f63987d3f1e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_4438e0d43626c214_EOF'
+ cat << 'GH_AW_PROMPT_c7b97f63987d3f1e_EOF'
Tools: add_comment, push_to_pull_request_branch, missing_tool, missing_data, noop
- GH_AW_PROMPT_4438e0d43626c214_EOF
+ GH_AW_PROMPT_c7b97f63987d3f1e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_push_to_pr_branch.md"
- cat << 'GH_AW_PROMPT_4438e0d43626c214_EOF'
+ cat << 'GH_AW_PROMPT_c7b97f63987d3f1e_EOF'
The following GitHub context information is available for this workflow:
@@ -211,7 +211,7 @@ jobs:
{{/if}}
- GH_AW_PROMPT_4438e0d43626c214_EOF
+ GH_AW_PROMPT_c7b97f63987d3f1e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
@@ -219,10 +219,10 @@ jobs:
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_push_to_pr_branch_guidance.md"
fi
- cat << 'GH_AW_PROMPT_4438e0d43626c214_EOF'
+ cat << 'GH_AW_PROMPT_c7b97f63987d3f1e_EOF'
{{#runtime-import .github/workflows/craft.md}}
- GH_AW_PROMPT_4438e0d43626c214_EOF
+ GH_AW_PROMPT_c7b97f63987d3f1e_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -315,6 +315,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: craft
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -400,12 +401,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_69cf5bd07c080493_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_aaab62c1bf1d43ee_EOF'
{"add_comment":{"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_to_pull_request_branch":{"if_no_changes":"warn","max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"]}}
- GH_AW_SAFE_OUTPUTS_CONFIG_69cf5bd07c080493_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_aaab62c1bf1d43ee_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_abdcc3278b432e66_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_4124ec5720994c2b_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added."
@@ -413,8 +414,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_abdcc3278b432e66_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_c83ed2f6dd4e72ce_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_4124ec5720994c2b_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_3fd0b276cc4494f0_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -512,7 +513,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_c83ed2f6dd4e72ce_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_3fd0b276cc4494f0_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -582,7 +583,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_ff9775f9d85bfc10_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_1b2dccce30014d92_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -623,7 +624,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_ff9775f9d85bfc10_EOF
+ GH_AW_MCP_CONFIG_1b2dccce30014d92_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -748,6 +749,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -902,7 +904,7 @@ jobs:
GH_AW_CODE_PUSH_FAILURE_ERRORS: ${{ needs.safe_outputs.outputs.code_push_failure_errors }}
GH_AW_CODE_PUSH_FAILURE_COUNT: ${{ needs.safe_outputs.outputs.code_push_failure_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โ๏ธ *Crafted with care by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ ๏ธ Master Crafter at work! [{workflow_name}]({run_url}) is forging a new workflow on this {event_type}...\",\"runSuccess\":\"โ๏ธ Masterpiece complete! [{workflow_name}]({run_url}) has crafted your workflow. May it serve you well! ๐๏ธ\",\"runFailure\":\"๐ ๏ธ Forge cooling down! [{workflow_name}]({run_url}) {status}. The anvil awaits another attempt...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โ๏ธ *Crafted with care by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ ๏ธ Master Crafter at work! [{workflow_name}]({run_url}) is forging a new workflow on this {event_type}...\",\"runSuccess\":\"โ๏ธ Masterpiece complete! [{workflow_name}]({run_url}) has crafted your workflow. May it serve you well! ๐๏ธ\",\"runFailure\":\"๐ ๏ธ Forge cooling down! [{workflow_name}]({run_url}) {status}. The anvil awaits another attempt...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "15"
@@ -924,7 +926,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Workflow Craft Agent"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โ๏ธ *Crafted with care by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ ๏ธ Master Crafter at work! [{workflow_name}]({run_url}) is forging a new workflow on this {event_type}...\",\"runSuccess\":\"โ๏ธ Masterpiece complete! [{workflow_name}]({run_url}) has crafted your workflow. May it serve you well! ๐๏ธ\",\"runFailure\":\"๐ ๏ธ Forge cooling down! [{workflow_name}]({run_url}) {status}. The anvil awaits another attempt...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โ๏ธ *Crafted with care by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ ๏ธ Master Crafter at work! [{workflow_name}]({run_url}) is forging a new workflow on this {event_type}...\",\"runSuccess\":\"โ๏ธ Masterpiece complete! [{workflow_name}]({run_url}) has crafted your workflow. May it serve you well! ๐๏ธ\",\"runFailure\":\"๐ ๏ธ Forge cooling down! [{workflow_name}]({run_url}) {status}. The anvil awaits another attempt...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1144,9 +1146,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/craft"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โ๏ธ *Crafted with care by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ ๏ธ Master Crafter at work! [{workflow_name}]({run_url}) is forging a new workflow on this {event_type}...\",\"runSuccess\":\"โ๏ธ Masterpiece complete! [{workflow_name}]({run_url}) has crafted your workflow. May it serve you well! ๐๏ธ\",\"runFailure\":\"๐ ๏ธ Forge cooling down! [{workflow_name}]({run_url}) {status}. The anvil awaits another attempt...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โ๏ธ *Crafted with care by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ ๏ธ Master Crafter at work! [{workflow_name}]({run_url}) is forging a new workflow on this {event_type}...\",\"runSuccess\":\"โ๏ธ Masterpiece complete! [{workflow_name}]({run_url}) has crafted your workflow. May it serve you well! ๐๏ธ\",\"runFailure\":\"๐ ๏ธ Forge cooling down! [{workflow_name}]({run_url}) {status}. The anvil awaits another attempt...\"}"
GH_AW_WORKFLOW_ID: "craft"
GH_AW_WORKFLOW_NAME: "Workflow Craft Agent"
outputs:
diff --git a/.github/workflows/craft.md b/.github/workflows/craft.md
index e9781486b2d..653139d9d2c 100644
--- a/.github/workflows/craft.md
+++ b/.github/workflows/craft.md
@@ -26,7 +26,7 @@ safe-outputs:
max: 1
push-to-pull-request-branch:
messages:
- footer: "> โ๏ธ *Crafted with care by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> โ๏ธ *Crafted with care by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ ๏ธ Master Crafter at work! [{workflow_name}]({run_url}) is forging a new workflow on this {event_type}..."
run-success: "โ๏ธ Masterpiece complete! [{workflow_name}]({run_url}) has crafted your workflow. May it serve you well! ๐๏ธ"
run-failure: "๐ ๏ธ Forge cooling down! [{workflow_name}]({run_url}) {status}. The anvil awaits another attempt..."
diff --git a/.github/workflows/daily-architecture-diagram.lock.yml b/.github/workflows/daily-architecture-diagram.lock.yml
index a042155a2cd..3ecc82e342e 100644
--- a/.github/workflows/daily-architecture-diagram.lock.yml
+++ b/.github/workflows/daily-architecture-diagram.lock.yml
@@ -270,6 +270,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyarchitecturediagram
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -744,6 +745,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1086,6 +1088,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-architecture-diagram"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "daily-architecture-diagram"
diff --git a/.github/workflows/daily-assign-issue-to-user.lock.yml b/.github/workflows/daily-assign-issue-to-user.lock.yml
index 7ec4915aa52..1f613aed997 100644
--- a/.github/workflows/daily-assign-issue-to-user.lock.yml
+++ b/.github/workflows/daily-assign-issue-to-user.lock.yml
@@ -254,6 +254,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyassignissuetouser
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -683,6 +684,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1012,6 +1014,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-assign-issue-to-user"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "daily-assign-issue-to-user"
diff --git a/.github/workflows/daily-choice-test.lock.yml b/.github/workflows/daily-choice-test.lock.yml
index 4e35c2c845f..5eb7654011b 100644
--- a/.github/workflows/daily-choice-test.lock.yml
+++ b/.github/workflows/daily-choice-test.lock.yml
@@ -260,6 +260,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailychoicetest
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -740,6 +741,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1078,6 +1080,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-choice-test"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_SAFE_OUTPUTS_STAGED: "true"
diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml
index 02b27921b34..86af7bc99cb 100644
--- a/.github/workflows/daily-cli-performance.lock.yml
+++ b/.github/workflows/daily-cli-performance.lock.yml
@@ -311,6 +311,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailycliperformance
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -912,6 +913,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1396,6 +1398,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-cli-performance"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-cli-performance"
diff --git a/.github/workflows/daily-cli-tools-tester.lock.yml b/.github/workflows/daily-cli-tools-tester.lock.yml
index 42621a096cb..5f8aa5241bf 100644
--- a/.github/workflows/daily-cli-tools-tester.lock.yml
+++ b/.github/workflows/daily-cli-tools-tester.lock.yml
@@ -269,6 +269,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyclitoolstester
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -765,6 +766,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1089,6 +1091,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-cli-tools-tester"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "daily-cli-tools-tester"
diff --git a/.github/workflows/daily-code-metrics.lock.yml b/.github/workflows/daily-code-metrics.lock.yml
index bd5c76487dd..0b2f31f7f78 100644
--- a/.github/workflows/daily-code-metrics.lock.yml
+++ b/.github/workflows/daily-code-metrics.lock.yml
@@ -293,6 +293,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailycodemetrics
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -840,6 +841,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1123,6 +1125,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-code-metrics"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-code-metrics"
diff --git a/.github/workflows/daily-community-attribution.lock.yml b/.github/workflows/daily-community-attribution.lock.yml
index 25b5b04dfe0..96c48ccf660 100644
--- a/.github/workflows/daily-community-attribution.lock.yml
+++ b/.github/workflows/daily-community-attribution.lock.yml
@@ -281,6 +281,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailycommunityattribution
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -758,6 +759,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1184,6 +1186,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-community-attribution"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "daily-community-attribution"
diff --git a/.github/workflows/daily-compiler-quality.lock.yml b/.github/workflows/daily-compiler-quality.lock.yml
index c90e9ad7687..9111e74470c 100644
--- a/.github/workflows/daily-compiler-quality.lock.yml
+++ b/.github/workflows/daily-compiler-quality.lock.yml
@@ -306,6 +306,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailycompilerquality
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -794,6 +795,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -974,6 +976,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-compiler-quality"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-compiler-quality"
diff --git a/.github/workflows/daily-copilot-token-report.lock.yml b/.github/workflows/daily-copilot-token-report.lock.yml
index 7cd3e73268a..5dc195458af 100644
--- a/.github/workflows/daily-copilot-token-report.lock.yml
+++ b/.github/workflows/daily-copilot-token-report.lock.yml
@@ -290,6 +290,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailycopilottokenreport
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -807,6 +808,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1092,6 +1094,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-copilot-token-report"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-copilot-token-report"
diff --git a/.github/workflows/daily-doc-healer.lock.yml b/.github/workflows/daily-doc-healer.lock.yml
index 502ecc82b69..28e367c725c 100644
--- a/.github/workflows/daily-doc-healer.lock.yml
+++ b/.github/workflows/daily-doc-healer.lock.yml
@@ -296,6 +296,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailydochealer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -915,6 +916,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1345,6 +1347,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-doc-healer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-doc-healer"
diff --git a/.github/workflows/daily-doc-updater.lock.yml b/.github/workflows/daily-doc-updater.lock.yml
index b0b6ae45b35..052487096f0 100644
--- a/.github/workflows/daily-doc-updater.lock.yml
+++ b/.github/workflows/daily-doc-updater.lock.yml
@@ -296,6 +296,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailydocupdater
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -881,6 +882,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1323,6 +1325,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-doc-updater"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-doc-updater"
diff --git a/.github/workflows/daily-fact.lock.yml b/.github/workflows/daily-fact.lock.yml
index ae8efe8ed72..d1711995937 100644
--- a/.github/workflows/daily-fact.lock.yml
+++ b/.github/workflows/daily-fact.lock.yml
@@ -24,7 +24,7 @@
#
# inlined-imports: true
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"3d4e62475092c82ef350ccf894064b12180a0e173ee1fa7bacb97edb5f269477","strict":true,"agent_id":"codex","agent_model":"gpt-5.1-codex-mini"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"eb1afa4add8c28ef313873bc8c4010a7395304111af645b068c086a7066ac7aa","strict":true,"agent_id":"codex","agent_model":"gpt-5.1-codex-mini"}
name: "Daily Fact About gh-aw"
"on":
@@ -119,14 +119,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_55f25a97914f1782_EOF'
+ cat << 'GH_AW_PROMPT_48245c73ebb7f455_EOF'
- GH_AW_PROMPT_55f25a97914f1782_EOF
+ GH_AW_PROMPT_48245c73ebb7f455_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_55f25a97914f1782_EOF'
+ cat << 'GH_AW_PROMPT_48245c73ebb7f455_EOF'
Tools: add_comment, missing_tool, missing_data, noop
@@ -158,9 +158,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_55f25a97914f1782_EOF
+ GH_AW_PROMPT_48245c73ebb7f455_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_55f25a97914f1782_EOF'
+ cat << 'GH_AW_PROMPT_48245c73ebb7f455_EOF'
{{#runtime-import? .github/shared-instructions.md}}
@@ -230,7 +230,7 @@ jobs:
{"noop": {"message": "No action needed: [brief explanation of what was analyzed and why]"}}
```
- GH_AW_PROMPT_55f25a97914f1782_EOF
+ GH_AW_PROMPT_48245c73ebb7f455_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -316,6 +316,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyfact
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -393,12 +394,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_27cd738004eb43e5_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_5e7e0ce06de20e4c_EOF'
{"add_comment":{"max":1,"target":"4750"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_27cd738004eb43e5_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_5e7e0ce06de20e4c_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_31de723b69fbcae9_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_70d3fd4886036b55_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added. Target: 4750."
@@ -406,8 +407,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_31de723b69fbcae9_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_c13d0dae0d918511_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_70d3fd4886036b55_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4a6355ae67ac848c_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -485,7 +486,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_c13d0dae0d918511_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_4a6355ae67ac848c_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -554,7 +555,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_aeaacca747c57878_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_9fc133c9364a16fc_EOF
[history]
persistence = "none"
@@ -581,10 +582,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_aeaacca747c57878_EOF
+ GH_AW_MCP_CONFIG_9fc133c9364a16fc_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_aeaacca747c57878_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_9fc133c9364a16fc_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -624,7 +625,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_aeaacca747c57878_EOF
+ GH_AW_MCP_CONFIG_9fc133c9364a16fc_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -733,6 +734,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -881,7 +883,7 @@ jobs:
GH_AW_SECRET_VERIFICATION_RESULT: ${{ needs.activation.outputs.secret_verification_result }}
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Penned with care by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Hark! The muse awakens โ [{workflow_name}]({run_url}) begins its verse upon this {event_type}...\",\"runSuccess\":\"โจ Lo! [{workflow_name}]({run_url}) hath woven its tale to completion, like a sonnet finding its final rhyme. ๐\",\"runFailure\":\"๐ง๏ธ Alas! [{workflow_name}]({run_url}) {status}, its quill fallen mid-verse. The poem remains unfinished...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Penned with care by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Hark! The muse awakens โ [{workflow_name}]({run_url}) begins its verse upon this {event_type}...\",\"runSuccess\":\"โจ Lo! [{workflow_name}]({run_url}) hath woven its tale to completion, like a sonnet finding its final rhyme. ๐\",\"runFailure\":\"๐ง๏ธ Alas! [{workflow_name}]({run_url}) {status}, its quill fallen mid-verse. The poem remains unfinished...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "15"
@@ -1050,9 +1052,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-fact"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: "gpt-5.1-codex-mini"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Penned with care by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Hark! The muse awakens โ [{workflow_name}]({run_url}) begins its verse upon this {event_type}...\",\"runSuccess\":\"โจ Lo! [{workflow_name}]({run_url}) hath woven its tale to completion, like a sonnet finding its final rhyme. ๐\",\"runFailure\":\"๐ง๏ธ Alas! [{workflow_name}]({run_url}) {status}, its quill fallen mid-verse. The poem remains unfinished...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Penned with care by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Hark! The muse awakens โ [{workflow_name}]({run_url}) begins its verse upon this {event_type}...\",\"runSuccess\":\"โจ Lo! [{workflow_name}]({run_url}) hath woven its tale to completion, like a sonnet finding its final rhyme. ๐\",\"runFailure\":\"๐ง๏ธ Alas! [{workflow_name}]({run_url}) {status}, its quill fallen mid-verse. The poem remains unfinished...\"}"
GH_AW_TRACKER_ID: "daily-fact-thread"
GH_AW_WORKFLOW_ID: "daily-fact"
GH_AW_WORKFLOW_NAME: "Daily Fact About gh-aw"
diff --git a/.github/workflows/daily-fact.md b/.github/workflows/daily-fact.md
index 71fda767eb5..b6516a5222a 100644
--- a/.github/workflows/daily-fact.md
+++ b/.github/workflows/daily-fact.md
@@ -34,7 +34,7 @@ safe-outputs:
add-comment:
target: "4750"
messages:
- footer: "> ๐ชถ *Penned with care by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ชถ *Penned with care by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ Hark! The muse awakens โ [{workflow_name}]({run_url}) begins its verse upon this {event_type}..."
run-success: "โจ Lo! [{workflow_name}]({run_url}) hath woven its tale to completion, like a sonnet finding its final rhyme. ๐"
run-failure: "๐ง๏ธ Alas! [{workflow_name}]({run_url}) {status}, its quill fallen mid-verse. The poem remains unfinished..."
diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml
index 0a7dd0a52b8..eec6b68c875 100644
--- a/.github/workflows/daily-file-diet.lock.yml
+++ b/.github/workflows/daily-file-diet.lock.yml
@@ -307,6 +307,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyfilediet
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -783,6 +784,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1156,6 +1158,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-file-diet"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-file-diet"
diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml
index 9ccffe10d61..e1808a7f446 100644
--- a/.github/workflows/daily-firewall-report.lock.yml
+++ b/.github/workflows/daily-firewall-report.lock.yml
@@ -281,6 +281,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyfirewallreport
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -826,6 +827,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1179,6 +1181,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-firewall-report"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-firewall-report"
diff --git a/.github/workflows/daily-function-namer.lock.yml b/.github/workflows/daily-function-namer.lock.yml
index 2910ca05d47..488a1f32aec 100644
--- a/.github/workflows/daily-function-namer.lock.yml
+++ b/.github/workflows/daily-function-namer.lock.yml
@@ -309,6 +309,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyfunctionnamer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -836,6 +837,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1189,6 +1191,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-function-namer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-function-namer"
diff --git a/.github/workflows/daily-integrity-analysis.lock.yml b/.github/workflows/daily-integrity-analysis.lock.yml
index b4b094ffbe9..905564a8916 100644
--- a/.github/workflows/daily-integrity-analysis.lock.yml
+++ b/.github/workflows/daily-integrity-analysis.lock.yml
@@ -282,6 +282,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyintegrityanalysis
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -833,6 +834,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1024,6 +1026,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-integrity-analysis"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-integrity-analysis"
diff --git a/.github/workflows/daily-issues-report.lock.yml b/.github/workflows/daily-issues-report.lock.yml
index 25c7cc4abf4..e2f6f941a0e 100644
--- a/.github/workflows/daily-issues-report.lock.yml
+++ b/.github/workflows/daily-issues-report.lock.yml
@@ -296,6 +296,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyissuesreport
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -812,6 +813,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1036,6 +1038,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-issues-report"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-issues-report"
diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml
index 39cb55ad0e4..dfb1002c2bf 100644
--- a/.github/workflows/daily-malicious-code-scan.lock.yml
+++ b/.github/workflows/daily-malicious-code-scan.lock.yml
@@ -261,6 +261,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailymaliciouscodescan
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -689,6 +690,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -860,6 +862,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-malicious-code-scan"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "malicious-code-scan"
diff --git a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
index 4ebe522055f..13dea6318df 100644
--- a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
+++ b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
@@ -303,6 +303,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailymcpconcurrencyanalysis
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -810,6 +811,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1150,6 +1152,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-mcp-concurrency-analysis"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "mcp-concurrency-analysis"
diff --git a/.github/workflows/daily-multi-device-docs-tester.lock.yml b/.github/workflows/daily-multi-device-docs-tester.lock.yml
index 87940353b32..bbdbd1413a4 100644
--- a/.github/workflows/daily-multi-device-docs-tester.lock.yml
+++ b/.github/workflows/daily-multi-device-docs-tester.lock.yml
@@ -282,6 +282,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailymultidevicedocstester
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -854,6 +855,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1205,6 +1207,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-multi-device-docs-tester"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-multi-device-docs-tester"
diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml
index 1ded02d3c20..b3d9cb0b1e7 100644
--- a/.github/workflows/daily-news.lock.yml
+++ b/.github/workflows/daily-news.lock.yml
@@ -294,6 +294,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailynews
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -871,6 +872,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1322,6 +1324,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-news"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-news-weekday"
diff --git a/.github/workflows/daily-observability-report.lock.yml b/.github/workflows/daily-observability-report.lock.yml
index 1caa224e50a..87847b8cde4 100644
--- a/.github/workflows/daily-observability-report.lock.yml
+++ b/.github/workflows/daily-observability-report.lock.yml
@@ -276,6 +276,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyobservabilityreport
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -791,6 +792,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -998,6 +1000,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-observability-report"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-observability-report"
diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml
index a4198fba7f5..e7ecdb740f3 100644
--- a/.github/workflows/daily-performance-summary.lock.yml
+++ b/.github/workflows/daily-performance-summary.lock.yml
@@ -283,6 +283,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyperformancesummary
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -1237,6 +1238,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1591,6 +1593,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-performance-summary"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-performance-summary"
diff --git a/.github/workflows/daily-regulatory.lock.yml b/.github/workflows/daily-regulatory.lock.yml
index a1f218f4648..020d186e609 100644
--- a/.github/workflows/daily-regulatory.lock.yml
+++ b/.github/workflows/daily-regulatory.lock.yml
@@ -272,6 +272,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyregulatory
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -1170,6 +1171,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1347,6 +1349,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-regulatory"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-regulatory"
diff --git a/.github/workflows/daily-rendering-scripts-verifier.lock.yml b/.github/workflows/daily-rendering-scripts-verifier.lock.yml
index f2d69feec90..25337b8b3b1 100644
--- a/.github/workflows/daily-rendering-scripts-verifier.lock.yml
+++ b/.github/workflows/daily-rendering-scripts-verifier.lock.yml
@@ -286,6 +286,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyrenderingscriptsverifier
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -893,6 +894,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1296,6 +1298,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-rendering-scripts-verifier"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-rendering-scripts-verifier"
diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml
index 1a7efcffbb5..2f4bebe811b 100644
--- a/.github/workflows/daily-repo-chronicle.lock.yml
+++ b/.github/workflows/daily-repo-chronicle.lock.yml
@@ -275,6 +275,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyrepochronicle
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -748,6 +749,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1102,6 +1104,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-repo-chronicle"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-repo-chronicle"
diff --git a/.github/workflows/daily-safe-output-integrator.lock.yml b/.github/workflows/daily-safe-output-integrator.lock.yml
index 96a996412ba..d0ccfcd7857 100644
--- a/.github/workflows/daily-safe-output-integrator.lock.yml
+++ b/.github/workflows/daily-safe-output-integrator.lock.yml
@@ -265,6 +265,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailysafeoutputintegrator
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -724,6 +725,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1057,6 +1059,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-safe-output-integrator"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-safe-output-integrator"
diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml
index e46cde170b1..fd73f209485 100644
--- a/.github/workflows/daily-safe-output-optimizer.lock.yml
+++ b/.github/workflows/daily-safe-output-optimizer.lock.yml
@@ -286,6 +286,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailysafeoutputoptimizer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -882,6 +883,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1277,6 +1279,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-safe-output-optimizer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "daily-safe-output-optimizer"
diff --git a/.github/workflows/daily-safe-outputs-conformance.lock.yml b/.github/workflows/daily-safe-outputs-conformance.lock.yml
index 7d36bb5a9f0..1a32e6cbafd 100644
--- a/.github/workflows/daily-safe-outputs-conformance.lock.yml
+++ b/.github/workflows/daily-safe-outputs-conformance.lock.yml
@@ -266,6 +266,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailysafeoutputsconformance
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -748,6 +749,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1089,6 +1091,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-safe-outputs-conformance"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "safe-outputs-conformance"
diff --git a/.github/workflows/daily-secrets-analysis.lock.yml b/.github/workflows/daily-secrets-analysis.lock.yml
index 8379fb87601..65dae9ccdb2 100644
--- a/.github/workflows/daily-secrets-analysis.lock.yml
+++ b/.github/workflows/daily-secrets-analysis.lock.yml
@@ -264,6 +264,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailysecretsanalysis
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -679,6 +680,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -854,6 +856,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-secrets-analysis"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-secrets-analysis"
diff --git a/.github/workflows/daily-security-red-team.lock.yml b/.github/workflows/daily-security-red-team.lock.yml
index 828849c1f4e..d986e031eac 100644
--- a/.github/workflows/daily-security-red-team.lock.yml
+++ b/.github/workflows/daily-security-red-team.lock.yml
@@ -270,6 +270,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailysecurityredteam
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -752,6 +753,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1093,6 +1095,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-security-red-team"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "security-red-team"
diff --git a/.github/workflows/daily-semgrep-scan.lock.yml b/.github/workflows/daily-semgrep-scan.lock.yml
index cfe6c453371..2fe6f902a04 100644
--- a/.github/workflows/daily-semgrep-scan.lock.yml
+++ b/.github/workflows/daily-semgrep-scan.lock.yml
@@ -266,6 +266,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailysemgrepscan
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -714,6 +715,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1038,6 +1040,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-semgrep-scan"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "daily-semgrep-scan"
diff --git a/.github/workflows/daily-syntax-error-quality.lock.yml b/.github/workflows/daily-syntax-error-quality.lock.yml
index f799a487e31..7167ccddb5d 100644
--- a/.github/workflows/daily-syntax-error-quality.lock.yml
+++ b/.github/workflows/daily-syntax-error-quality.lock.yml
@@ -262,6 +262,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailysyntaxerrorquality
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -718,6 +719,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1046,6 +1048,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-syntax-error-quality"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-syntax-error-quality"
diff --git a/.github/workflows/daily-team-evolution-insights.lock.yml b/.github/workflows/daily-team-evolution-insights.lock.yml
index e8f9d7386a4..95c8ad699a1 100644
--- a/.github/workflows/daily-team-evolution-insights.lock.yml
+++ b/.github/workflows/daily-team-evolution-insights.lock.yml
@@ -270,6 +270,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyteamevolutioninsights
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -745,6 +746,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -918,6 +920,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-team-evolution-insights"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-team-evolution-insights"
diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml
index a4e15c7612d..c6c2c9ede9f 100644
--- a/.github/workflows/daily-team-status.lock.yml
+++ b/.github/workflows/daily-team-status.lock.yml
@@ -276,6 +276,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyteamstatus
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -698,6 +699,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1063,6 +1065,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-team-status"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-team-status"
diff --git a/.github/workflows/daily-testify-uber-super-expert.lock.yml b/.github/workflows/daily-testify-uber-super-expert.lock.yml
index c7f9a843a8e..c338e695de6 100644
--- a/.github/workflows/daily-testify-uber-super-expert.lock.yml
+++ b/.github/workflows/daily-testify-uber-super-expert.lock.yml
@@ -321,6 +321,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailytestifyubersuperexpert
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -811,6 +812,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1281,6 +1283,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-testify-uber-super-expert"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-testify-uber-super-expert"
diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml
index b596489c7dd..9a91635ca0d 100644
--- a/.github/workflows/daily-workflow-updater.lock.yml
+++ b/.github/workflows/daily-workflow-updater.lock.yml
@@ -258,6 +258,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dailyworkflowupdater
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -683,6 +684,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1016,6 +1018,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/daily-workflow-updater"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "daily-workflow-updater"
diff --git a/.github/workflows/dead-code-remover.lock.yml b/.github/workflows/dead-code-remover.lock.yml
index 5c075465431..84b2d17fca7 100644
--- a/.github/workflows/dead-code-remover.lock.yml
+++ b/.github/workflows/dead-code-remover.lock.yml
@@ -281,6 +281,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: deadcoderemover
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -731,6 +732,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1118,6 +1120,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/dead-code-remover"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "dead-code-remover"
diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml
index 96219876539..307eb53b4ae 100644
--- a/.github/workflows/deep-report.lock.yml
+++ b/.github/workflows/deep-report.lock.yml
@@ -298,6 +298,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: deepreport
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -946,6 +947,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1410,6 +1412,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/deep-report"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "deep-report-intel-agent"
diff --git a/.github/workflows/delight.lock.yml b/.github/workflows/delight.lock.yml
index 3c5f0bdb0f6..f1c068f1189 100644
--- a/.github/workflows/delight.lock.yml
+++ b/.github/workflows/delight.lock.yml
@@ -29,7 +29,7 @@
# - shared/repo-memory-standard.md
# - shared/reporting.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"bbbc63edf6c0be801dac5706aabf12206efa01b3f5cd87821b2218fd3389a683","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"824c692ca5de2234ae59dcae2168fc2d13cac9aa3ca14fe59139347568d8a3a0","strict":true,"agent_id":"copilot"}
name: "Delight"
"on":
@@ -135,15 +135,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_0f38e7fc27eeb2b3_EOF'
+ cat << 'GH_AW_PROMPT_9ab0f9b62a2b6b23_EOF'
- GH_AW_PROMPT_0f38e7fc27eeb2b3_EOF
+ GH_AW_PROMPT_9ab0f9b62a2b6b23_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_0f38e7fc27eeb2b3_EOF'
+ cat << 'GH_AW_PROMPT_9ab0f9b62a2b6b23_EOF'
Tools: create_issue(max:2), create_discussion, missing_tool, missing_data, noop
@@ -175,14 +175,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_0f38e7fc27eeb2b3_EOF
+ GH_AW_PROMPT_9ab0f9b62a2b6b23_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_0f38e7fc27eeb2b3_EOF'
+ cat << 'GH_AW_PROMPT_9ab0f9b62a2b6b23_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/jqschema.md}}
{{#runtime-import .github/workflows/delight.md}}
- GH_AW_PROMPT_0f38e7fc27eeb2b3_EOF
+ GH_AW_PROMPT_9ab0f9b62a2b6b23_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -281,6 +281,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: delight
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -374,12 +375,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_e32ce1fe30944ee1_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_c7782aa68c60abb8_EOF'
{"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[delight] "},"create_issue":{"expires":48,"group":true,"labels":["delight","cookie"],"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":10240}]}}
- GH_AW_SAFE_OUTPUTS_CONFIG_e32ce1fe30944ee1_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_c7782aa68c60abb8_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_c0ee9a20111cd649_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_1366d14a5882f7a4_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[delight] \". Discussions will be created in category \"audits\".",
@@ -388,8 +389,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_c0ee9a20111cd649_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_a040dc04b4a6c9e9_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_1366d14a5882f7a4_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_3f876facfe82a1b2_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -508,7 +509,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_a040dc04b4a6c9e9_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_3f876facfe82a1b2_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -578,7 +579,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_27820e2432e7bdd6_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_17d1b71e7ef97bf6_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -619,7 +620,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_27820e2432e7bdd6_EOF
+ GH_AW_MCP_CONFIG_17d1b71e7ef97bf6_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -766,6 +767,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -932,7 +934,7 @@ jobs:
GH_AW_CREATE_DISCUSSION_ERRORS: ${{ needs.safe_outputs.outputs.create_discussion_errors }}
GH_AW_CREATE_DISCUSSION_ERROR_COUNT: ${{ needs.safe_outputs.outputs.create_discussion_error_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *User experience analysis by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Delight Agent starting! [{workflow_name}]({run_url}) is analyzing user-facing aspects for improvement opportunities...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has identified targeted improvements for user experience.\",\"runFailure\":\"โ ๏ธ Analysis interrupted! [{workflow_name}]({run_url}) {status}. Please review the logs...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *User experience analysis by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Delight Agent starting! [{workflow_name}]({run_url}) is analyzing user-facing aspects for improvement opportunities...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has identified targeted improvements for user experience.\",\"runFailure\":\"โ ๏ธ Analysis interrupted! [{workflow_name}]({run_url}) {status}. Please review the logs...\"}"
GH_AW_PUSH_REPO_MEMORY_RESULT: ${{ needs.push_repo_memory.result }}
GH_AW_REPO_MEMORY_VALIDATION_FAILED_default: ${{ needs.push_repo_memory.outputs.validation_failed_default }}
GH_AW_REPO_MEMORY_VALIDATION_ERROR_default: ${{ needs.push_repo_memory.outputs.validation_error_default }}
@@ -1196,9 +1198,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/delight"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *User experience analysis by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Delight Agent starting! [{workflow_name}]({run_url}) is analyzing user-facing aspects for improvement opportunities...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has identified targeted improvements for user experience.\",\"runFailure\":\"โ ๏ธ Analysis interrupted! [{workflow_name}]({run_url}) {status}. Please review the logs...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *User experience analysis by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Delight Agent starting! [{workflow_name}]({run_url}) is analyzing user-facing aspects for improvement opportunities...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has identified targeted improvements for user experience.\",\"runFailure\":\"โ ๏ธ Analysis interrupted! [{workflow_name}]({run_url}) {status}. Please review the logs...\"}"
GH_AW_TRACKER_ID: "delight-daily"
GH_AW_WORKFLOW_ID: "delight"
GH_AW_WORKFLOW_NAME: "Delight"
diff --git a/.github/workflows/delight.md b/.github/workflows/delight.md
index 64e890382c5..4ed37b7603e 100644
--- a/.github/workflows/delight.md
+++ b/.github/workflows/delight.md
@@ -28,7 +28,7 @@ safe-outputs:
max: 2
group: true
messages:
- footer: "> ๐ *User experience analysis by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ *User experience analysis by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ Delight Agent starting! [{workflow_name}]({run_url}) is analyzing user-facing aspects for improvement opportunities..."
run-success: "โ
Analysis complete! [{workflow_name}]({run_url}) has identified targeted improvements for user experience."
run-failure: "โ ๏ธ Analysis interrupted! [{workflow_name}]({run_url}) {status}. Please review the logs..."
diff --git a/.github/workflows/dependabot-burner.lock.yml b/.github/workflows/dependabot-burner.lock.yml
index 18abe645c6f..c9fec26c323 100644
--- a/.github/workflows/dependabot-burner.lock.yml
+++ b/.github/workflows/dependabot-burner.lock.yml
@@ -268,6 +268,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dependabotburner
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -690,6 +691,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1046,6 +1048,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/dependabot-burner"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "dependabot-burner"
diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml
index 9a0cca6bcc6..72333e33beb 100644
--- a/.github/workflows/dependabot-go-checker.lock.yml
+++ b/.github/workflows/dependabot-go-checker.lock.yml
@@ -267,6 +267,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dependabotgochecker
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -708,6 +709,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1032,6 +1034,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/dependabot-go-checker"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "dependabot-go-checker"
diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml
index d21fd50de6b..6d12c123c3a 100644
--- a/.github/workflows/dev-hawk.lock.yml
+++ b/.github/workflows/dev-hawk.lock.yml
@@ -22,7 +22,7 @@
#
# Monitors development workflow activities and provides real-time alerts and insights on pull requests and CI status
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"aa448b3fcead039b6003089c1039cb3d15ce90ec940704c2e34f745bc25cc03f","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"f118003f8e408d7cadb2e85b53023b481ed91ae92c9b72439159ea3d886358c8","strict":true,"agent_id":"copilot"}
name: "Dev Hawk"
"on":
@@ -137,15 +137,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_1771868d9e6ff665_EOF'
+ cat << 'GH_AW_PROMPT_103161011f936ab9_EOF'
- GH_AW_PROMPT_1771868d9e6ff665_EOF
+ GH_AW_PROMPT_103161011f936ab9_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_1771868d9e6ff665_EOF'
+ cat << 'GH_AW_PROMPT_103161011f936ab9_EOF'
Tools: add_comment, missing_tool, missing_data, noop
@@ -177,12 +177,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_1771868d9e6ff665_EOF
+ GH_AW_PROMPT_103161011f936ab9_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_1771868d9e6ff665_EOF'
+ cat << 'GH_AW_PROMPT_103161011f936ab9_EOF'
{{#runtime-import .github/workflows/dev-hawk.md}}
- GH_AW_PROMPT_1771868d9e6ff665_EOF
+ GH_AW_PROMPT_103161011f936ab9_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -287,6 +287,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: devhawk
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -421,12 +422,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_a4700f24a27fafaa_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_1295e446c52dbbb9_EOF'
{"add_comment":{"max":1,"target":"*"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_a4700f24a27fafaa_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_1295e446c52dbbb9_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_f23b336009c76730_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_19ca6e94fcdf3998_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added. Target: *."
@@ -434,8 +435,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_f23b336009c76730_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_3bff7459e51b3f38_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_19ca6e94fcdf3998_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_1e887fcc44318a4d_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -513,7 +514,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_3bff7459e51b3f38_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_1e887fcc44318a4d_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -584,7 +585,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_9a3e574e81d50efa_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_ab0350833da7ec40_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -644,7 +645,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_9a3e574e81d50efa_EOF
+ GH_AW_MCP_CONFIG_ab0350833da7ec40_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -784,6 +785,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -936,7 +938,7 @@ jobs:
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_INFERENCE_ACCESS_ERROR: ${{ needs.agent.outputs.inference_access_error }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฆ
*Observed from above by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฆ
Dev Hawk circles the sky! [{workflow_name}]({run_url}) is monitoring this {event_type} from above...\",\"runSuccess\":\"๐ฆ
Hawk eyes report! [{workflow_name}]({run_url}) has completed reconnaissance. Intel delivered! ๐ฏ\",\"runFailure\":\"๐ฆ
Hawk down! [{workflow_name}]({run_url}) {status}. The skies grow quiet...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฆ
*Observed from above by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฆ
Dev Hawk circles the sky! [{workflow_name}]({run_url}) is monitoring this {event_type} from above...\",\"runSuccess\":\"๐ฆ
Hawk eyes report! [{workflow_name}]({run_url}) has completed reconnaissance. Intel delivered! ๐ฏ\",\"runFailure\":\"๐ฆ
Hawk down! [{workflow_name}]({run_url}) {status}. The skies grow quiet...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "15"
@@ -1147,9 +1149,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/dev-hawk"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฆ
*Observed from above by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฆ
Dev Hawk circles the sky! [{workflow_name}]({run_url}) is monitoring this {event_type} from above...\",\"runSuccess\":\"๐ฆ
Hawk eyes report! [{workflow_name}]({run_url}) has completed reconnaissance. Intel delivered! ๐ฏ\",\"runFailure\":\"๐ฆ
Hawk down! [{workflow_name}]({run_url}) {status}. The skies grow quiet...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฆ
*Observed from above by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฆ
Dev Hawk circles the sky! [{workflow_name}]({run_url}) is monitoring this {event_type} from above...\",\"runSuccess\":\"๐ฆ
Hawk eyes report! [{workflow_name}]({run_url}) has completed reconnaissance. Intel delivered! ๐ฏ\",\"runFailure\":\"๐ฆ
Hawk down! [{workflow_name}]({run_url}) {status}. The skies grow quiet...\"}"
GH_AW_WORKFLOW_ID: "dev-hawk"
GH_AW_WORKFLOW_NAME: "Dev Hawk"
outputs:
diff --git a/.github/workflows/dev-hawk.md b/.github/workflows/dev-hawk.md
index 1d92dab54c8..3b38033f549 100644
--- a/.github/workflows/dev-hawk.md
+++ b/.github/workflows/dev-hawk.md
@@ -26,7 +26,7 @@ safe-outputs:
max: 1
target: "*"
messages:
- footer: "> ๐ฆ
*Observed from above by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ฆ
*Observed from above by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ฆ
Dev Hawk circles the sky! [{workflow_name}]({run_url}) is monitoring this {event_type} from above..."
run-success: "๐ฆ
Hawk eyes report! [{workflow_name}]({run_url}) has completed reconnaissance. Intel delivered! ๐ฏ"
run-failure: "๐ฆ
Hawk down! [{workflow_name}]({run_url}) {status}. The skies grow quiet..."
diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml
index 06cd5885f85..5453be18af2 100644
--- a/.github/workflows/dev.lock.yml
+++ b/.github/workflows/dev.lock.yml
@@ -337,6 +337,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dev
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -814,6 +815,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1264,6 +1266,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/dev"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "dev"
diff --git a/.github/workflows/developer-docs-consolidator.lock.yml b/.github/workflows/developer-docs-consolidator.lock.yml
index a3c545f3641..0438efe03cd 100644
--- a/.github/workflows/developer-docs-consolidator.lock.yml
+++ b/.github/workflows/developer-docs-consolidator.lock.yml
@@ -345,6 +345,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: developerdocsconsolidator
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -993,6 +994,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1519,6 +1521,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/developer-docs-consolidator"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "developer-docs-consolidator"
diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml
index 4ade7f99424..1675fe103d9 100644
--- a/.github/workflows/dictation-prompt.lock.yml
+++ b/.github/workflows/dictation-prompt.lock.yml
@@ -283,6 +283,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: dictationprompt
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -763,6 +764,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1163,6 +1165,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/dictation-prompt"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "dictation-prompt"
diff --git a/.github/workflows/discussion-task-miner.lock.yml b/.github/workflows/discussion-task-miner.lock.yml
index 5c8e344bf1e..d1578fe710b 100644
--- a/.github/workflows/discussion-task-miner.lock.yml
+++ b/.github/workflows/discussion-task-miner.lock.yml
@@ -29,7 +29,7 @@
# - shared/repo-memory-standard.md
# - shared/reporting.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"da5ebd0fcc145d0547a61913f1a5c48c00279fc878bd841dee63a375cd54b95b","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"8bbb367544933bd7a60c7a32d647a5763a8b974f59723056e46692d58347a96c","strict":true,"agent_id":"copilot"}
name: "Discussion Task Miner - Code Quality Improvement Agent"
"on":
@@ -135,15 +135,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_60c922307332e6f2_EOF'
+ cat << 'GH_AW_PROMPT_2be227c20cd8213e_EOF'
- GH_AW_PROMPT_60c922307332e6f2_EOF
+ GH_AW_PROMPT_2be227c20cd8213e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_60c922307332e6f2_EOF'
+ cat << 'GH_AW_PROMPT_2be227c20cd8213e_EOF'
Tools: add_comment(max:3), create_issue(max:5), missing_tool, missing_data, noop
@@ -175,15 +175,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_60c922307332e6f2_EOF
+ GH_AW_PROMPT_2be227c20cd8213e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_60c922307332e6f2_EOF'
+ cat << 'GH_AW_PROMPT_2be227c20cd8213e_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
{{#runtime-import .github/workflows/shared/jqschema.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/discussion-task-miner.md}}
- GH_AW_PROMPT_60c922307332e6f2_EOF
+ GH_AW_PROMPT_2be227c20cd8213e_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -280,6 +280,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: discussiontaskminer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -371,12 +372,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_51e00899c65d8363_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_17849ed37099abd5_EOF'
{"add_comment":{"max":3},"create_issue":{"expires":24,"group":true,"labels":["code-quality","automation","task-mining"],"max":5,"title_prefix":"[Code Quality] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":10240}]}}
- GH_AW_SAFE_OUTPUTS_CONFIG_51e00899c65d8363_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_17849ed37099abd5_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_28cecfe9cfb510e3_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_c1d052592baf4a80_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 3 comment(s) can be added.",
@@ -385,8 +386,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_28cecfe9cfb510e3_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_615ad59be8fd159a_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_c1d052592baf4a80_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_93b5e1b9e68495b8_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -497,7 +498,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_615ad59be8fd159a_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_93b5e1b9e68495b8_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -565,7 +566,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_a4dfebcda56ba5ca_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_0c41d1cf13dc69ef_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -609,7 +610,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_a4dfebcda56ba5ca_EOF
+ GH_AW_MCP_CONFIG_0c41d1cf13dc69ef_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -754,6 +755,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -921,7 +923,7 @@ jobs:
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_INFERENCE_ACCESS_ERROR: ${{ needs.agent.outputs.inference_access_error }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Task mining by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Discussion Task Miner starting! [{workflow_name}]({run_url}) is scanning discussions for code quality improvements...\",\"runSuccess\":\"โ
Task mining complete! [{workflow_name}]({run_url}) has identified actionable code quality tasks. ๐\",\"runFailure\":\"โ ๏ธ Task mining interrupted! [{workflow_name}]({run_url}) {status}. Please review the logs...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Task mining by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Discussion Task Miner starting! [{workflow_name}]({run_url}) is scanning discussions for code quality improvements...\",\"runSuccess\":\"โ
Task mining complete! [{workflow_name}]({run_url}) has identified actionable code quality tasks. ๐\",\"runFailure\":\"โ ๏ธ Task mining interrupted! [{workflow_name}]({run_url}) {status}. Please review the logs...\"}"
GH_AW_PUSH_REPO_MEMORY_RESULT: ${{ needs.push_repo_memory.result }}
GH_AW_REPO_MEMORY_VALIDATION_FAILED_default: ${{ needs.push_repo_memory.outputs.validation_failed_default }}
GH_AW_REPO_MEMORY_VALIDATION_ERROR_default: ${{ needs.push_repo_memory.outputs.validation_error_default }}
@@ -1186,9 +1188,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/discussion-task-miner"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Task mining by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Discussion Task Miner starting! [{workflow_name}]({run_url}) is scanning discussions for code quality improvements...\",\"runSuccess\":\"โ
Task mining complete! [{workflow_name}]({run_url}) has identified actionable code quality tasks. ๐\",\"runFailure\":\"โ ๏ธ Task mining interrupted! [{workflow_name}]({run_url}) {status}. Please review the logs...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Task mining by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Discussion Task Miner starting! [{workflow_name}]({run_url}) is scanning discussions for code quality improvements...\",\"runSuccess\":\"โ
Task mining complete! [{workflow_name}]({run_url}) has identified actionable code quality tasks. ๐\",\"runFailure\":\"โ ๏ธ Task mining interrupted! [{workflow_name}]({run_url}) {status}. Please review the logs...\"}"
GH_AW_TRACKER_ID: "discussion-task-miner"
GH_AW_WORKFLOW_ID: "discussion-task-miner"
GH_AW_WORKFLOW_NAME: "Discussion Task Miner - Code Quality Improvement Agent"
diff --git a/.github/workflows/discussion-task-miner.md b/.github/workflows/discussion-task-miner.md
index 8e2ffef4903..eabd05a259d 100644
--- a/.github/workflows/discussion-task-miner.md
+++ b/.github/workflows/discussion-task-miner.md
@@ -31,7 +31,7 @@ safe-outputs:
add-comment:
max: 3
messages:
- footer: "> ๐ *Task mining by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ *Task mining by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ Discussion Task Miner starting! [{workflow_name}]({run_url}) is scanning discussions for code quality improvements..."
run-success: "โ
Task mining complete! [{workflow_name}]({run_url}) has identified actionable code quality tasks. ๐"
run-failure: "โ ๏ธ Task mining interrupted! [{workflow_name}]({run_url}) {status}. Please review the logs..."
diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml
index 591cba540e5..d203ffc400b 100644
--- a/.github/workflows/docs-noob-tester.lock.yml
+++ b/.github/workflows/docs-noob-tester.lock.yml
@@ -270,6 +270,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: docsnoobtester
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -722,6 +723,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1061,6 +1063,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/docs-noob-tester"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "docs-noob-tester"
diff --git a/.github/workflows/draft-pr-cleanup.lock.yml b/.github/workflows/draft-pr-cleanup.lock.yml
index 42d3b44ee06..846e6ff3474 100644
--- a/.github/workflows/draft-pr-cleanup.lock.yml
+++ b/.github/workflows/draft-pr-cleanup.lock.yml
@@ -256,6 +256,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: draftprcleanup
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -718,6 +719,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1048,6 +1050,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/draft-pr-cleanup"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_SAFE_OUTPUT_MESSAGES: "{\"runStarted\":\"๐งน Starting draft PR cleanup... [{workflow_name}]({run_url}) is reviewing draft PRs for staleness\",\"runSuccess\":\"โ
Draft PR cleanup complete! [{workflow_name}]({run_url}) has reviewed and processed stale drafts.\",\"runFailure\":\"โ Draft PR cleanup failed! [{workflow_name}]({run_url}) {status}. Some draft PRs may not be processed.\"}"
diff --git a/.github/workflows/duplicate-code-detector.lock.yml b/.github/workflows/duplicate-code-detector.lock.yml
index d0d4ff2b707..a958a33c8a1 100644
--- a/.github/workflows/duplicate-code-detector.lock.yml
+++ b/.github/workflows/duplicate-code-detector.lock.yml
@@ -309,6 +309,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: duplicatecodedetector
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -789,6 +790,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1114,6 +1116,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/duplicate-code-detector"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "duplicate-code-detector"
diff --git a/.github/workflows/example-permissions-warning.lock.yml b/.github/workflows/example-permissions-warning.lock.yml
index d06a056baf5..486431accd7 100644
--- a/.github/workflows/example-permissions-warning.lock.yml
+++ b/.github/workflows/example-permissions-warning.lock.yml
@@ -245,6 +245,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: examplepermissionswarning
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
steps:
@@ -464,6 +465,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml
index 7b9a5235d0f..73fb77b3fd3 100644
--- a/.github/workflows/example-workflow-analyzer.lock.yml
+++ b/.github/workflows/example-workflow-analyzer.lock.yml
@@ -268,6 +268,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: exampleworkflowanalyzer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -816,6 +817,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -986,6 +988,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/example-workflow-analyzer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "example-workflow-analyzer"
diff --git a/.github/workflows/firewall-escape.lock.yml b/.github/workflows/firewall-escape.lock.yml
index fc792281b42..cef1cafdd06 100644
--- a/.github/workflows/firewall-escape.lock.yml
+++ b/.github/workflows/firewall-escape.lock.yml
@@ -301,6 +301,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: firewallescape
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -741,6 +742,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1255,6 +1257,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/firewall-escape"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "firewall-escape"
diff --git a/.github/workflows/firewall.lock.yml b/.github/workflows/firewall.lock.yml
index 2055a03bfd4..992ef214f44 100644
--- a/.github/workflows/firewall.lock.yml
+++ b/.github/workflows/firewall.lock.yml
@@ -247,6 +247,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: firewall
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
steps:
@@ -466,6 +467,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
diff --git a/.github/workflows/functional-pragmatist.lock.yml b/.github/workflows/functional-pragmatist.lock.yml
index 81164bbb579..4a3fab94ac2 100644
--- a/.github/workflows/functional-pragmatist.lock.yml
+++ b/.github/workflows/functional-pragmatist.lock.yml
@@ -269,6 +269,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: functionalpragmatist
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -694,6 +695,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1026,6 +1028,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/functional-pragmatist"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "functional-pragmatist"
diff --git a/.github/workflows/github-mcp-structural-analysis.lock.yml b/.github/workflows/github-mcp-structural-analysis.lock.yml
index 07ff7200a6e..a62dceb4d93 100644
--- a/.github/workflows/github-mcp-structural-analysis.lock.yml
+++ b/.github/workflows/github-mcp-structural-analysis.lock.yml
@@ -282,6 +282,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: githubmcpstructuralanalysis
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -819,6 +820,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1004,6 +1006,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/github-mcp-structural-analysis"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "github-mcp-structural-analysis"
diff --git a/.github/workflows/github-mcp-tools-report.lock.yml b/.github/workflows/github-mcp-tools-report.lock.yml
index 564f0665807..4d36b55c2de 100644
--- a/.github/workflows/github-mcp-tools-report.lock.yml
+++ b/.github/workflows/github-mcp-tools-report.lock.yml
@@ -280,6 +280,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: githubmcptoolsreport
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -811,6 +812,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1170,6 +1172,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/github-mcp-tools-report"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "github-mcp-tools-report"
diff --git a/.github/workflows/github-remote-mcp-auth-test.lock.yml b/.github/workflows/github-remote-mcp-auth-test.lock.yml
index 614bf07f8f2..866888c12de 100644
--- a/.github/workflows/github-remote-mcp-auth-test.lock.yml
+++ b/.github/workflows/github-remote-mcp-auth-test.lock.yml
@@ -270,6 +270,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: githubremotemcpauthtest
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -694,6 +695,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -867,6 +869,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/github-remote-mcp-auth-test"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: "gpt-5.1-codex-mini"
GH_AW_WORKFLOW_ID: "github-remote-mcp-auth-test"
diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml
index bd96b8b9d8e..d1a7b0ff0f6 100644
--- a/.github/workflows/glossary-maintainer.lock.yml
+++ b/.github/workflows/glossary-maintainer.lock.yml
@@ -345,6 +345,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: glossarymaintainer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -890,6 +891,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1398,6 +1400,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/glossary-maintainer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "glossary-maintainer"
diff --git a/.github/workflows/go-fan.lock.yml b/.github/workflows/go-fan.lock.yml
index fe57daa5eba..dd7d965d2fb 100644
--- a/.github/workflows/go-fan.lock.yml
+++ b/.github/workflows/go-fan.lock.yml
@@ -313,6 +313,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: gofan
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -859,6 +860,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1037,6 +1039,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/go-fan"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "go-fan-daily"
diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml
index e7b2b3a1074..c696f3d94b9 100644
--- a/.github/workflows/go-logger.lock.yml
+++ b/.github/workflows/go-logger.lock.yml
@@ -275,6 +275,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: gologger
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -973,6 +974,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1329,6 +1331,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/go-logger"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "go-logger"
diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml
index 2ef4a2c8aba..ccdcae826fc 100644
--- a/.github/workflows/go-pattern-detector.lock.yml
+++ b/.github/workflows/go-pattern-detector.lock.yml
@@ -276,6 +276,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: gopatterndetector
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -773,6 +774,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1155,6 +1157,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/go-pattern-detector"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "go-pattern-detector"
diff --git a/.github/workflows/gpclean.lock.yml b/.github/workflows/gpclean.lock.yml
index 4ce0753b2b8..0d2a97c24d6 100644
--- a/.github/workflows/gpclean.lock.yml
+++ b/.github/workflows/gpclean.lock.yml
@@ -273,6 +273,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: gpclean
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -716,6 +717,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1052,6 +1054,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/gpclean"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "gpclean"
diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml
index a803db085b8..082ff9174de 100644
--- a/.github/workflows/grumpy-reviewer.lock.yml
+++ b/.github/workflows/grumpy-reviewer.lock.yml
@@ -27,7 +27,7 @@
# - shared/github-guard-policy.md
# - shared/pr-code-review-config.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"cdb51c70b04d0eba9bb1c102add031164396e35a4fd6c2aec6b44501a2035896","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"7fafdd0e061ebf649879a793ac588736d92cbb1d5022cb5c5f307c5782f70bc7","strict":true,"agent_id":"codex"}
name: "Grumpy Code Reviewer ๐ฅ"
"on":
@@ -162,7 +162,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Grumpy Code Reviewer ๐ฅ"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Reluctantly reviewed by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ค *sigh* [{workflow_name}]({run_url}) is begrudgingly looking at this {event_type}... This better be worth my time.\",\"runSuccess\":\"๐ค Fine. [{workflow_name}]({run_url}) finished the review. It wasn't completely terrible. I guess. ๐\",\"runFailure\":\"๐ค Great. [{workflow_name}]({run_url}) {status}. As if my day couldn't get any worse...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Reluctantly reviewed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ค *sigh* [{workflow_name}]({run_url}) is begrudgingly looking at this {event_type}... This better be worth my time.\",\"runSuccess\":\"๐ค Fine. [{workflow_name}]({run_url}) finished the review. It wasn't completely terrible. I guess. ๐\",\"runFailure\":\"๐ค Great. [{workflow_name}]({run_url}) {status}. As if my day couldn't get any worse...\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -187,15 +187,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_1806045d5e481193_EOF'
+ cat << 'GH_AW_PROMPT_5e725503d59a4625_EOF'
- GH_AW_PROMPT_1806045d5e481193_EOF
+ GH_AW_PROMPT_5e725503d59a4625_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_1806045d5e481193_EOF'
+ cat << 'GH_AW_PROMPT_5e725503d59a4625_EOF'
Tools: create_pull_request_review_comment(max:5), submit_pull_request_review, missing_tool, missing_data, noop
@@ -227,17 +227,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_1806045d5e481193_EOF
+ GH_AW_PROMPT_5e725503d59a4625_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_1806045d5e481193_EOF'
+ cat << 'GH_AW_PROMPT_5e725503d59a4625_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
{{#runtime-import .github/workflows/shared/pr-code-review-config.md}}
{{#runtime-import .github/workflows/grumpy-reviewer.md}}
- GH_AW_PROMPT_1806045d5e481193_EOF
+ GH_AW_PROMPT_5e725503d59a4625_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -334,6 +334,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: grumpyreviewer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -431,12 +432,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_457287cc97fcc8c3_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_da0cd85a0ff1d627_EOF'
{"create_pull_request_review_comment":{"max":5,"side":"RIGHT"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"submit_pull_request_review":{"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_457287cc97fcc8c3_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_da0cd85a0ff1d627_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_ce9c3602ccc9e75d_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_951d38e2d3380865_EOF'
{
"description_suffixes": {
"create_pull_request_review_comment": " CONSTRAINTS: Maximum 5 review comment(s) can be created. Comments will be on the RIGHT side of the diff.",
@@ -445,8 +446,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_ce9c3602ccc9e75d_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_eccec255c8105672_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_951d38e2d3380865_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_57efae5f64135fb4_EOF'
{
"create_pull_request_review_comment": {
"defaultMax": 1,
@@ -561,7 +562,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_eccec255c8105672_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_57efae5f64135fb4_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -628,7 +629,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_872d62eae65785de_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_2198edc089fd5a7d_EOF
[history]
persistence = "none"
@@ -655,10 +656,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_872d62eae65785de_EOF
+ GH_AW_MCP_CONFIG_2198edc089fd5a7d_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_872d62eae65785de_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_2198edc089fd5a7d_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -701,7 +702,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_872d62eae65785de_EOF
+ GH_AW_MCP_CONFIG_2198edc089fd5a7d_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -811,6 +812,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -975,7 +977,7 @@ jobs:
GH_AW_SECRET_VERIFICATION_RESULT: ${{ needs.activation.outputs.secret_verification_result }}
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Reluctantly reviewed by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ค *sigh* [{workflow_name}]({run_url}) is begrudgingly looking at this {event_type}... This better be worth my time.\",\"runSuccess\":\"๐ค Fine. [{workflow_name}]({run_url}) finished the review. It wasn't completely terrible. I guess. ๐\",\"runFailure\":\"๐ค Great. [{workflow_name}]({run_url}) {status}. As if my day couldn't get any worse...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Reluctantly reviewed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ค *sigh* [{workflow_name}]({run_url}) is begrudgingly looking at this {event_type}... This better be worth my time.\",\"runSuccess\":\"๐ค Fine. [{workflow_name}]({run_url}) finished the review. It wasn't completely terrible. I guess. ๐\",\"runFailure\":\"๐ค Great. [{workflow_name}]({run_url}) {status}. As if my day couldn't get any worse...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -997,7 +999,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Grumpy Code Reviewer ๐ฅ"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Reluctantly reviewed by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ค *sigh* [{workflow_name}]({run_url}) is begrudgingly looking at this {event_type}... This better be worth my time.\",\"runSuccess\":\"๐ค Fine. [{workflow_name}]({run_url}) finished the review. It wasn't completely terrible. I guess. ๐\",\"runFailure\":\"๐ค Great. [{workflow_name}]({run_url}) {status}. As if my day couldn't get any worse...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Reluctantly reviewed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ค *sigh* [{workflow_name}]({run_url}) is begrudgingly looking at this {event_type}... This better be worth my time.\",\"runSuccess\":\"๐ค Fine. [{workflow_name}]({run_url}) finished the review. It wasn't completely terrible. I guess. ๐\",\"runFailure\":\"๐ค Great. [{workflow_name}]({run_url}) {status}. As if my day couldn't get any worse...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1212,9 +1214,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/grumpy-reviewer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Reluctantly reviewed by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ค *sigh* [{workflow_name}]({run_url}) is begrudgingly looking at this {event_type}... This better be worth my time.\",\"runSuccess\":\"๐ค Fine. [{workflow_name}]({run_url}) finished the review. It wasn't completely terrible. I guess. ๐\",\"runFailure\":\"๐ค Great. [{workflow_name}]({run_url}) {status}. As if my day couldn't get any worse...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Reluctantly reviewed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ค *sigh* [{workflow_name}]({run_url}) is begrudgingly looking at this {event_type}... This better be worth my time.\",\"runSuccess\":\"๐ค Fine. [{workflow_name}]({run_url}) finished the review. It wasn't completely terrible. I guess. ๐\",\"runFailure\":\"๐ค Great. [{workflow_name}]({run_url}) {status}. As if my day couldn't get any worse...\"}"
GH_AW_WORKFLOW_ID: "grumpy-reviewer"
GH_AW_WORKFLOW_NAME: "Grumpy Code Reviewer ๐ฅ"
outputs:
diff --git a/.github/workflows/grumpy-reviewer.md b/.github/workflows/grumpy-reviewer.md
index 757c0605d35..dd72314562b 100644
--- a/.github/workflows/grumpy-reviewer.md
+++ b/.github/workflows/grumpy-reviewer.md
@@ -20,7 +20,7 @@ safe-outputs:
create-pull-request-review-comment:
max: 5
messages:
- footer: "> ๐ค *Reluctantly reviewed by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ค *Reluctantly reviewed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ค *sigh* [{workflow_name}]({run_url}) is begrudgingly looking at this {event_type}... This better be worth my time."
run-success: "๐ค Fine. [{workflow_name}]({run_url}) finished the review. It wasn't completely terrible. I guess. ๐"
run-failure: "๐ค Great. [{workflow_name}]({run_url}) {status}. As if my day couldn't get any worse..."
diff --git a/.github/workflows/hourly-ci-cleaner.lock.yml b/.github/workflows/hourly-ci-cleaner.lock.yml
index 65e64e00741..91907a217b5 100644
--- a/.github/workflows/hourly-ci-cleaner.lock.yml
+++ b/.github/workflows/hourly-ci-cleaner.lock.yml
@@ -286,6 +286,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: hourlycicleaner
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -744,6 +745,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1134,6 +1136,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/hourly-ci-cleaner"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "hourly-ci-cleaner"
diff --git a/.github/workflows/instructions-janitor.lock.yml b/.github/workflows/instructions-janitor.lock.yml
index 60993a6dc7e..02f266a98eb 100644
--- a/.github/workflows/instructions-janitor.lock.yml
+++ b/.github/workflows/instructions-janitor.lock.yml
@@ -270,6 +270,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: instructionsjanitor
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -796,6 +797,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1151,6 +1153,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/instructions-janitor"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "instructions-janitor"
diff --git a/.github/workflows/issue-arborist.lock.yml b/.github/workflows/issue-arborist.lock.yml
index f1c3924255b..06f68d3714a 100644
--- a/.github/workflows/issue-arborist.lock.yml
+++ b/.github/workflows/issue-arborist.lock.yml
@@ -270,6 +270,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: issuearborist
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -777,6 +778,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1106,6 +1108,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/issue-arborist"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "issue-arborist"
diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml
index e25fe144ab3..9e2aef4ab91 100644
--- a/.github/workflows/issue-monster.lock.yml
+++ b/.github/workflows/issue-monster.lock.yml
@@ -27,7 +27,7 @@
# - shared/activation-app.md
# - shared/github-guard-policy.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"e4adbd06bead73a338976eea281c282628c5fa9a3117665649bc3f81a85f155e","strict":true,"agent_id":"copilot","agent_model":"gpt-5.1-codex-mini"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"36780c7b3dfa373ce5fd74314c445dbb2794ba22515e14c31123ee0062f65ea6","strict":true,"agent_id":"copilot","agent_model":"gpt-5.1-codex-mini"}
name: "Issue Monster"
"on":
@@ -505,14 +505,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_67957d934be42b20_EOF'
+ cat << 'GH_AW_PROMPT_e71eee8717b5f734_EOF'
- GH_AW_PROMPT_67957d934be42b20_EOF
+ GH_AW_PROMPT_e71eee8717b5f734_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_67957d934be42b20_EOF'
+ cat << 'GH_AW_PROMPT_e71eee8717b5f734_EOF'
Tools: add_comment(max:3), assign_to_agent(max:3), missing_tool, missing_data, noop
@@ -544,14 +544,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_67957d934be42b20_EOF
+ GH_AW_PROMPT_e71eee8717b5f734_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_67957d934be42b20_EOF'
+ cat << 'GH_AW_PROMPT_e71eee8717b5f734_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
{{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/issue-monster.md}}
- GH_AW_PROMPT_67957d934be42b20_EOF
+ GH_AW_PROMPT_e71eee8717b5f734_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -644,6 +644,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: issuemonster
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -722,12 +723,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_8825dc0a4b789d58_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_5d7551800f8e10a7_EOF'
{"add_comment":{"max":3,"target":"*"},"assign_to_agent":{"allowed":["copilot"],"max":3,"target":"*"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_8825dc0a4b789d58_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_5d7551800f8e10a7_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_ba9692a9abc80959_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_ee5db06d940ca933_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 3 comment(s) can be added. Target: *.",
@@ -736,8 +737,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_ba9692a9abc80959_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4308ef279f2bc37a_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_ee5db06d940ca933_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_a46801eeedefbc39_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -840,7 +841,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_4308ef279f2bc37a_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_a46801eeedefbc39_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -908,7 +909,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_d260d1e5da3ed0ad_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_bb876e15355ae348_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -952,7 +953,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_d260d1e5da3ed0ad_EOF
+ GH_AW_MCP_CONFIG_bb876e15355ae348_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -1076,6 +1077,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1233,7 +1235,7 @@ jobs:
GH_AW_ASSIGNMENT_ERRORS: ${{ needs.safe_outputs.outputs.assign_to_agent_assignment_errors }}
GH_AW_ASSIGNMENT_ERROR_COUNT: ${{ needs.safe_outputs.outputs.assign_to_agent_assignment_error_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ช *Om nom nom by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ช ISSUE! ISSUE! [{workflow_name}]({run_url}) hungry for issues on this {event_type}! Om nom nom...\",\"runSuccess\":\"๐ช YUMMY! [{workflow_name}]({run_url}) ate the issues! That was DELICIOUS! Me want MORE! ๐\",\"runFailure\":\"๐ช Aww... [{workflow_name}]({run_url}) {status}. No cookie for monster today... ๐ข\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ช *Om nom nom by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ช ISSUE! ISSUE! [{workflow_name}]({run_url}) hungry for issues on this {event_type}! Om nom nom...\",\"runSuccess\":\"๐ช YUMMY! [{workflow_name}]({run_url}) ate the issues! That was DELICIOUS! Me want MORE! ๐\",\"runFailure\":\"๐ช Aww... [{workflow_name}]({run_url}) {status}. No cookie for monster today... ๐ข\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "30"
@@ -1833,9 +1835,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/issue-monster"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: "gpt-5.1-codex-mini"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ช *Om nom nom by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ช ISSUE! ISSUE! [{workflow_name}]({run_url}) hungry for issues on this {event_type}! Om nom nom...\",\"runSuccess\":\"๐ช YUMMY! [{workflow_name}]({run_url}) ate the issues! That was DELICIOUS! Me want MORE! ๐\",\"runFailure\":\"๐ช Aww... [{workflow_name}]({run_url}) {status}. No cookie for monster today... ๐ข\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ช *Om nom nom by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ช ISSUE! ISSUE! [{workflow_name}]({run_url}) hungry for issues on this {event_type}! Om nom nom...\",\"runSuccess\":\"๐ช YUMMY! [{workflow_name}]({run_url}) ate the issues! That was DELICIOUS! Me want MORE! ๐\",\"runFailure\":\"๐ช Aww... [{workflow_name}]({run_url}) {status}. No cookie for monster today... ๐ข\"}"
GH_AW_WORKFLOW_ID: "issue-monster"
GH_AW_WORKFLOW_NAME: "Issue Monster"
outputs:
diff --git a/.github/workflows/issue-monster.md b/.github/workflows/issue-monster.md
index 282770b1c7b..8152cb10178 100644
--- a/.github/workflows/issue-monster.md
+++ b/.github/workflows/issue-monster.md
@@ -407,7 +407,7 @@ safe-outputs:
max: 3
target: "*"
messages:
- footer: "> ๐ช *Om nom nom by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ช *Om nom nom by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ช ISSUE! ISSUE! [{workflow_name}]({run_url}) hungry for issues on this {event_type}! Om nom nom..."
run-success: "๐ช YUMMY! [{workflow_name}]({run_url}) ate the issues! That was DELICIOUS! Me want MORE! ๐"
run-failure: "๐ช Aww... [{workflow_name}]({run_url}) {status}. No cookie for monster today... ๐ข"
diff --git a/.github/workflows/issue-triage-agent.lock.yml b/.github/workflows/issue-triage-agent.lock.yml
index f8594c0da84..d86ba2807bc 100644
--- a/.github/workflows/issue-triage-agent.lock.yml
+++ b/.github/workflows/issue-triage-agent.lock.yml
@@ -265,6 +265,7 @@ jobs:
GH_AW_MCP_LOG_DIR: /tmp/gh-aw/mcp-logs/safeoutputs
GH_AW_WORKFLOW_ID_SANITIZED: issuetriageagent
outputs:
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -677,6 +678,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1006,6 +1008,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/issue-triage-agent"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "issue-triage-agent"
diff --git a/.github/workflows/jsweep.lock.yml b/.github/workflows/jsweep.lock.yml
index 7c572a1c2fd..ccf8cfcf033 100644
--- a/.github/workflows/jsweep.lock.yml
+++ b/.github/workflows/jsweep.lock.yml
@@ -309,6 +309,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: jsweep
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -787,6 +788,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1131,6 +1133,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/jsweep"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "jsweep-daily"
diff --git a/.github/workflows/layout-spec-maintainer.lock.yml b/.github/workflows/layout-spec-maintainer.lock.yml
index 3a6ddc01779..e5db0b79774 100644
--- a/.github/workflows/layout-spec-maintainer.lock.yml
+++ b/.github/workflows/layout-spec-maintainer.lock.yml
@@ -265,6 +265,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: layoutspecmaintainer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -726,6 +727,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1058,6 +1060,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/layout-spec-maintainer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "layout-spec-maintainer"
diff --git a/.github/workflows/lockfile-stats.lock.yml b/.github/workflows/lockfile-stats.lock.yml
index 26f3a807517..9df250a01cd 100644
--- a/.github/workflows/lockfile-stats.lock.yml
+++ b/.github/workflows/lockfile-stats.lock.yml
@@ -274,6 +274,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: lockfilestats
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -768,6 +769,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -943,6 +945,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/lockfile-stats"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "lockfile-stats"
diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml
index 7e54c4ec1d5..b4e0f19e988 100644
--- a/.github/workflows/mcp-inspector.lock.yml
+++ b/.github/workflows/mcp-inspector.lock.yml
@@ -338,6 +338,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: mcpinspector
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -1216,6 +1217,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1668,6 +1670,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/mcp-inspector"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "mcp-inspector"
diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml
index 08862b9b35d..b0193919782 100644
--- a/.github/workflows/mergefest.lock.yml
+++ b/.github/workflows/mergefest.lock.yml
@@ -315,6 +315,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: mergefest
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -765,6 +766,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1154,6 +1156,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/mergefest"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "mergefest"
diff --git a/.github/workflows/metrics-collector.lock.yml b/.github/workflows/metrics-collector.lock.yml
index 33b6549be44..f02688621b1 100644
--- a/.github/workflows/metrics-collector.lock.yml
+++ b/.github/workflows/metrics-collector.lock.yml
@@ -272,6 +272,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: metricscollector
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
steps:
@@ -575,6 +576,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml
index a85935a915c..3d382840242 100644
--- a/.github/workflows/notion-issue-summary.lock.yml
+++ b/.github/workflows/notion-issue-summary.lock.yml
@@ -268,6 +268,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: notionissuesummary
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -695,6 +696,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -990,6 +992,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/notion-issue-summary"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "notion-issue-summary"
diff --git a/.github/workflows/org-health-report.lock.yml b/.github/workflows/org-health-report.lock.yml
index 5b85ae0787d..b69fcc16109 100644
--- a/.github/workflows/org-health-report.lock.yml
+++ b/.github/workflows/org-health-report.lock.yml
@@ -282,6 +282,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: orghealthreport
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -756,6 +757,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1108,6 +1110,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/org-health-report"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "org-health-report"
diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml
index 9664ef75f22..0ff840d02f8 100644
--- a/.github/workflows/pdf-summary.lock.yml
+++ b/.github/workflows/pdf-summary.lock.yml
@@ -26,7 +26,7 @@
# Imports:
# - shared/mcp/markitdown.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"6d3174d6f6e18cf0e99b8c93c294401c6d7ddb699196eaa13776f0b49f5909ed","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"02a7f83e5b003d735d337f1a1b20948163173cf77a8dfe2cc7c5f0526857c93a","strict":true,"agent_id":"copilot"}
name: "Resource Summarizer Agent"
"on":
@@ -174,7 +174,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Resource Summarizer Agent"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Summary compiled by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Page by page! [{workflow_name}]({run_url}) is reading through this {event_type}...\",\"runSuccess\":\"๐ TL;DR ready! [{workflow_name}]({run_url}) has distilled the essence. Knowledge condensed! โจ\",\"runFailure\":\"๐ Reading interrupted! [{workflow_name}]({run_url}) {status}. The document remains unsummarized...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Summary compiled by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Page by page! [{workflow_name}]({run_url}) is reading through this {event_type}...\",\"runSuccess\":\"๐ TL;DR ready! [{workflow_name}]({run_url}) has distilled the essence. Knowledge condensed! โจ\",\"runFailure\":\"๐ Reading interrupted! [{workflow_name}]({run_url}) {status}. The document remains unsummarized...\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -202,15 +202,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_4b8e89f4e47016e2_EOF'
+ cat << 'GH_AW_PROMPT_fbd700c23200a90f_EOF'
- GH_AW_PROMPT_4b8e89f4e47016e2_EOF
+ GH_AW_PROMPT_fbd700c23200a90f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_4b8e89f4e47016e2_EOF'
+ cat << 'GH_AW_PROMPT_fbd700c23200a90f_EOF'
Tools: add_comment, create_discussion, missing_tool, missing_data, noop
@@ -242,16 +242,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_4b8e89f4e47016e2_EOF
+ GH_AW_PROMPT_fbd700c23200a90f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_4b8e89f4e47016e2_EOF'
+ cat << 'GH_AW_PROMPT_fbd700c23200a90f_EOF'
{{#runtime-import .github/workflows/shared/mcp/markitdown.md}}
{{#runtime-import .github/workflows/pdf-summary.md}}
- GH_AW_PROMPT_4b8e89f4e47016e2_EOF
+ GH_AW_PROMPT_fbd700c23200a90f_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -359,6 +359,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: pdfsummary
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -454,12 +455,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_e8fb66d268f02c3d_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_92a9456705fbef51_EOF'
{"add_comment":{"max":1},"create_discussion":{"expires":24,"fallback_to_issue":true,"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_e8fb66d268f02c3d_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_92a9456705fbef51_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_af6545c840872d4e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_4c2cf073b7455a1e_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added.",
@@ -468,8 +469,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_af6545c840872d4e_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_33559eb260d06568_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_4c2cf073b7455a1e_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_a949888189628d2c_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -573,7 +574,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_33559eb260d06568_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_a949888189628d2c_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -643,7 +644,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_36ce00ae3368765e_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_3630b02970b0fa14_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -698,7 +699,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_36ce00ae3368765e_EOF
+ GH_AW_MCP_CONFIG_3630b02970b0fa14_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -823,6 +824,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -990,7 +992,7 @@ jobs:
GH_AW_CREATE_DISCUSSION_ERRORS: ${{ needs.safe_outputs.outputs.create_discussion_errors }}
GH_AW_CREATE_DISCUSSION_ERROR_COUNT: ${{ needs.safe_outputs.outputs.create_discussion_error_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Summary compiled by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Page by page! [{workflow_name}]({run_url}) is reading through this {event_type}...\",\"runSuccess\":\"๐ TL;DR ready! [{workflow_name}]({run_url}) has distilled the essence. Knowledge condensed! โจ\",\"runFailure\":\"๐ Reading interrupted! [{workflow_name}]({run_url}) {status}. The document remains unsummarized...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Summary compiled by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Page by page! [{workflow_name}]({run_url}) is reading through this {event_type}...\",\"runSuccess\":\"๐ TL;DR ready! [{workflow_name}]({run_url}) has distilled the essence. Knowledge condensed! โจ\",\"runFailure\":\"๐ Reading interrupted! [{workflow_name}]({run_url}) {status}. The document remains unsummarized...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "15"
@@ -1012,7 +1014,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Resource Summarizer Agent"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Summary compiled by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Page by page! [{workflow_name}]({run_url}) is reading through this {event_type}...\",\"runSuccess\":\"๐ TL;DR ready! [{workflow_name}]({run_url}) has distilled the essence. Knowledge condensed! โจ\",\"runFailure\":\"๐ Reading interrupted! [{workflow_name}]({run_url}) {status}. The document remains unsummarized...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Summary compiled by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Page by page! [{workflow_name}]({run_url}) is reading through this {event_type}...\",\"runSuccess\":\"๐ TL;DR ready! [{workflow_name}]({run_url}) has distilled the essence. Knowledge condensed! โจ\",\"runFailure\":\"๐ Reading interrupted! [{workflow_name}]({run_url}) {status}. The document remains unsummarized...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1229,9 +1231,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/pdf-summary"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Summary compiled by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Page by page! [{workflow_name}]({run_url}) is reading through this {event_type}...\",\"runSuccess\":\"๐ TL;DR ready! [{workflow_name}]({run_url}) has distilled the essence. Knowledge condensed! โจ\",\"runFailure\":\"๐ Reading interrupted! [{workflow_name}]({run_url}) {status}. The document remains unsummarized...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Summary compiled by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Page by page! [{workflow_name}]({run_url}) is reading through this {event_type}...\",\"runSuccess\":\"๐ TL;DR ready! [{workflow_name}]({run_url}) has distilled the essence. Knowledge condensed! โจ\",\"runFailure\":\"๐ Reading interrupted! [{workflow_name}]({run_url}) {status}. The document remains unsummarized...\"}"
GH_AW_WORKFLOW_ID: "pdf-summary"
GH_AW_WORKFLOW_NAME: "Resource Summarizer Agent"
outputs:
diff --git a/.github/workflows/pdf-summary.md b/.github/workflows/pdf-summary.md
index 1ae05ec14ba..c58439a6144 100644
--- a/.github/workflows/pdf-summary.md
+++ b/.github/workflows/pdf-summary.md
@@ -40,7 +40,7 @@ safe-outputs:
expires: 1d
max: 1
messages:
- footer: "> ๐ *Summary compiled by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ *Summary compiled by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ Page by page! [{workflow_name}]({run_url}) is reading through this {event_type}..."
run-success: "๐ TL;DR ready! [{workflow_name}]({run_url}) has distilled the essence. Knowledge condensed! โจ"
run-failure: "๐ Reading interrupted! [{workflow_name}]({run_url}) {status}. The document remains unsummarized..."
diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml
index d95a42c8af8..35c81f82179 100644
--- a/.github/workflows/plan.lock.yml
+++ b/.github/workflows/plan.lock.yml
@@ -318,6 +318,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: plan
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -767,6 +768,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1157,6 +1159,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/plan"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "plan"
diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml
index 5349cb6bb28..11fbe6eb7ac 100644
--- a/.github/workflows/poem-bot.lock.yml
+++ b/.github/workflows/poem-bot.lock.yml
@@ -26,7 +26,7 @@
# Imports:
# - shared/reporting.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"e24bfae6e6ba9dc7f6a26fe8161c93e8774e99aa4873bb6744f0c887c91a4483","strict":true,"agent_id":"copilot","agent_model":"gpt-5"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"e2d671c2f3b2f83a8609098d8ab054223ef6a120903156fb9d340bdad359a203","strict":true,"agent_id":"copilot","agent_model":"gpt-5"}
name: "Poem Bot - A Creative Agentic Workflow"
"on":
@@ -168,7 +168,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Poem Bot - A Creative Agentic Workflow"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Verses penned by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ญ Hear ye! The muse stirs! [{workflow_name}]({run_url}) takes quill in hand for this {event_type}...\",\"runSuccess\":\"๐ชถ The poem is writ! [{workflow_name}]({run_url}) has composed verses most fair. Applause! ๐\",\"runFailure\":\"๐ญ Alas! [{workflow_name}]({run_url}) {status}. The muse has fled, leaving verses unsung...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Verses penned by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ญ Hear ye! The muse stirs! [{workflow_name}]({run_url}) takes quill in hand for this {event_type}...\",\"runSuccess\":\"๐ชถ The poem is writ! [{workflow_name}]({run_url}) has composed verses most fair. Applause! ๐\",\"runFailure\":\"๐ญ Alas! [{workflow_name}]({run_url}) {status}. The muse has fled, leaving verses unsung...\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -194,21 +194,21 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_5fc315a4df6b25f8_EOF'
+ cat << 'GH_AW_PROMPT_0ac5143454a0c6c7_EOF'
- GH_AW_PROMPT_5fc315a4df6b25f8_EOF
+ GH_AW_PROMPT_0ac5143454a0c6c7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_5fc315a4df6b25f8_EOF'
+ cat << 'GH_AW_PROMPT_0ac5143454a0c6c7_EOF'
Tools: add_comment(max:3), create_issue(max:2), update_issue(max:2), create_discussion(max:2), create_agent_session, create_pull_request, close_pull_request(max:2), create_pull_request_review_comment(max:2), add_labels(max:5), push_to_pull_request_branch, upload_asset, link_sub_issue(max:3), missing_tool, missing_data, noop
- GH_AW_PROMPT_5fc315a4df6b25f8_EOF
+ GH_AW_PROMPT_0ac5143454a0c6c7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_push_to_pr_branch.md"
- cat << 'GH_AW_PROMPT_5fc315a4df6b25f8_EOF'
+ cat << 'GH_AW_PROMPT_0ac5143454a0c6c7_EOF'
upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
@@ -240,7 +240,7 @@ jobs:
{{/if}}
- GH_AW_PROMPT_5fc315a4df6b25f8_EOF
+ GH_AW_PROMPT_0ac5143454a0c6c7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
@@ -248,11 +248,11 @@ jobs:
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_push_to_pr_branch_guidance.md"
fi
- cat << 'GH_AW_PROMPT_5fc315a4df6b25f8_EOF'
+ cat << 'GH_AW_PROMPT_0ac5143454a0c6c7_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/poem-bot.md}}
- GH_AW_PROMPT_5fc315a4df6b25f8_EOF
+ GH_AW_PROMPT_0ac5143454a0c6c7_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -353,6 +353,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: poembot
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -448,12 +449,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_06109abbd5f4207e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_db2802546e61ba4d_EOF'
{"add_comment":{"max":3,"target":"*"},"add_labels":{"allowed":["poetry","creative","automation","ai-generated","epic","haiku","sonnet","limerick"],"max":5},"close_pull_request":{"max":2,"required_labels":["poetry","automation"],"required_title_prefix":"[๐จ POETRY]","target":"*"},"create_agent_session":{"base":"main","max":1},"create_discussion":{"category":"audits","close_older_discussions":true,"expires":24,"fallback_to_issue":true,"labels":["poetry","automation","ai-generated"],"max":2,"title_prefix":"[๐ POETRY] "},"create_issue":{"expires":48,"group":true,"labels":["poetry","automation","ai-generated"],"max":2,"title_prefix":"[๐ญ POEM-BOT] "},"create_pull_request":{"draft":false,"expires":48,"labels":["poetry","automation","creative-writing"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"reviewers":["copilot"],"title_prefix":"[๐จ POETRY] "},"create_pull_request_review_comment":{"max":2,"side":"RIGHT"},"link_sub_issue":{"max":3,"parent_required_labels":["poetry","epic"],"parent_title_prefix":"[๐ญ POEM-BOT]","sub_required_labels":["poetry"],"sub_title_prefix":"[๐ญ POEM-BOT]"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_to_pull_request_branch":{"if_no_changes":"warn","max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"]},"update_issue":{"allow_body":true,"allow_status":true,"allow_title":true,"max":2,"target":"*"},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_06109abbd5f4207e_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_db2802546e61ba4d_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_fef956f8c46130e2_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_355eceea1a4e3b26_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 3 comment(s) can be added. Target: *.",
@@ -471,8 +472,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_fef956f8c46130e2_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_a61bcbeffac9609d_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_355eceea1a4e3b26_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_453bdd33d1a8ccf9_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -835,7 +836,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_a61bcbeffac9609d_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_453bdd33d1a8ccf9_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -908,7 +909,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_6812309d8f8f79bd_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_66acaa7ee379da27_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -949,7 +950,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_6812309d8f8f79bd_EOF
+ GH_AW_MCP_CONFIG_66acaa7ee379da27_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -1102,6 +1103,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1279,7 +1281,7 @@ jobs:
GH_AW_CODE_PUSH_FAILURE_ERRORS: ${{ needs.safe_outputs.outputs.code_push_failure_errors }}
GH_AW_CODE_PUSH_FAILURE_COUNT: ${{ needs.safe_outputs.outputs.code_push_failure_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Verses penned by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ญ Hear ye! The muse stirs! [{workflow_name}]({run_url}) takes quill in hand for this {event_type}...\",\"runSuccess\":\"๐ชถ The poem is writ! [{workflow_name}]({run_url}) has composed verses most fair. Applause! ๐\",\"runFailure\":\"๐ญ Alas! [{workflow_name}]({run_url}) {status}. The muse has fled, leaving verses unsung...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Verses penned by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ญ Hear ye! The muse stirs! [{workflow_name}]({run_url}) takes quill in hand for this {event_type}...\",\"runSuccess\":\"๐ชถ The poem is writ! [{workflow_name}]({run_url}) has composed verses most fair. Applause! ๐\",\"runFailure\":\"๐ญ Alas! [{workflow_name}]({run_url}) {status}. The muse has fled, leaving verses unsung...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -1301,7 +1303,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Poem Bot - A Creative Agentic Workflow"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Verses penned by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ญ Hear ye! The muse stirs! [{workflow_name}]({run_url}) takes quill in hand for this {event_type}...\",\"runSuccess\":\"๐ชถ The poem is writ! [{workflow_name}]({run_url}) has composed verses most fair. Applause! ๐\",\"runFailure\":\"๐ญ Alas! [{workflow_name}]({run_url}) {status}. The muse has fled, leaving verses unsung...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Verses penned by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ญ Hear ye! The muse stirs! [{workflow_name}]({run_url}) takes quill in hand for this {event_type}...\",\"runSuccess\":\"๐ชถ The poem is writ! [{workflow_name}]({run_url}) has composed verses most fair. Applause! ๐\",\"runFailure\":\"๐ญ Alas! [{workflow_name}]({run_url}) {status}. The muse has fled, leaving verses unsung...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1514,10 +1516,11 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/poem-bot"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: "gpt-5"
GH_AW_SAFE_OUTPUTS_STAGED: "true"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Verses penned by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ญ Hear ye! The muse stirs! [{workflow_name}]({run_url}) takes quill in hand for this {event_type}...\",\"runSuccess\":\"๐ชถ The poem is writ! [{workflow_name}]({run_url}) has composed verses most fair. Applause! ๐\",\"runFailure\":\"๐ญ Alas! [{workflow_name}]({run_url}) {status}. The muse has fled, leaving verses unsung...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Verses penned by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ญ Hear ye! The muse stirs! [{workflow_name}]({run_url}) takes quill in hand for this {event_type}...\",\"runSuccess\":\"๐ชถ The poem is writ! [{workflow_name}]({run_url}) has composed verses most fair. Applause! ๐\",\"runFailure\":\"๐ญ Alas! [{workflow_name}]({run_url}) {status}. The muse has fled, leaving verses unsung...\"}"
GH_AW_WORKFLOW_ID: "poem-bot"
GH_AW_WORKFLOW_NAME: "Poem Bot - A Creative Agentic Workflow"
outputs:
@@ -1726,7 +1729,7 @@ jobs:
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: "gpt-5"
GH_AW_SAFE_OUTPUTS_STAGED: "true"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Verses penned by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ญ Hear ye! The muse stirs! [{workflow_name}]({run_url}) takes quill in hand for this {event_type}...\",\"runSuccess\":\"๐ชถ The poem is writ! [{workflow_name}]({run_url}) has composed verses most fair. Applause! ๐\",\"runFailure\":\"๐ญ Alas! [{workflow_name}]({run_url}) {status}. The muse has fled, leaving verses unsung...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ชถ *Verses penned by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ญ Hear ye! The muse stirs! [{workflow_name}]({run_url}) takes quill in hand for this {event_type}...\",\"runSuccess\":\"๐ชถ The poem is writ! [{workflow_name}]({run_url}) has composed verses most fair. Applause! ๐\",\"runFailure\":\"๐ญ Alas! [{workflow_name}]({run_url}) {status}. The muse has fled, leaving verses unsung...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/poem-bot.md b/.github/workflows/poem-bot.md
index b0688560b1f..e6f64a2c10c 100644
--- a/.github/workflows/poem-bot.md
+++ b/.github/workflows/poem-bot.md
@@ -136,7 +136,7 @@ safe-outputs:
# Custom messages in poetic style
messages:
- footer: "> ๐ชถ *Verses penned by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ชถ *Verses penned by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ญ Hear ye! The muse stirs! [{workflow_name}]({run_url}) takes quill in hand for this {event_type}..."
run-success: "๐ชถ The poem is writ! [{workflow_name}]({run_url}) has composed verses most fair. Applause! ๐"
run-failure: "๐ญ Alas! [{workflow_name}]({run_url}) {status}. The muse has fled, leaving verses unsung..."
diff --git a/.github/workflows/portfolio-analyst.lock.yml b/.github/workflows/portfolio-analyst.lock.yml
index 3ae0eb4c463..96b295efa34 100644
--- a/.github/workflows/portfolio-analyst.lock.yml
+++ b/.github/workflows/portfolio-analyst.lock.yml
@@ -282,6 +282,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: portfolioanalyst
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -835,6 +836,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1188,6 +1190,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/portfolio-analyst"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "portfolio-analyst-weekly"
diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml
index 1cb78361bfc..1723be8724a 100644
--- a/.github/workflows/pr-nitpick-reviewer.lock.yml
+++ b/.github/workflows/pr-nitpick-reviewer.lock.yml
@@ -27,7 +27,7 @@
# - shared/pr-code-review-config.md
# - shared/reporting.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"1c5afbcc15ccde9b0714225f3bbbfb1579751480ac6e9b3e0c46a2e34cbfec5c","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"3a3569523c6724705718f55fd70609a53530291225ae7a15a0b76da7ec5b59ef","strict":true,"agent_id":"copilot"}
name: "PR Nitpick Reviewer ๐"
"on":
@@ -158,7 +158,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "PR Nitpick Reviewer ๐"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Meticulously inspected by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฌ Adjusting monocle... [{workflow_name}]({run_url}) is scrutinizing every pixel of this {event_type}...\",\"runSuccess\":\"๐ Nitpicks catalogued! [{workflow_name}]({run_url}) has documented all the tiny details. Perfection awaits! โ
\",\"runFailure\":\"๐ฌ Lens cracked! [{workflow_name}]({run_url}) {status}. Some nitpicks remain undetected...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Meticulously inspected by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฌ Adjusting monocle... [{workflow_name}]({run_url}) is scrutinizing every pixel of this {event_type}...\",\"runSuccess\":\"๐ Nitpicks catalogued! [{workflow_name}]({run_url}) has documented all the tiny details. Perfection awaits! โ
\",\"runFailure\":\"๐ฌ Lens cracked! [{workflow_name}]({run_url}) {status}. Some nitpicks remain undetected...\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -183,15 +183,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_c3bd2f572dae5dc1_EOF'
+ cat << 'GH_AW_PROMPT_149c31a3e5507528_EOF'
- GH_AW_PROMPT_c3bd2f572dae5dc1_EOF
+ GH_AW_PROMPT_149c31a3e5507528_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_c3bd2f572dae5dc1_EOF'
+ cat << 'GH_AW_PROMPT_149c31a3e5507528_EOF'
Tools: create_discussion, create_pull_request_review_comment(max:10), submit_pull_request_review, missing_tool, missing_data, noop
@@ -223,17 +223,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_c3bd2f572dae5dc1_EOF
+ GH_AW_PROMPT_149c31a3e5507528_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_c3bd2f572dae5dc1_EOF'
+ cat << 'GH_AW_PROMPT_149c31a3e5507528_EOF'
{{#runtime-import .github/workflows/shared/pr-code-review-config.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/pr-nitpick-reviewer.md}}
- GH_AW_PROMPT_c3bd2f572dae5dc1_EOF
+ GH_AW_PROMPT_149c31a3e5507528_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -332,6 +332,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: prnitpickreviewer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -427,12 +428,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_06922289851d79c4_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_29afc451a36989b9_EOF'
{"create_discussion":{"category":"audits","expires":24,"fallback_to_issue":true,"max":1,"title_prefix":"[nitpick-report] "},"create_pull_request_review_comment":{"max":10,"side":"RIGHT"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"submit_pull_request_review":{"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_06922289851d79c4_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_29afc451a36989b9_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_f6f98734e7cf1e4a_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_303b67875288ae63_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[nitpick-report] \". Discussions will be created in category \"audits\".",
@@ -442,8 +443,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_f6f98734e7cf1e4a_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_826748af0120731c_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_303b67875288ae63_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_7f95b452d99755f7_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -584,7 +585,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_826748af0120731c_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_7f95b452d99755f7_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -654,7 +655,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_48e90c0aa0124682_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_0eba254c4d20a470_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -695,7 +696,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_48e90c0aa0124682_EOF
+ GH_AW_MCP_CONFIG_0eba254c4d20a470_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -820,6 +821,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -987,7 +989,7 @@ jobs:
GH_AW_CREATE_DISCUSSION_ERRORS: ${{ needs.safe_outputs.outputs.create_discussion_errors }}
GH_AW_CREATE_DISCUSSION_ERROR_COUNT: ${{ needs.safe_outputs.outputs.create_discussion_error_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Meticulously inspected by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฌ Adjusting monocle... [{workflow_name}]({run_url}) is scrutinizing every pixel of this {event_type}...\",\"runSuccess\":\"๐ Nitpicks catalogued! [{workflow_name}]({run_url}) has documented all the tiny details. Perfection awaits! โ
\",\"runFailure\":\"๐ฌ Lens cracked! [{workflow_name}]({run_url}) {status}. Some nitpicks remain undetected...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Meticulously inspected by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฌ Adjusting monocle... [{workflow_name}]({run_url}) is scrutinizing every pixel of this {event_type}...\",\"runSuccess\":\"๐ Nitpicks catalogued! [{workflow_name}]({run_url}) has documented all the tiny details. Perfection awaits! โ
\",\"runFailure\":\"๐ฌ Lens cracked! [{workflow_name}]({run_url}) {status}. Some nitpicks remain undetected...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "15"
@@ -1009,7 +1011,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "PR Nitpick Reviewer ๐"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Meticulously inspected by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฌ Adjusting monocle... [{workflow_name}]({run_url}) is scrutinizing every pixel of this {event_type}...\",\"runSuccess\":\"๐ Nitpicks catalogued! [{workflow_name}]({run_url}) has documented all the tiny details. Perfection awaits! โ
\",\"runFailure\":\"๐ฌ Lens cracked! [{workflow_name}]({run_url}) {status}. Some nitpicks remain undetected...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Meticulously inspected by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฌ Adjusting monocle... [{workflow_name}]({run_url}) is scrutinizing every pixel of this {event_type}...\",\"runSuccess\":\"๐ Nitpicks catalogued! [{workflow_name}]({run_url}) has documented all the tiny details. Perfection awaits! โ
\",\"runFailure\":\"๐ฌ Lens cracked! [{workflow_name}]({run_url}) {status}. Some nitpicks remain undetected...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1226,9 +1228,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/pr-nitpick-reviewer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Meticulously inspected by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฌ Adjusting monocle... [{workflow_name}]({run_url}) is scrutinizing every pixel of this {event_type}...\",\"runSuccess\":\"๐ Nitpicks catalogued! [{workflow_name}]({run_url}) has documented all the tiny details. Perfection awaits! โ
\",\"runFailure\":\"๐ฌ Lens cracked! [{workflow_name}]({run_url}) {status}. Some nitpicks remain undetected...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Meticulously inspected by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฌ Adjusting monocle... [{workflow_name}]({run_url}) is scrutinizing every pixel of this {event_type}...\",\"runSuccess\":\"๐ Nitpicks catalogued! [{workflow_name}]({run_url}) has documented all the tiny details. Perfection awaits! โ
\",\"runFailure\":\"๐ฌ Lens cracked! [{workflow_name}]({run_url}) {status}. Some nitpicks remain undetected...\"}"
GH_AW_WORKFLOW_ID: "pr-nitpick-reviewer"
GH_AW_WORKFLOW_NAME: "PR Nitpick Reviewer ๐"
outputs:
diff --git a/.github/workflows/pr-nitpick-reviewer.md b/.github/workflows/pr-nitpick-reviewer.md
index 93672c6974f..6d4771667d7 100644
--- a/.github/workflows/pr-nitpick-reviewer.md
+++ b/.github/workflows/pr-nitpick-reviewer.md
@@ -18,7 +18,7 @@ safe-outputs:
create-pull-request-review-comment:
max: 10
messages:
- footer: "> ๐ *Meticulously inspected by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ *Meticulously inspected by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ฌ Adjusting monocle... [{workflow_name}]({run_url}) is scrutinizing every pixel of this {event_type}..."
run-success: "๐ Nitpicks catalogued! [{workflow_name}]({run_url}) has documented all the tiny details. Perfection awaits! โ
"
run-failure: "๐ฌ Lens cracked! [{workflow_name}]({run_url}) {status}. Some nitpicks remain undetected..."
diff --git a/.github/workflows/pr-triage-agent.lock.yml b/.github/workflows/pr-triage-agent.lock.yml
index 7b7023c8a6d..83fe1ecc619 100644
--- a/.github/workflows/pr-triage-agent.lock.yml
+++ b/.github/workflows/pr-triage-agent.lock.yml
@@ -281,6 +281,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: prtriageagent
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -751,6 +752,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1179,6 +1181,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/pr-triage-agent"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_SAFE_OUTPUT_MESSAGES: "{\"runStarted\":\"๐ Starting PR triage analysis... [{workflow_name}]({run_url}) is categorizing and prioritizing agent-created PRs\",\"runSuccess\":\"โ
PR triage complete! [{workflow_name}]({run_url}) has analyzed and categorized PRs. Check the issue for detailed report.\",\"runFailure\":\"โ PR triage failed! [{workflow_name}]({run_url}) {status}. Some PRs may not be triaged.\"}"
diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml
index fedd232bf63..a74d3ffd36e 100644
--- a/.github/workflows/prompt-clustering-analysis.lock.yml
+++ b/.github/workflows/prompt-clustering-analysis.lock.yml
@@ -286,6 +286,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: promptclusteringanalysis
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -907,6 +908,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1082,6 +1084,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/prompt-clustering-analysis"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "prompt-clustering-analysis"
diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml
index dfec5f12a2f..e189ab673d0 100644
--- a/.github/workflows/python-data-charts.lock.yml
+++ b/.github/workflows/python-data-charts.lock.yml
@@ -277,6 +277,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: pythondatacharts
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -824,6 +825,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1174,6 +1176,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/python-data-charts"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "python-data-charts"
diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml
index 256979cf10c..1b83dcc2eea 100644
--- a/.github/workflows/q.lock.yml
+++ b/.github/workflows/q.lock.yml
@@ -27,7 +27,7 @@
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"704596354fec846cb7314ed6649228461f0e913a502d163b78c663edc275a83b","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"ac89fcdaf6ff5ce52cd3854c0951c11f2bf3b716e36d931d08427f06ec995e0b","strict":true,"agent_id":"copilot"}
name: "Q"
"on":
@@ -180,7 +180,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Q"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉ *Equipped by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ง Pay attention, 007! [{workflow_name}]({run_url}) is preparing your gadgets for this {event_type}...\",\"runSuccess\":\"๐ฉ Mission equipment ready! [{workflow_name}]({run_url}) has optimized your workflow. Use wisely, 007! ๐ซ\",\"runFailure\":\"๐ง Technical difficulties! [{workflow_name}]({run_url}) {status}. Even Q Branch has bad days...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉ *Equipped by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ง Pay attention, 007! [{workflow_name}]({run_url}) is preparing your gadgets for this {event_type}...\",\"runSuccess\":\"๐ฉ Mission equipment ready! [{workflow_name}]({run_url}) has optimized your workflow. Use wisely, 007! ๐ซ\",\"runFailure\":\"๐ง Technical difficulties! [{workflow_name}]({run_url}) {status}. Even Q Branch has bad days...\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -206,21 +206,21 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_e92927e3ecc12fba_EOF'
+ cat << 'GH_AW_PROMPT_a0c3414a8d08f8d7_EOF'
- GH_AW_PROMPT_e92927e3ecc12fba_EOF
+ GH_AW_PROMPT_a0c3414a8d08f8d7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_e92927e3ecc12fba_EOF'
+ cat << 'GH_AW_PROMPT_a0c3414a8d08f8d7_EOF'
Tools: add_comment, create_pull_request, add_labels, missing_tool, missing_data, noop
- GH_AW_PROMPT_e92927e3ecc12fba_EOF
+ GH_AW_PROMPT_a0c3414a8d08f8d7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_e92927e3ecc12fba_EOF'
+ cat << 'GH_AW_PROMPT_a0c3414a8d08f8d7_EOF'
The following GitHub context information is available for this workflow:
@@ -250,12 +250,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_e92927e3ecc12fba_EOF
+ GH_AW_PROMPT_a0c3414a8d08f8d7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_e92927e3ecc12fba_EOF'
+ cat << 'GH_AW_PROMPT_a0c3414a8d08f8d7_EOF'
## Serena Code Analysis
@@ -290,7 +290,7 @@ jobs:
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
{{#runtime-import .github/workflows/q.md}}
- GH_AW_PROMPT_e92927e3ecc12fba_EOF
+ GH_AW_PROMPT_a0c3414a8d08f8d7_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -397,6 +397,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: q
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -543,12 +544,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_8abfc733b336b13e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_62e607fe7c1c6d9e_EOF'
{"add_comment":{"max":1},"add_labels":{"allowed":["spam"]},"create_pull_request":{"draft":false,"expires":48,"if_no_changes":"ignore","labels":["automation","workflow-optimization"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_files_policy":"fallback-to-issue","protected_path_prefixes":[".github/",".agents/"],"reviewers":["copilot"],"title_prefix":"[q] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_8abfc733b336b13e_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_62e607fe7c1c6d9e_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_06aeed41d4c643bb_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_524dff04679337b6_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added.",
@@ -558,8 +559,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_06aeed41d4c643bb_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_1447ed8e70f07986_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_524dff04679337b6_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_5cb147c542a2f126_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -692,7 +693,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_1447ed8e70f07986_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_5cb147c542a2f126_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -761,7 +762,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_b7f463518ff306d0_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_c649e0fc30544e48_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -853,7 +854,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_b7f463518ff306d0_EOF
+ GH_AW_MCP_CONFIG_c649e0fc30544e48_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -978,6 +979,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1147,7 +1149,7 @@ jobs:
GH_AW_CODE_PUSH_FAILURE_ERRORS: ${{ needs.safe_outputs.outputs.code_push_failure_errors }}
GH_AW_CODE_PUSH_FAILURE_COUNT: ${{ needs.safe_outputs.outputs.code_push_failure_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉ *Equipped by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ง Pay attention, 007! [{workflow_name}]({run_url}) is preparing your gadgets for this {event_type}...\",\"runSuccess\":\"๐ฉ Mission equipment ready! [{workflow_name}]({run_url}) has optimized your workflow. Use wisely, 007! ๐ซ\",\"runFailure\":\"๐ง Technical difficulties! [{workflow_name}]({run_url}) {status}. Even Q Branch has bad days...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉ *Equipped by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ง Pay attention, 007! [{workflow_name}]({run_url}) is preparing your gadgets for this {event_type}...\",\"runSuccess\":\"๐ฉ Mission equipment ready! [{workflow_name}]({run_url}) has optimized your workflow. Use wisely, 007! ๐ซ\",\"runFailure\":\"๐ง Technical difficulties! [{workflow_name}]({run_url}) {status}. Even Q Branch has bad days...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "15"
@@ -1169,7 +1171,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Q"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉ *Equipped by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ง Pay attention, 007! [{workflow_name}]({run_url}) is preparing your gadgets for this {event_type}...\",\"runSuccess\":\"๐ฉ Mission equipment ready! [{workflow_name}]({run_url}) has optimized your workflow. Use wisely, 007! ๐ซ\",\"runFailure\":\"๐ง Technical difficulties! [{workflow_name}]({run_url}) {status}. Even Q Branch has bad days...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉ *Equipped by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ง Pay attention, 007! [{workflow_name}]({run_url}) is preparing your gadgets for this {event_type}...\",\"runSuccess\":\"๐ฉ Mission equipment ready! [{workflow_name}]({run_url}) has optimized your workflow. Use wisely, 007! ๐ซ\",\"runFailure\":\"๐ง Technical difficulties! [{workflow_name}]({run_url}) {status}. Even Q Branch has bad days...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1387,9 +1389,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/q"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉ *Equipped by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ง Pay attention, 007! [{workflow_name}]({run_url}) is preparing your gadgets for this {event_type}...\",\"runSuccess\":\"๐ฉ Mission equipment ready! [{workflow_name}]({run_url}) has optimized your workflow. Use wisely, 007! ๐ซ\",\"runFailure\":\"๐ง Technical difficulties! [{workflow_name}]({run_url}) {status}. Even Q Branch has bad days...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฉ *Equipped by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ง Pay attention, 007! [{workflow_name}]({run_url}) is preparing your gadgets for this {event_type}...\",\"runSuccess\":\"๐ฉ Mission equipment ready! [{workflow_name}]({run_url}) has optimized your workflow. Use wisely, 007! ๐ซ\",\"runFailure\":\"๐ง Technical difficulties! [{workflow_name}]({run_url}) {status}. Even Q Branch has bad days...\"}"
GH_AW_WORKFLOW_ID: "q"
GH_AW_WORKFLOW_NAME: "Q"
outputs:
diff --git a/.github/workflows/q.md b/.github/workflows/q.md
index 25093bff462..b1635c0e350 100644
--- a/.github/workflows/q.md
+++ b/.github/workflows/q.md
@@ -41,7 +41,7 @@ safe-outputs:
if-no-changes: "ignore"
protected-files: fallback-to-issue
messages:
- footer: "> ๐ฉ *Equipped by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ฉ *Equipped by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ง Pay attention, 007! [{workflow_name}]({run_url}) is preparing your gadgets for this {event_type}..."
run-success: "๐ฉ Mission equipment ready! [{workflow_name}]({run_url}) has optimized your workflow. Use wisely, 007! ๐ซ"
run-failure: "๐ง Technical difficulties! [{workflow_name}]({run_url}) {status}. Even Q Branch has bad days..."
diff --git a/.github/workflows/refiner.lock.yml b/.github/workflows/refiner.lock.yml
index 6ba3cea0ec4..051ecc5d4d0 100644
--- a/.github/workflows/refiner.lock.yml
+++ b/.github/workflows/refiner.lock.yml
@@ -299,6 +299,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: refiner
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -742,6 +743,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1111,6 +1113,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/refiner"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_SAFE_OUTPUT_MESSAGES: "{\"runStarted\":\"๐ Starting code refinement... [{workflow_name}]({run_url}) is analyzing PR #${{ github.event.pull_request.number }} for style alignment and security issues\",\"runSuccess\":\"โ
Refinement complete! [{workflow_name}]({run_url}) has created a PR with improvements for PR #${{ github.event.pull_request.number }}\",\"runFailure\":\"โ Refinement failed! [{workflow_name}]({run_url}) {status} while processing PR #${{ github.event.pull_request.number }}\"}"
diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml
index 879c6ed524c..aa3a26e5483 100644
--- a/.github/workflows/release.lock.yml
+++ b/.github/workflows/release.lock.yml
@@ -281,6 +281,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: release
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -726,6 +727,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1426,6 +1428,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/release"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "release"
diff --git a/.github/workflows/repo-audit-analyzer.lock.yml b/.github/workflows/repo-audit-analyzer.lock.yml
index 39db7917313..cf62aaf1509 100644
--- a/.github/workflows/repo-audit-analyzer.lock.yml
+++ b/.github/workflows/repo-audit-analyzer.lock.yml
@@ -278,6 +278,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: repoauditanalyzer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -709,6 +710,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1051,6 +1053,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/repo-audit-analyzer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "repo-audit-analyzer"
diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml
index f98838e10f4..3cad059f41a 100644
--- a/.github/workflows/repo-tree-map.lock.yml
+++ b/.github/workflows/repo-tree-map.lock.yml
@@ -265,6 +265,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: repotreemap
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -680,6 +681,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1008,6 +1010,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/repo-tree-map"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "repo-tree-map"
diff --git a/.github/workflows/repository-quality-improver.lock.yml b/.github/workflows/repository-quality-improver.lock.yml
index 2027116e047..2fa62c21ac8 100644
--- a/.github/workflows/repository-quality-improver.lock.yml
+++ b/.github/workflows/repository-quality-improver.lock.yml
@@ -310,6 +310,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: repositoryqualityimprover
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -770,6 +771,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -948,6 +950,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/repository-quality-improver"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "repository-quality-improver"
diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml
index e735404d156..8fd92e70013 100644
--- a/.github/workflows/research.lock.yml
+++ b/.github/workflows/research.lock.yml
@@ -272,6 +272,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: research
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -710,6 +711,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1038,6 +1040,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/research"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "research"
diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml
index 008cb704e78..208e07e648a 100644
--- a/.github/workflows/safe-output-health.lock.yml
+++ b/.github/workflows/safe-output-health.lock.yml
@@ -280,6 +280,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: safeoutputhealth
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -869,6 +870,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1044,6 +1046,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/safe-output-health"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "safe-output-health"
diff --git a/.github/workflows/schema-consistency-checker.lock.yml b/.github/workflows/schema-consistency-checker.lock.yml
index 77905407d0e..180cef0e637 100644
--- a/.github/workflows/schema-consistency-checker.lock.yml
+++ b/.github/workflows/schema-consistency-checker.lock.yml
@@ -274,6 +274,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: schemaconsistencychecker
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -768,6 +769,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -943,6 +945,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/schema-consistency-checker"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "schema-consistency-checker"
diff --git a/.github/workflows/schema-feature-coverage.lock.yml b/.github/workflows/schema-feature-coverage.lock.yml
index a524d5fb817..83515bce5ce 100644
--- a/.github/workflows/schema-feature-coverage.lock.yml
+++ b/.github/workflows/schema-feature-coverage.lock.yml
@@ -271,6 +271,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: schemafeaturecoverage
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -713,6 +714,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1041,6 +1043,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/schema-feature-coverage"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "schema-feature-coverage"
diff --git a/.github/workflows/scout.lock.yml b/.github/workflows/scout.lock.yml
index faa7b34505a..9a14c66ac89 100644
--- a/.github/workflows/scout.lock.yml
+++ b/.github/workflows/scout.lock.yml
@@ -32,7 +32,7 @@
# - shared/mcp/tavily.md
# - shared/reporting.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"d7458e2989c491a13fe05cbc974ba27fdbe84ba4c087d2f27c84ce54abb9771e","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"fe2c637001fc04b38474ca02069dd34e3010e2ad4067c5ff6bdc2dddea4c37d9","strict":true,"agent_id":"claude"}
name: "Scout"
"on":
@@ -203,7 +203,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Scout"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ญ *Intelligence gathered by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐๏ธ Scout on patrol! [{workflow_name}]({run_url}) is blazing trails through this {event_type}...\",\"runSuccess\":\"๐ญ Recon complete! [{workflow_name}]({run_url}) has charted the territory. Map ready! ๐บ๏ธ\",\"runFailure\":\"๐๏ธ Lost in the wilderness! [{workflow_name}]({run_url}) {status}. Sending search party...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ญ *Intelligence gathered by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐๏ธ Scout on patrol! [{workflow_name}]({run_url}) is blazing trails through this {event_type}...\",\"runSuccess\":\"๐ญ Recon complete! [{workflow_name}]({run_url}) has charted the territory. Map ready! ๐บ๏ธ\",\"runFailure\":\"๐๏ธ Lost in the wilderness! [{workflow_name}]({run_url}) {status}. Sending search party...\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -231,15 +231,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_342f7ad72fb0f127_EOF'
+ cat << 'GH_AW_PROMPT_8272fdeb55a2370c_EOF'
- GH_AW_PROMPT_342f7ad72fb0f127_EOF
+ GH_AW_PROMPT_8272fdeb55a2370c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_342f7ad72fb0f127_EOF'
+ cat << 'GH_AW_PROMPT_8272fdeb55a2370c_EOF'
Tools: add_comment, add_labels, missing_tool, missing_data, noop
@@ -271,12 +271,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_342f7ad72fb0f127_EOF
+ GH_AW_PROMPT_8272fdeb55a2370c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_342f7ad72fb0f127_EOF'
+ cat << 'GH_AW_PROMPT_8272fdeb55a2370c_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/mcp/arxiv.md}}
@@ -286,7 +286,7 @@ jobs:
{{#runtime-import .github/workflows/shared/mcp/markitdown.md}}
{{#runtime-import .github/workflows/shared/jqschema.md}}
{{#runtime-import .github/workflows/scout.md}}
- GH_AW_PROMPT_342f7ad72fb0f127_EOF
+ GH_AW_PROMPT_8272fdeb55a2370c_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -393,6 +393,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: scout
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -492,12 +493,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_e5dffb151b895c94_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_34ddbd18a7b2c850_EOF'
{"add_comment":{"max":1},"add_labels":{"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_e5dffb151b895c94_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_34ddbd18a7b2c850_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_2c98c2d74d89b07d_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_7ed906b7632bf7a6_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added.",
@@ -506,8 +507,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_2c98c2d74d89b07d_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_650f8f3e417632d3_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_7ed906b7632bf7a6_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_028563c4e0454be7_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -604,7 +605,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_650f8f3e417632d3_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_028563c4e0454be7_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -672,7 +673,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e TAVILY_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat << GH_AW_MCP_CONFIG_2ebff2ea0f3ab5db_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_c538088c873f5c73_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"arxiv": {
@@ -792,7 +793,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_2ebff2ea0f3ab5db_EOF
+ GH_AW_MCP_CONFIG_c538088c873f5c73_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -1003,6 +1004,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1167,7 +1169,7 @@ jobs:
GH_AW_SECRET_VERIFICATION_RESULT: ${{ needs.activation.outputs.secret_verification_result }}
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ญ *Intelligence gathered by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐๏ธ Scout on patrol! [{workflow_name}]({run_url}) is blazing trails through this {event_type}...\",\"runSuccess\":\"๐ญ Recon complete! [{workflow_name}]({run_url}) has charted the territory. Map ready! ๐บ๏ธ\",\"runFailure\":\"๐๏ธ Lost in the wilderness! [{workflow_name}]({run_url}) {status}. Sending search party...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ญ *Intelligence gathered by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐๏ธ Scout on patrol! [{workflow_name}]({run_url}) is blazing trails through this {event_type}...\",\"runSuccess\":\"๐ญ Recon complete! [{workflow_name}]({run_url}) has charted the territory. Map ready! ๐บ๏ธ\",\"runFailure\":\"๐๏ธ Lost in the wilderness! [{workflow_name}]({run_url}) {status}. Sending search party...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "20"
@@ -1189,7 +1191,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Scout"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ญ *Intelligence gathered by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐๏ธ Scout on patrol! [{workflow_name}]({run_url}) is blazing trails through this {event_type}...\",\"runSuccess\":\"๐ญ Recon complete! [{workflow_name}]({run_url}) has charted the territory. Map ready! ๐บ๏ธ\",\"runFailure\":\"๐๏ธ Lost in the wilderness! [{workflow_name}]({run_url}) {status}. Sending search party...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ญ *Intelligence gathered by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐๏ธ Scout on patrol! [{workflow_name}]({run_url}) is blazing trails through this {event_type}...\",\"runSuccess\":\"๐ญ Recon complete! [{workflow_name}]({run_url}) has charted the territory. Map ready! ๐บ๏ธ\",\"runFailure\":\"๐๏ธ Lost in the wilderness! [{workflow_name}]({run_url}) {status}. Sending search party...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1423,9 +1425,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/scout"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ญ *Intelligence gathered by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐๏ธ Scout on patrol! [{workflow_name}]({run_url}) is blazing trails through this {event_type}...\",\"runSuccess\":\"๐ญ Recon complete! [{workflow_name}]({run_url}) has charted the territory. Map ready! ๐บ๏ธ\",\"runFailure\":\"๐๏ธ Lost in the wilderness! [{workflow_name}]({run_url}) {status}. Sending search party...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ญ *Intelligence gathered by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐๏ธ Scout on patrol! [{workflow_name}]({run_url}) is blazing trails through this {event_type}...\",\"runSuccess\":\"๐ญ Recon complete! [{workflow_name}]({run_url}) has charted the territory. Map ready! ๐บ๏ธ\",\"runFailure\":\"๐๏ธ Lost in the wilderness! [{workflow_name}]({run_url}) {status}. Sending search party...\"}"
GH_AW_WORKFLOW_ID: "scout"
GH_AW_WORKFLOW_NAME: "Scout"
outputs:
diff --git a/.github/workflows/scout.md b/.github/workflows/scout.md
index 0e0cf3b0eb6..34c3b7de47a 100644
--- a/.github/workflows/scout.md
+++ b/.github/workflows/scout.md
@@ -43,7 +43,7 @@ safe-outputs:
add-labels:
max: 1
messages:
- footer: "> ๐ญ *Intelligence gathered by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ญ *Intelligence gathered by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐๏ธ Scout on patrol! [{workflow_name}]({run_url}) is blazing trails through this {event_type}..."
run-success: "๐ญ Recon complete! [{workflow_name}]({run_url}) has charted the territory. Map ready! ๐บ๏ธ"
run-failure: "๐๏ธ Lost in the wilderness! [{workflow_name}]({run_url}) {status}. Sending search party..."
diff --git a/.github/workflows/security-compliance.lock.yml b/.github/workflows/security-compliance.lock.yml
index d82766a9941..90fd86a8de0 100644
--- a/.github/workflows/security-compliance.lock.yml
+++ b/.github/workflows/security-compliance.lock.yml
@@ -292,6 +292,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: securitycompliance
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -724,6 +725,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1145,6 +1147,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/security-compliance"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "security-compliance"
diff --git a/.github/workflows/security-review.lock.yml b/.github/workflows/security-review.lock.yml
index 6da7e07bf57..637f5a9ec7e 100644
--- a/.github/workflows/security-review.lock.yml
+++ b/.github/workflows/security-review.lock.yml
@@ -26,7 +26,7 @@
# Imports:
# - shared/pr-code-review-config.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"6ae73a1972b16e068d3bf5d532df795942fdfaa62d38c4b824caefa098c81b60","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"6ecca246dd0374191c856225bc90cc06e2242edf9eb66809e6794acd1742ba63","strict":true,"agent_id":"copilot"}
name: "Security Review Agent ๐"
"on":
@@ -157,7 +157,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Security Review Agent ๐"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Security review by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing this {event_type} for security implications...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) completed the security review.\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status} during security review.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Security review by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing this {event_type} for security implications...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) completed the security review.\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status} during security review.\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -182,16 +182,16 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_f5c6bc451bd0d459_EOF'
+ cat << 'GH_AW_PROMPT_df2ab95cbf005d26_EOF'
- GH_AW_PROMPT_f5c6bc451bd0d459_EOF
+ GH_AW_PROMPT_df2ab95cbf005d26_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_f5c6bc451bd0d459_EOF'
+ cat << 'GH_AW_PROMPT_df2ab95cbf005d26_EOF'
Tools: create_pull_request_review_comment(max:10), submit_pull_request_review, missing_tool, missing_data, noop
@@ -223,16 +223,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_f5c6bc451bd0d459_EOF
+ GH_AW_PROMPT_df2ab95cbf005d26_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
if [ "$GITHUB_EVENT_NAME" = "issue_comment" ] && [ -n "$GH_AW_IS_PR_COMMENT" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review_comment" ] || [ "$GITHUB_EVENT_NAME" = "pull_request_review" ]; then
cat "${RUNNER_TEMP}/gh-aw/prompts/pr_context_prompt.md"
fi
- cat << 'GH_AW_PROMPT_f5c6bc451bd0d459_EOF'
+ cat << 'GH_AW_PROMPT_df2ab95cbf005d26_EOF'
{{#runtime-import .github/workflows/shared/pr-code-review-config.md}}
{{#runtime-import .github/workflows/security-review.md}}
- GH_AW_PROMPT_f5c6bc451bd0d459_EOF
+ GH_AW_PROMPT_df2ab95cbf005d26_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -333,6 +333,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: securityreview
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -482,12 +483,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_a8916a7063c2b9c8_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_ff7ff252403e5ac3_EOF'
{"create_pull_request_review_comment":{"max":10,"side":"RIGHT"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"submit_pull_request_review":{"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_a8916a7063c2b9c8_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_ff7ff252403e5ac3_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_30ed8b4f00e990f0_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_2874ce5cf75c766a_EOF'
{
"description_suffixes": {
"create_pull_request_review_comment": " CONSTRAINTS: Maximum 10 review comment(s) can be created. Comments will be on the RIGHT side of the diff.",
@@ -496,8 +497,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_30ed8b4f00e990f0_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_306b60bb69b7dc54_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_2874ce5cf75c766a_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_d87aad9da6b04f8a_EOF'
{
"create_pull_request_review_comment": {
"defaultMax": 1,
@@ -612,7 +613,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_306b60bb69b7dc54_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_d87aad9da6b04f8a_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -683,7 +684,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_80518072f5e74454_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_bda0e8027f180b5a_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -743,7 +744,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_80518072f5e74454_EOF
+ GH_AW_MCP_CONFIG_bda0e8027f180b5a_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -868,6 +869,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1031,7 +1033,7 @@ jobs:
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_INFERENCE_ACCESS_ERROR: ${{ needs.agent.outputs.inference_access_error }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Security review by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing this {event_type} for security implications...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) completed the security review.\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status} during security review.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Security review by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing this {event_type} for security implications...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) completed the security review.\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status} during security review.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "15"
@@ -1053,7 +1055,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Security Review Agent ๐"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Security review by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing this {event_type} for security implications...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) completed the security review.\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status} during security review.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Security review by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing this {event_type} for security implications...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) completed the security review.\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status} during security review.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1268,9 +1270,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/security-review"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Security review by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing this {event_type} for security implications...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) completed the security review.\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status} during security review.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Security review by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is analyzing this {event_type} for security implications...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) completed the security review.\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status} during security review.\"}"
GH_AW_WORKFLOW_ID: "security-review"
GH_AW_WORKFLOW_NAME: "Security Review Agent ๐"
outputs:
diff --git a/.github/workflows/security-review.md b/.github/workflows/security-review.md
index 9f327590da5..66d1409bbc5 100644
--- a/.github/workflows/security-review.md
+++ b/.github/workflows/security-review.md
@@ -22,7 +22,7 @@ safe-outputs:
create-pull-request-review-comment:
max: 10
messages:
- footer: "> ๐ *Security review by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ *Security review by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ [{workflow_name}]({run_url}) is analyzing this {event_type} for security implications..."
run-success: "๐ [{workflow_name}]({run_url}) completed the security review."
run-failure: "โ ๏ธ [{workflow_name}]({run_url}) {status} during security review."
diff --git a/.github/workflows/semantic-function-refactor.lock.yml b/.github/workflows/semantic-function-refactor.lock.yml
index 6982862bc1e..14d579dca3b 100644
--- a/.github/workflows/semantic-function-refactor.lock.yml
+++ b/.github/workflows/semantic-function-refactor.lock.yml
@@ -303,6 +303,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: semanticfunctionrefactor
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -849,6 +850,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1187,6 +1189,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/semantic-function-refactor"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "semantic-function-refactor"
diff --git a/.github/workflows/sergo.lock.yml b/.github/workflows/sergo.lock.yml
index 342ac62c470..8d2c592cdfb 100644
--- a/.github/workflows/sergo.lock.yml
+++ b/.github/workflows/sergo.lock.yml
@@ -311,6 +311,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: sergo
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -848,6 +849,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1026,6 +1028,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/sergo"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "sergo-daily"
diff --git a/.github/workflows/slide-deck-maintainer.lock.yml b/.github/workflows/slide-deck-maintainer.lock.yml
index ef16b63a171..139a0171f02 100644
--- a/.github/workflows/slide-deck-maintainer.lock.yml
+++ b/.github/workflows/slide-deck-maintainer.lock.yml
@@ -296,6 +296,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: slidedeckmaintainer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -802,6 +803,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1191,6 +1193,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/slide-deck-maintainer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "slide-deck-maintainer"
diff --git a/.github/workflows/smoke-agent-all-merged.lock.yml b/.github/workflows/smoke-agent-all-merged.lock.yml
index ddefa9772b3..5b99b048c40 100644
--- a/.github/workflows/smoke-agent-all-merged.lock.yml
+++ b/.github/workflows/smoke-agent-all-merged.lock.yml
@@ -22,7 +22,7 @@
#
# Guard policy smoke test: repos=all, min-integrity=merged (most restrictive)
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"bbd91d7cb3316403403189cfafb70b4578c3f66fcdd53247a3eeb1798d0f9da5","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"28a3205ca5937eaa3979f9843ccef5b436f262207f3a7a8e0d2590b579720ad9","strict":true,"agent_id":"codex"}
name: "Smoke Agent: all/merged"
"on":
@@ -147,7 +147,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Agent: all/merged"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=merged`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=merged`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -170,14 +170,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_49984dd37a47713a_EOF'
+ cat << 'GH_AW_PROMPT_05f6cad1c72ecacb_EOF'
- GH_AW_PROMPT_49984dd37a47713a_EOF
+ GH_AW_PROMPT_05f6cad1c72ecacb_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_49984dd37a47713a_EOF'
+ cat << 'GH_AW_PROMPT_05f6cad1c72ecacb_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
@@ -209,12 +209,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_49984dd37a47713a_EOF
+ GH_AW_PROMPT_05f6cad1c72ecacb_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_49984dd37a47713a_EOF'
+ cat << 'GH_AW_PROMPT_05f6cad1c72ecacb_EOF'
{{#runtime-import .github/workflows/smoke-agent-all-merged.md}}
- GH_AW_PROMPT_49984dd37a47713a_EOF
+ GH_AW_PROMPT_05f6cad1c72ecacb_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -298,6 +298,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokeagentallmerged
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -379,12 +380,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_eb259d2a6449f16e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_54452afc01b90a0c_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_eb259d2a6449f16e_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_54452afc01b90a0c_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_08c5ccf525ab902f_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_220179beb7ac4af8_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added."
@@ -392,8 +393,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_08c5ccf525ab902f_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_f43d9733ec8f3044_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_220179beb7ac4af8_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_b8708d91b44d7c68_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -471,7 +472,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_f43d9733ec8f3044_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_b8708d91b44d7c68_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -538,7 +539,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_5cb508e9596cb93c_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_73cdc9322ab8c7cb_EOF
[history]
persistence = "none"
@@ -565,10 +566,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_5cb508e9596cb93c_EOF
+ GH_AW_MCP_CONFIG_73cdc9322ab8c7cb_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_5cb508e9596cb93c_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_73cdc9322ab8c7cb_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -611,7 +612,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_5cb508e9596cb93c_EOF
+ GH_AW_MCP_CONFIG_73cdc9322ab8c7cb_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -720,6 +721,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -874,7 +876,7 @@ jobs:
GH_AW_SECRET_VERIFICATION_RESULT: ${{ needs.activation.outputs.secret_verification_result }}
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=merged`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=merged`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -896,7 +898,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Agent: all/merged"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=merged`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=merged`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1104,9 +1106,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-agent-all-merged"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=merged`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=merged`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
GH_AW_WORKFLOW_ID: "smoke-agent-all-merged"
GH_AW_WORKFLOW_NAME: "Smoke Agent: all/merged"
outputs:
diff --git a/.github/workflows/smoke-agent-all-merged.md b/.github/workflows/smoke-agent-all-merged.md
index f578888c3ac..ea1cfe828cf 100644
--- a/.github/workflows/smoke-agent-all-merged.md
+++ b/.github/workflows/smoke-agent-all-merged.md
@@ -28,7 +28,7 @@ safe-outputs:
hide-older-comments: true
max: 2
messages:
- footer: "> ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=merged`..."
run-success: "โ
[{workflow_name}]({run_url}) completed guard policy test."
run-failure: "โ [{workflow_name}]({run_url}) {status}. Check the logs for details."
diff --git a/.github/workflows/smoke-agent-all-none.lock.yml b/.github/workflows/smoke-agent-all-none.lock.yml
index b96b4126c0b..a253849d3ee 100644
--- a/.github/workflows/smoke-agent-all-none.lock.yml
+++ b/.github/workflows/smoke-agent-all-none.lock.yml
@@ -22,7 +22,7 @@
#
# Guard policy smoke test: repos=all, min-integrity=none (most permissive)
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"3f9db3848c2cb24db426b7476702b3fa72282f69fbf94e1d4aa1bce7f415d7b6","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"4ee3422cd032cf86fd88a03ecb796d53077b7ad886244140fe7f79e60b9ed431","strict":true,"agent_id":"codex"}
name: "Smoke Agent: all/none"
"on":
@@ -147,7 +147,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Agent: all/none"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -170,14 +170,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_9f5b750d2c37fa08_EOF'
+ cat << 'GH_AW_PROMPT_203c66ad3678ef5f_EOF'
- GH_AW_PROMPT_9f5b750d2c37fa08_EOF
+ GH_AW_PROMPT_203c66ad3678ef5f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_9f5b750d2c37fa08_EOF'
+ cat << 'GH_AW_PROMPT_203c66ad3678ef5f_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
@@ -209,12 +209,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_9f5b750d2c37fa08_EOF
+ GH_AW_PROMPT_203c66ad3678ef5f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_9f5b750d2c37fa08_EOF'
+ cat << 'GH_AW_PROMPT_203c66ad3678ef5f_EOF'
{{#runtime-import .github/workflows/smoke-agent-all-none.md}}
- GH_AW_PROMPT_9f5b750d2c37fa08_EOF
+ GH_AW_PROMPT_203c66ad3678ef5f_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -298,6 +298,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokeagentallnone
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -379,12 +380,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_4ba90a57b4f1edfb_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_21a3619f9b391044_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_4ba90a57b4f1edfb_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_21a3619f9b391044_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_339bd31ad38779d4_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_1eaae5c350da663a_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added."
@@ -392,8 +393,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_339bd31ad38779d4_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_36c1e193dd9d97c9_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_1eaae5c350da663a_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_2efa8b1bc76041ea_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -471,7 +472,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_36c1e193dd9d97c9_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_2efa8b1bc76041ea_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -538,7 +539,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_d23c32eeaa7fc437_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_be500cd34233bd55_EOF
[history]
persistence = "none"
@@ -565,10 +566,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_d23c32eeaa7fc437_EOF
+ GH_AW_MCP_CONFIG_be500cd34233bd55_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_d23c32eeaa7fc437_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_be500cd34233bd55_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -611,7 +612,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_d23c32eeaa7fc437_EOF
+ GH_AW_MCP_CONFIG_be500cd34233bd55_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -720,6 +721,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -874,7 +876,7 @@ jobs:
GH_AW_SECRET_VERIFICATION_RESULT: ${{ needs.activation.outputs.secret_verification_result }}
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -896,7 +898,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Agent: all/none"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1104,9 +1106,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-agent-all-none"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
GH_AW_WORKFLOW_ID: "smoke-agent-all-none"
GH_AW_WORKFLOW_NAME: "Smoke Agent: all/none"
outputs:
diff --git a/.github/workflows/smoke-agent-all-none.md b/.github/workflows/smoke-agent-all-none.md
index 12387a49304..1e190053a49 100644
--- a/.github/workflows/smoke-agent-all-none.md
+++ b/.github/workflows/smoke-agent-all-none.md
@@ -28,7 +28,7 @@ safe-outputs:
hide-older-comments: true
max: 2
messages:
- footer: "> ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ [{workflow_name}]({run_url}) testing guard policy: `repos=all, min-integrity=none`..."
run-success: "โ
[{workflow_name}]({run_url}) completed guard policy test."
run-failure: "โ [{workflow_name}]({run_url}) {status}. Check the logs for details."
diff --git a/.github/workflows/smoke-agent-public-approved.lock.yml b/.github/workflows/smoke-agent-public-approved.lock.yml
index 159baf1617e..26b18c93e77 100644
--- a/.github/workflows/smoke-agent-public-approved.lock.yml
+++ b/.github/workflows/smoke-agent-public-approved.lock.yml
@@ -26,7 +26,7 @@
# Imports:
# - shared/github-guard-policy.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"10d8624a668e228fad34496250ffda3a946d3771db24052940e518cf989e9011","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"03f57f526bbf2d1c4a903c7ae1486b10b1c447e2497b1cf9f29a1df44d20a148","strict":true,"agent_id":"codex"}
name: "Smoke Agent: public/approved"
"on":
@@ -151,7 +151,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Agent: public/approved"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ค [{workflow_name}]({run_url}) is looking for a Smoke issue to assign...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed. Issue assigned to the agentic-workflows agent.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ค [{workflow_name}]({run_url}) is looking for a Smoke issue to assign...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed. Issue assigned to the agentic-workflows agent.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -174,14 +174,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_79b4e920981f1336_EOF'
+ cat << 'GH_AW_PROMPT_d9e867a7d35dc4d3_EOF'
- GH_AW_PROMPT_79b4e920981f1336_EOF
+ GH_AW_PROMPT_d9e867a7d35dc4d3_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_79b4e920981f1336_EOF'
+ cat << 'GH_AW_PROMPT_d9e867a7d35dc4d3_EOF'
Tools: add_comment(max:2), assign_to_agent, missing_tool, missing_data, noop
@@ -213,13 +213,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_79b4e920981f1336_EOF
+ GH_AW_PROMPT_d9e867a7d35dc4d3_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_79b4e920981f1336_EOF'
+ cat << 'GH_AW_PROMPT_d9e867a7d35dc4d3_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
{{#runtime-import .github/workflows/smoke-agent-public-approved.md}}
- GH_AW_PROMPT_79b4e920981f1336_EOF
+ GH_AW_PROMPT_d9e867a7d35dc4d3_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -303,6 +303,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokeagentpublicapproved
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -385,12 +386,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_ac44aece24c5bc8d_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_1ff3a84cf3917125_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"assign_to_agent":{"allowed":["copilot"],"custom-agent":"agentic-workflows","max":1,"target":"*"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_ac44aece24c5bc8d_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_1ff3a84cf3917125_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_cc84900e09fac0de_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_8eefa362020b61ea_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -399,8 +400,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_cc84900e09fac0de_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_865c6f2ad613677c_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_8eefa362020b61ea_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_0a1f8a1a07adb6bc_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -503,7 +504,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_865c6f2ad613677c_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_0a1f8a1a07adb6bc_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -570,7 +571,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_790649d57c5cab19_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_aed1dcf0af46bd24_EOF
[history]
persistence = "none"
@@ -597,10 +598,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_790649d57c5cab19_EOF
+ GH_AW_MCP_CONFIG_aed1dcf0af46bd24_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_790649d57c5cab19_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_aed1dcf0af46bd24_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -643,7 +644,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_790649d57c5cab19_EOF
+ GH_AW_MCP_CONFIG_aed1dcf0af46bd24_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -752,6 +753,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -908,7 +910,7 @@ jobs:
GH_AW_ASSIGNMENT_ERRORS: ${{ needs.safe_outputs.outputs.assign_to_agent_assignment_errors }}
GH_AW_ASSIGNMENT_ERROR_COUNT: ${{ needs.safe_outputs.outputs.assign_to_agent_assignment_error_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ค [{workflow_name}]({run_url}) is looking for a Smoke issue to assign...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed. Issue assigned to the agentic-workflows agent.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ค [{workflow_name}]({run_url}) is looking for a Smoke issue to assign...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed. Issue assigned to the agentic-workflows agent.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -931,7 +933,7 @@ jobs:
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
GH_AW_ASSIGNMENT_ERROR_COUNT: ${{ needs.safe_outputs.outputs.assign_to_agent_assignment_error_count }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ค [{workflow_name}]({run_url}) is looking for a Smoke issue to assign...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed. Issue assigned to the agentic-workflows agent.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ค [{workflow_name}]({run_url}) is looking for a Smoke issue to assign...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed. Issue assigned to the agentic-workflows agent.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1139,9 +1141,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-agent-public-approved"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ค [{workflow_name}]({run_url}) is looking for a Smoke issue to assign...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed. Issue assigned to the agentic-workflows agent.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ค [{workflow_name}]({run_url}) is looking for a Smoke issue to assign...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed. Issue assigned to the agentic-workflows agent.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
GH_AW_WORKFLOW_ID: "smoke-agent-public-approved"
GH_AW_WORKFLOW_NAME: "Smoke Agent: public/approved"
outputs:
diff --git a/.github/workflows/smoke-agent-public-approved.md b/.github/workflows/smoke-agent-public-approved.md
index c6dd226143b..ecb3f3f3b91 100644
--- a/.github/workflows/smoke-agent-public-approved.md
+++ b/.github/workflows/smoke-agent-public-approved.md
@@ -35,7 +35,7 @@ safe-outputs:
hide-older-comments: true
max: 2
messages:
- footer: "> ๐ค *Smoke test by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ค *Smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ค [{workflow_name}]({run_url}) is looking for a Smoke issue to assign..."
run-success: "โ
[{workflow_name}]({run_url}) completed. Issue assigned to the agentic-workflows agent."
run-failure: "โ [{workflow_name}]({run_url}) {status}. Check the logs for details."
diff --git a/.github/workflows/smoke-agent-public-none.lock.yml b/.github/workflows/smoke-agent-public-none.lock.yml
index 190442d063a..bac59054fa9 100644
--- a/.github/workflows/smoke-agent-public-none.lock.yml
+++ b/.github/workflows/smoke-agent-public-none.lock.yml
@@ -22,7 +22,7 @@
#
# Guard policy smoke test: repos=public, min-integrity=none
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"f3c995f72a3cf4a61b6b081604a1fee2aff6acd11db9ef49dd1bfa29f853f732","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"8b3c4bd5d28d37f7752e49946b99ce14c4fbca6e298f31ffa240c185161fb21f","strict":true,"agent_id":"codex"}
name: "Smoke Agent: public/none"
"on":
@@ -147,7 +147,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Agent: public/none"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=public, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=public, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -170,14 +170,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_c4dfd71b61b37499_EOF'
+ cat << 'GH_AW_PROMPT_e2e30a17d661cd80_EOF'
- GH_AW_PROMPT_c4dfd71b61b37499_EOF
+ GH_AW_PROMPT_e2e30a17d661cd80_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_c4dfd71b61b37499_EOF'
+ cat << 'GH_AW_PROMPT_e2e30a17d661cd80_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
@@ -209,12 +209,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_c4dfd71b61b37499_EOF
+ GH_AW_PROMPT_e2e30a17d661cd80_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_c4dfd71b61b37499_EOF'
+ cat << 'GH_AW_PROMPT_e2e30a17d661cd80_EOF'
{{#runtime-import .github/workflows/smoke-agent-public-none.md}}
- GH_AW_PROMPT_c4dfd71b61b37499_EOF
+ GH_AW_PROMPT_e2e30a17d661cd80_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -298,6 +298,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokeagentpublicnone
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -379,12 +380,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_d366003516341a77_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_0299b24caaafd831_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_d366003516341a77_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_0299b24caaafd831_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_849aea1489079cc3_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_486162e31879588b_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added."
@@ -392,8 +393,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_849aea1489079cc3_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_c8935242e846f6c7_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_486162e31879588b_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_0ca4065e3ca7ef4f_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -471,7 +472,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_c8935242e846f6c7_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_0ca4065e3ca7ef4f_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -538,7 +539,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_6a297f00b367539c_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_2561f0fd9f0b6818_EOF
[history]
persistence = "none"
@@ -565,10 +566,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_6a297f00b367539c_EOF
+ GH_AW_MCP_CONFIG_2561f0fd9f0b6818_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_6a297f00b367539c_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_2561f0fd9f0b6818_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -611,7 +612,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_6a297f00b367539c_EOF
+ GH_AW_MCP_CONFIG_2561f0fd9f0b6818_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -720,6 +721,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -874,7 +876,7 @@ jobs:
GH_AW_SECRET_VERIFICATION_RESULT: ${{ needs.activation.outputs.secret_verification_result }}
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=public, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=public, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -896,7 +898,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Agent: public/none"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=public, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=public, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1104,9 +1106,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-agent-public-none"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=public, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=public, min-integrity=none`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
GH_AW_WORKFLOW_ID: "smoke-agent-public-none"
GH_AW_WORKFLOW_NAME: "Smoke Agent: public/none"
outputs:
diff --git a/.github/workflows/smoke-agent-public-none.md b/.github/workflows/smoke-agent-public-none.md
index aef7bf4b88a..974211106e0 100644
--- a/.github/workflows/smoke-agent-public-none.md
+++ b/.github/workflows/smoke-agent-public-none.md
@@ -28,7 +28,7 @@ safe-outputs:
hide-older-comments: true
max: 2
messages:
- footer: "> ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ [{workflow_name}]({run_url}) testing guard policy: `repos=public, min-integrity=none`..."
run-success: "โ
[{workflow_name}]({run_url}) completed guard policy test."
run-failure: "โ [{workflow_name}]({run_url}) {status}. Check the logs for details."
diff --git a/.github/workflows/smoke-agent-scoped-approved.lock.yml b/.github/workflows/smoke-agent-scoped-approved.lock.yml
index 1da54faf938..5ebb4f7240e 100644
--- a/.github/workflows/smoke-agent-scoped-approved.lock.yml
+++ b/.github/workflows/smoke-agent-scoped-approved.lock.yml
@@ -26,7 +26,7 @@
# Imports:
# - shared/github-guard-policy.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"300632a0a433248c05338ed59f453141c36973dcf842fc749a7e76e3b5a8f839","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"10ed0e0fdcd4337391e9ef5e8837e5d454495e50eaf16c16c63a7900a9a1d328","strict":true,"agent_id":"codex"}
name: "Smoke Agent: scoped/approved"
"on":
@@ -151,7 +151,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Agent: scoped/approved"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=[github/gh-aw, github/*], min-integrity=approved`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=[github/gh-aw, github/*], min-integrity=approved`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -174,14 +174,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_78d26fc79d1b1a5c_EOF'
+ cat << 'GH_AW_PROMPT_cfac7cbf583a09bf_EOF'
- GH_AW_PROMPT_78d26fc79d1b1a5c_EOF
+ GH_AW_PROMPT_cfac7cbf583a09bf_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_78d26fc79d1b1a5c_EOF'
+ cat << 'GH_AW_PROMPT_cfac7cbf583a09bf_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
@@ -213,13 +213,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_78d26fc79d1b1a5c_EOF
+ GH_AW_PROMPT_cfac7cbf583a09bf_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_78d26fc79d1b1a5c_EOF'
+ cat << 'GH_AW_PROMPT_cfac7cbf583a09bf_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
{{#runtime-import .github/workflows/smoke-agent-scoped-approved.md}}
- GH_AW_PROMPT_78d26fc79d1b1a5c_EOF
+ GH_AW_PROMPT_cfac7cbf583a09bf_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -303,6 +303,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokeagentscopedapproved
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -385,12 +386,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_cd5a07793ac49991_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_c0d00aa6086dbf74_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_cd5a07793ac49991_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_c0d00aa6086dbf74_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_261497d89676c178_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_ead150a633b4d7bb_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added."
@@ -398,8 +399,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_261497d89676c178_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_da583e1d98ab4da0_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_ead150a633b4d7bb_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_a9b330d0f673f8da_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -477,7 +478,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_da583e1d98ab4da0_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_a9b330d0f673f8da_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -544,7 +545,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_f20fd4ff3787fa74_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_eae6eef7ac15ae9a_EOF
[history]
persistence = "none"
@@ -571,10 +572,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["private:github/gh-aw", "private:github"]
- GH_AW_MCP_CONFIG_f20fd4ff3787fa74_EOF
+ GH_AW_MCP_CONFIG_eae6eef7ac15ae9a_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_f20fd4ff3787fa74_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_eae6eef7ac15ae9a_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -621,7 +622,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_f20fd4ff3787fa74_EOF
+ GH_AW_MCP_CONFIG_eae6eef7ac15ae9a_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -730,6 +731,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -884,7 +886,7 @@ jobs:
GH_AW_SECRET_VERIFICATION_RESULT: ${{ needs.activation.outputs.secret_verification_result }}
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=[github/gh-aw, github/*], min-integrity=approved`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=[github/gh-aw, github/*], min-integrity=approved`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -906,7 +908,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Agent: scoped/approved"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=[github/gh-aw, github/*], min-integrity=approved`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=[github/gh-aw, github/*], min-integrity=approved`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1114,9 +1116,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-agent-scoped-approved"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=[github/gh-aw, github/*], min-integrity=approved`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) testing guard policy: `repos=[github/gh-aw, github/*], min-integrity=approved`...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed guard policy test.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) {status}. Check the logs for details.\"}"
GH_AW_WORKFLOW_ID: "smoke-agent-scoped-approved"
GH_AW_WORKFLOW_NAME: "Smoke Agent: scoped/approved"
outputs:
diff --git a/.github/workflows/smoke-agent-scoped-approved.md b/.github/workflows/smoke-agent-scoped-approved.md
index 818f1633f5a..922b73b74fd 100644
--- a/.github/workflows/smoke-agent-scoped-approved.md
+++ b/.github/workflows/smoke-agent-scoped-approved.md
@@ -32,7 +32,7 @@ safe-outputs:
hide-older-comments: true
max: 2
messages:
- footer: "> ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ค *Guard policy smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ [{workflow_name}]({run_url}) testing guard policy: `repos=[github/gh-aw, github/*], min-integrity=approved`..."
run-success: "โ
[{workflow_name}]({run_url}) completed guard policy test."
run-failure: "โ [{workflow_name}]({run_url}) {status}. Check the logs for details."
diff --git a/.github/workflows/smoke-call-workflow.lock.yml b/.github/workflows/smoke-call-workflow.lock.yml
index 645719d96ea..b9b40df3aad 100644
--- a/.github/workflows/smoke-call-workflow.lock.yml
+++ b/.github/workflows/smoke-call-workflow.lock.yml
@@ -279,6 +279,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokecallworkflow
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -704,6 +705,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1073,6 +1075,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-call-workflow"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: "gpt-5.1-codex-mini"
GH_AW_WORKFLOW_ID: "smoke-call-workflow"
diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml
index cda44927bc4..d7154e9a16c 100644
--- a/.github/workflows/smoke-claude.lock.yml
+++ b/.github/workflows/smoke-claude.lock.yml
@@ -37,7 +37,7 @@
#
# inlined-imports: true
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"8b4570801394464240788e4c538a220f7ae35f8abc29b9def1b603989de7841e","agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"c8e85b0ffed195e6ee17c58abdbf3bbfcbd97a8f97be8d1041ee2fe72da2ce8b","agent_id":"claude"}
name: "Smoke Claude"
"on":
@@ -176,7 +176,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Claude"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฅ *[THE END] โ Illustrated by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฅ **WHOOSH!** [{workflow_name}]({run_url}) springs into action on this {event_type}! *[Panel 1 begins...]*\",\"runSuccess\":\"๐ฌ **THE END** โ [{workflow_name}]({run_url}) **MISSION: ACCOMPLISHED!** The hero saves the day! โจ\",\"runFailure\":\"๐ซ **TO BE CONTINUED...** [{workflow_name}]({run_url}) {status}! Our hero faces unexpected challenges...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฅ *[THE END] โ Illustrated by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฅ **WHOOSH!** [{workflow_name}]({run_url}) springs into action on this {event_type}! *[Panel 1 begins...]*\",\"runSuccess\":\"๐ฌ **THE END** โ [{workflow_name}]({run_url}) **MISSION: ACCOMPLISHED!** The hero saves the day! โจ\",\"runFailure\":\"๐ซ **TO BE CONTINUED...** [{workflow_name}]({run_url}) {status}! Our hero faces unexpected challenges...\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -200,9 +200,9 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_b727304f9785a29f_EOF'
+ cat << 'GH_AW_PROMPT_9e151125965f1459_EOF'
- GH_AW_PROMPT_b727304f9785a29f_EOF
+ GH_AW_PROMPT_9e151125965f1459_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -210,12 +210,12 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_b727304f9785a29f_EOF'
+ cat << 'GH_AW_PROMPT_9e151125965f1459_EOF'
Tools: add_comment(max:2), create_issue, close_pull_request, update_pull_request, create_pull_request_review_comment(max:5), submit_pull_request_review, resolve_pull_request_review_thread(max:5), add_labels, add_reviewer(max:2), push_to_pull_request_branch, missing_tool, missing_data, noop, post_slack_message
- GH_AW_PROMPT_b727304f9785a29f_EOF
+ GH_AW_PROMPT_9e151125965f1459_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_push_to_pr_branch.md"
- cat << 'GH_AW_PROMPT_b727304f9785a29f_EOF'
+ cat << 'GH_AW_PROMPT_9e151125965f1459_EOF'
The following GitHub context information is available for this workflow:
@@ -245,9 +245,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_b727304f9785a29f_EOF
+ GH_AW_PROMPT_9e151125965f1459_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_b727304f9785a29f_EOF'
+ cat << 'GH_AW_PROMPT_9e151125965f1459_EOF'
@@ -626,7 +626,7 @@ jobs:
{"noop": {"message": "No action needed: [brief explanation of what was analyzed and why]"}}
```
- GH_AW_PROMPT_b727304f9785a29f_EOF
+ GH_AW_PROMPT_9e151125965f1459_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -725,6 +725,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokeclaude
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -898,12 +899,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_982f8532560c93f1_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_b918226e9c57e768_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-claude"]},"add_reviewer":{"max":2,"target":"*"},"close_pull_request":{"max":1,"staged":true},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-claude","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT","target":"*"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"post_slack_message":{"description":"Post a message to a fictitious Slack channel (smoke test only โ no real Slack integration)","inputs":{"channel":{"default":"#general","description":"Slack channel name to post to","required":false,"type":"string"},"message":{"description":"Message text to post","required":false,"type":"string"}}},"push_to_pull_request_branch":{"allowed_files":[".github/smoke-claude-push-test.md"],"if_no_changes":"warn","max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"staged":true,"target":"*"},"resolve_pull_request_review_thread":{"max":5},"submit_pull_request_review":{"footer":"always","max":1},"update_pull_request":{"allow_body":true,"allow_title":true,"max":1,"target":"*"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_982f8532560c93f1_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_b918226e9c57e768_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_5968965ac36dd63e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_e61a50bc4dbfc828_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -940,8 +941,8 @@ jobs:
}
]
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_5968965ac36dd63e_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_26f66c1d235bd7aa_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_e61a50bc4dbfc828_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_16c8d1ef6cbd7c54_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -1226,7 +1227,7 @@ jobs:
"customValidation": "requiresOneOf:title,body"
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_26f66c1d235bd7aa_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_16c8d1ef6cbd7c54_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -1271,7 +1272,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_1c659e76e3e02313_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_bd0753d0a6904c15_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -1423,8 +1424,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_1c659e76e3e02313_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_eb49b7785c8b0fc8_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_bd0753d0a6904c15_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_0461f86ed393cb9b_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -1438,12 +1439,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_eb49b7785c8b0fc8_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_0461f86ed393cb9b_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_765ed1799a8562a4_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_19c5863f6956cb95_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: gh
# Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -1454,9 +1455,9 @@ jobs:
echo " token: ${GH_AW_GH_TOKEN:0:6}..."
GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GH_765ed1799a8562a4_EOF
+ GH_AW_MCP_SCRIPTS_SH_GH_19c5863f6956cb95_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_ed0e1045bd79da4c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_96d28c752190963a_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1591,9 +1592,9 @@ jobs:
EOF
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_ed0e1045bd79da4c_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_96d28c752190963a_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_98e0363d863bd74f_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_11317a0085a1ad91_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1672,9 +1673,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_98e0363d863bd74f_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_11317a0085a1ad91_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_7e48ca8e8ddc5d29_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_c30b3beeba855527_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1759,9 +1760,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_7e48ca8e8ddc5d29_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_c30b3beeba855527_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_c5c33f025b10604b_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_223c3ba39b6e7289_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: go
# Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -1772,9 +1773,9 @@ jobs:
go $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GO_c5c33f025b10604b_EOF
+ GH_AW_MCP_SCRIPTS_SH_GO_223c3ba39b6e7289_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh << 'GH_AW_MCP_SCRIPTS_SH_MAKE_e1b91b440c074c66_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh << 'GH_AW_MCP_SCRIPTS_SH_MAKE_7642664e59bacf91_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: make
# Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -1784,7 +1785,7 @@ jobs:
echo "make $INPUT_ARGS"
make $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_MAKE_e1b91b440c074c66_EOF
+ GH_AW_MCP_SCRIPTS_SH_MAKE_7642664e59bacf91_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh
- name: Generate MCP Scripts Server Config
@@ -1857,7 +1858,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -e GH_TOKEN -e TAVILY_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat << GH_AW_MCP_CONFIG_5b332f9ee71a220d_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_ec38d8f15328bda6_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -1996,7 +1997,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_5b332f9ee71a220d_EOF
+ GH_AW_MCP_CONFIG_ec38d8f15328bda6_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -2218,6 +2219,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -2431,7 +2433,7 @@ jobs:
GH_AW_CODE_PUSH_FAILURE_ERRORS: ${{ needs.safe_outputs.outputs.code_push_failure_errors }}
GH_AW_CODE_PUSH_FAILURE_COUNT: ${{ needs.safe_outputs.outputs.code_push_failure_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฅ *[THE END] โ Illustrated by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฅ **WHOOSH!** [{workflow_name}]({run_url}) springs into action on this {event_type}! *[Panel 1 begins...]*\",\"runSuccess\":\"๐ฌ **THE END** โ [{workflow_name}]({run_url}) **MISSION: ACCOMPLISHED!** The hero saves the day! โจ\",\"runFailure\":\"๐ซ **TO BE CONTINUED...** [{workflow_name}]({run_url}) {status}! Our hero faces unexpected challenges...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฅ *[THE END] โ Illustrated by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฅ **WHOOSH!** [{workflow_name}]({run_url}) springs into action on this {event_type}! *[Panel 1 begins...]*\",\"runSuccess\":\"๐ฌ **THE END** โ [{workflow_name}]({run_url}) **MISSION: ACCOMPLISHED!** The hero saves the day! โจ\",\"runFailure\":\"๐ซ **TO BE CONTINUED...** [{workflow_name}]({run_url}) {status}! Our hero faces unexpected challenges...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -2453,7 +2455,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Claude"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฅ *[THE END] โ Illustrated by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฅ **WHOOSH!** [{workflow_name}]({run_url}) springs into action on this {event_type}! *[Panel 1 begins...]*\",\"runSuccess\":\"๐ฌ **THE END** โ [{workflow_name}]({run_url}) **MISSION: ACCOMPLISHED!** The hero saves the day! โจ\",\"runFailure\":\"๐ซ **TO BE CONTINUED...** [{workflow_name}]({run_url}) {status}! Our hero faces unexpected challenges...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฅ *[THE END] โ Illustrated by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฅ **WHOOSH!** [{workflow_name}]({run_url}) springs into action on this {event_type}! *[Panel 1 begins...]*\",\"runSuccess\":\"๐ฌ **THE END** โ [{workflow_name}]({run_url}) **MISSION: ACCOMPLISHED!** The hero saves the day! โจ\",\"runFailure\":\"๐ซ **TO BE CONTINUED...** [{workflow_name}]({run_url}) {status}! Our hero faces unexpected challenges...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -2678,9 +2680,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-claude"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฅ *[THE END] โ Illustrated by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฅ **WHOOSH!** [{workflow_name}]({run_url}) springs into action on this {event_type}! *[Panel 1 begins...]*\",\"runSuccess\":\"๐ฌ **THE END** โ [{workflow_name}]({run_url}) **MISSION: ACCOMPLISHED!** The hero saves the day! โจ\",\"runFailure\":\"๐ซ **TO BE CONTINUED...** [{workflow_name}]({run_url}) {status}! Our hero faces unexpected challenges...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฅ *[THE END] โ Illustrated by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฅ **WHOOSH!** [{workflow_name}]({run_url}) springs into action on this {event_type}! *[Panel 1 begins...]*\",\"runSuccess\":\"๐ฌ **THE END** โ [{workflow_name}]({run_url}) **MISSION: ACCOMPLISHED!** The hero saves the day! โจ\",\"runFailure\":\"๐ซ **TO BE CONTINUED...** [{workflow_name}]({run_url}) {status}! Our hero faces unexpected challenges...\"}"
GH_AW_WORKFLOW_ID: "smoke-claude"
GH_AW_WORKFLOW_NAME: "Smoke Claude"
outputs:
@@ -2734,7 +2737,7 @@ jobs:
echo "GH_HOST=${GH_HOST}" >> "$GITHUB_ENV"
- name: Setup Safe Outputs Custom Scripts
run: |
- cat > ${RUNNER_TEMP}/gh-aw/actions/safe_output_script_post_slack_message.cjs << 'GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_9e49b541f5e2b0bc_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/actions/safe_output_script_post_slack_message.cjs << 'GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_d6fcf72c929f77e4_EOF'
// @ts-check
///
// Auto-generated safe-output script handler: post-slack-message
@@ -2754,7 +2757,7 @@ jobs:
}
module.exports = { main };
- GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_9e49b541f5e2b0bc_EOF
+ GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_d6fcf72c929f77e4_EOF
- name: Process Safe Outputs
id: process_safe_outputs
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
diff --git a/.github/workflows/smoke-claude.md b/.github/workflows/smoke-claude.md
index 905891f8c05..4f1c3c36694 100644
--- a/.github/workflows/smoke-claude.md
+++ b/.github/workflows/smoke-claude.md
@@ -91,7 +91,7 @@ safe-outputs:
max: 2
target: "*"
messages:
- footer: "> ๐ฅ *[THE END] โ Illustrated by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ฅ *[THE END] โ Illustrated by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ฅ **WHOOSH!** [{workflow_name}]({run_url}) springs into action on this {event_type}! *[Panel 1 begins...]*"
run-success: "๐ฌ **THE END** โ [{workflow_name}]({run_url}) **MISSION: ACCOMPLISHED!** The hero saves the day! โจ"
run-failure: "๐ซ **TO BE CONTINUED...** [{workflow_name}]({run_url}) {status}! Our hero faces unexpected challenges..."
diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml
index 18dbb569569..ffc07da2383 100644
--- a/.github/workflows/smoke-codex.lock.yml
+++ b/.github/workflows/smoke-codex.lock.yml
@@ -30,7 +30,7 @@
# - shared/qmd.md
# - shared/reporting.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"08622eff96fd523aed1828fcef487dcfa21db6e47e34f44f587a6ce0a027cbe3","agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"06451e0a825e8159b30a37bce567f63fb0e4e4c6f49a7e61578822b85109b12b","agent_id":"codex"}
name: "Smoke Codex"
"on":
@@ -170,7 +170,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Codex"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฎ *The oracle has spoken through [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฎ The ancient spirits stir... [{workflow_name}]({run_url}) awakens to divine this {event_type}...\",\"runSuccess\":\"โจ The prophecy is fulfilled... [{workflow_name}]({run_url}) has completed its mystical journey. The stars align. ๐\",\"runFailure\":\"๐ The shadows whisper... [{workflow_name}]({run_url}) {status}. The oracle requires further meditation...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฎ *The oracle has spoken through [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฎ The ancient spirits stir... [{workflow_name}]({run_url}) awakens to divine this {event_type}...\",\"runSuccess\":\"โจ The prophecy is fulfilled... [{workflow_name}]({run_url}) has completed its mystical journey. The stars align. ๐\",\"runFailure\":\"๐ The shadows whisper... [{workflow_name}]({run_url}) {status}. The oracle requires further meditation...\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -194,9 +194,9 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_20c992e85e9b3ade_EOF'
+ cat << 'GH_AW_PROMPT_119ad86e92d10934_EOF'
- GH_AW_PROMPT_20c992e85e9b3ade_EOF
+ GH_AW_PROMPT_119ad86e92d10934_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -204,7 +204,7 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/qmd_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_20c992e85e9b3ade_EOF'
+ cat << 'GH_AW_PROMPT_119ad86e92d10934_EOF'
Tools: add_comment(max:2), create_issue, add_labels, remove_labels, unassign_from_user, hide_comment(max:5), missing_tool, missing_data, noop, add_smoked_label
@@ -239,9 +239,9 @@ jobs:
- **Note**: If a branch you need is not in the list above and is not listed as an additional fetched ref, it has NOT been checked out. For private repositories you cannot fetch it without proper authentication. If the branch is required and not available, exit with an error and ask the user to add it to the `fetch:` option of the `checkout:` configuration (e.g., `fetch: ["refs/pulls/open/*"]` for all open PR refs, or `fetch: ["main", "feature/my-branch"]` for specific branches).
- GH_AW_PROMPT_20c992e85e9b3ade_EOF
+ GH_AW_PROMPT_119ad86e92d10934_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_20c992e85e9b3ade_EOF'
+ cat << 'GH_AW_PROMPT_119ad86e92d10934_EOF'
Use the `search` tool to find relevant documentation and content with a natural language request โ it queries a local vector database built from the configured collections.
@@ -293,7 +293,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
{{#runtime-import .github/workflows/smoke-codex.md}}
- GH_AW_PROMPT_20c992e85e9b3ade_EOF
+ GH_AW_PROMPT_119ad86e92d10934_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -391,6 +391,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokecodex
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -508,12 +509,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_2cebe007e25400bd_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_50edf469cc655054_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-codex"]},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-codex","expires":2,"labels":["automation","testing"],"max":1},"hide_comment":{"max":5},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"unassign_from_user":{"allowed":["githubactionagent"],"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_2cebe007e25400bd_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_50edf469cc655054_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_105026efe4e99df3_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_49d024a692caf8ad_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -546,8 +547,8 @@ jobs:
}
]
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_105026efe4e99df3_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_743589f763afd5b8_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_49d024a692caf8ad_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_f1befde6ad6a3154_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -743,7 +744,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_743589f763afd5b8_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_f1befde6ad6a3154_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -788,7 +789,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_c724923f7b94a03c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_8fc2797d26cb4918_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -818,8 +819,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_c724923f7b94a03c_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_b3939cf12a44d5b9_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_8fc2797d26cb4918_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_9cd03b7817afbd8c_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -833,12 +834,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_b3939cf12a44d5b9_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_9cd03b7817afbd8c_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_d576a7286679e04f_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_275beea46129d17f_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: gh
# Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -849,7 +850,7 @@ jobs:
echo " token: ${GH_AW_GH_TOKEN:0:6}..."
GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GH_d576a7286679e04f_EOF
+ GH_AW_MCP_SCRIPTS_SH_GH_275beea46129d17f_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh
- name: Generate MCP Scripts Server Config
@@ -953,7 +954,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_e401634eb22c99ed_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_c3d48ebeb7d5907a_EOF
[history]
persistence = "none"
@@ -1035,10 +1036,10 @@ jobs:
[mcp_servers.serena."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_e401634eb22c99ed_EOF
+ GH_AW_MCP_CONFIG_c3d48ebeb7d5907a_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_e401634eb22c99ed_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_c3d48ebeb7d5907a_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -1153,7 +1154,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_e401634eb22c99ed_EOF
+ GH_AW_MCP_CONFIG_c3d48ebeb7d5907a_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -1273,6 +1274,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1439,7 +1441,7 @@ jobs:
GH_AW_SECRET_VERIFICATION_RESULT: ${{ needs.activation.outputs.secret_verification_result }}
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฎ *The oracle has spoken through [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฎ The ancient spirits stir... [{workflow_name}]({run_url}) awakens to divine this {event_type}...\",\"runSuccess\":\"โจ The prophecy is fulfilled... [{workflow_name}]({run_url}) has completed its mystical journey. The stars align. ๐\",\"runFailure\":\"๐ The shadows whisper... [{workflow_name}]({run_url}) {status}. The oracle requires further meditation...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฎ *The oracle has spoken through [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฎ The ancient spirits stir... [{workflow_name}]({run_url}) awakens to divine this {event_type}...\",\"runSuccess\":\"โจ The prophecy is fulfilled... [{workflow_name}]({run_url}) has completed its mystical journey. The stars align. ๐\",\"runFailure\":\"๐ The shadows whisper... [{workflow_name}]({run_url}) {status}. The oracle requires further meditation...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "15"
@@ -1461,7 +1463,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Codex"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฎ *The oracle has spoken through [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฎ The ancient spirits stir... [{workflow_name}]({run_url}) awakens to divine this {event_type}...\",\"runSuccess\":\"โจ The prophecy is fulfilled... [{workflow_name}]({run_url}) has completed its mystical journey. The stars align. ๐\",\"runFailure\":\"๐ The shadows whisper... [{workflow_name}]({run_url}) {status}. The oracle requires further meditation...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฎ *The oracle has spoken through [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฎ The ancient spirits stir... [{workflow_name}]({run_url}) awakens to divine this {event_type}...\",\"runSuccess\":\"โจ The prophecy is fulfilled... [{workflow_name}]({run_url}) has completed its mystical journey. The stars align. ๐\",\"runFailure\":\"๐ The shadows whisper... [{workflow_name}]({run_url}) {status}. The oracle requires further meditation...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1740,9 +1742,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-codex"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "codex"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฎ *The oracle has spoken through [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฎ The ancient spirits stir... [{workflow_name}]({run_url}) awakens to divine this {event_type}...\",\"runSuccess\":\"โจ The prophecy is fulfilled... [{workflow_name}]({run_url}) has completed its mystical journey. The stars align. ๐\",\"runFailure\":\"๐ The shadows whisper... [{workflow_name}]({run_url}) {status}. The oracle requires further meditation...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฎ *The oracle has spoken through [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฎ The ancient spirits stir... [{workflow_name}]({run_url}) awakens to divine this {event_type}...\",\"runSuccess\":\"โจ The prophecy is fulfilled... [{workflow_name}]({run_url}) has completed its mystical journey. The stars align. ๐\",\"runFailure\":\"๐ The shadows whisper... [{workflow_name}]({run_url}) {status}. The oracle requires further meditation...\"}"
GH_AW_WORKFLOW_ID: "smoke-codex"
GH_AW_WORKFLOW_NAME: "Smoke Codex"
outputs:
diff --git a/.github/workflows/smoke-codex.md b/.github/workflows/smoke-codex.md
index 50b4e4073ce..65877f5742b 100644
--- a/.github/workflows/smoke-codex.md
+++ b/.github/workflows/smoke-codex.md
@@ -65,7 +65,7 @@ safe-outputs:
max: 1
hide-comment:
messages:
- footer: "> ๐ฎ *The oracle has spoken through [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ฎ *The oracle has spoken through [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ฎ The ancient spirits stir... [{workflow_name}]({run_url}) awakens to divine this {event_type}..."
run-success: "โจ The prophecy is fulfilled... [{workflow_name}]({run_url}) has completed its mystical journey. The stars align. ๐"
run-failure: "๐ The shadows whisper... [{workflow_name}]({run_url}) {status}. The oracle requires further meditation..."
diff --git a/.github/workflows/smoke-copilot-arm.lock.yml b/.github/workflows/smoke-copilot-arm.lock.yml
index a4768763885..549dad76932 100644
--- a/.github/workflows/smoke-copilot-arm.lock.yml
+++ b/.github/workflows/smoke-copilot-arm.lock.yml
@@ -30,7 +30,7 @@
# - shared/mcp/serena.md
# - shared/reporting.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"b922b54ad668c7e5d79e80973efae5108439b02e6d1ff89d534cf06bdf16d0ed","agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"3e2fe69aad7d2801364a57386fae783d35b5afda5c4e976f829c5953a22349a5","agent_id":"copilot"}
name: "Smoke Copilot ARM64"
"on":
@@ -167,7 +167,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Copilot ARM64"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -191,9 +191,9 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_1fdc0a0cb4a09695_EOF'
+ cat << 'GH_AW_PROMPT_5d913d5c763dcde8_EOF'
- GH_AW_PROMPT_1fdc0a0cb4a09695_EOF
+ GH_AW_PROMPT_5d913d5c763dcde8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -201,7 +201,7 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_1fdc0a0cb4a09695_EOF'
+ cat << 'GH_AW_PROMPT_5d913d5c763dcde8_EOF'
Tools: add_comment(max:2), create_issue, create_discussion, create_pull_request_review_comment(max:5), submit_pull_request_review, add_labels, remove_labels, dispatch_workflow, missing_tool, missing_data, noop, send_slack_message
@@ -233,9 +233,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_1fdc0a0cb4a09695_EOF
+ GH_AW_PROMPT_5d913d5c763dcde8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_1fdc0a0cb4a09695_EOF'
+ cat << 'GH_AW_PROMPT_5d913d5c763dcde8_EOF'
## Serena Code Analysis
@@ -273,7 +273,7 @@ jobs:
{{#runtime-import .github/workflows/shared/github-queries-mcp-script.md}}
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
{{#runtime-import .github/workflows/smoke-copilot-arm.md}}
- GH_AW_PROMPT_1fdc0a0cb4a09695_EOF
+ GH_AW_PROMPT_5d913d5c763dcde8_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -370,6 +370,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokecopilotarm
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -526,12 +527,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_8ce0369feb45e4f2_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_b3b02bc8bedde255_EOF'
{"add_comment":{"allowed_repos":["github/gh-aw"],"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-copilot-arm"],"allowed_repos":["github/gh-aw"]},"create_discussion":{"category":"announcements","close_older_discussions":true,"expires":2,"fallback_to_issue":true,"labels":["ai-generated"],"max":1},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-copilot-arm","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT"},"dispatch_workflow":{"max":1,"workflow_files":{"haiku-printer":".yml"},"workflows":["haiku-printer"]},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"send-slack-message":{"description":"Send a message to Slack (stub for testing)","inputs":{"message":{"description":"The message to send","required":false,"type":"string"}},"output":"Slack message stub executed!"},"submit_pull_request_review":{"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_8ce0369feb45e4f2_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_b3b02bc8bedde255_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_928b0f817934291a_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_71157be718379f35_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -588,8 +589,8 @@ jobs:
}
]
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_928b0f817934291a_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_9e0bd993b865a3ce_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_71157be718379f35_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_6b9e2ffc5e628cfb_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -819,7 +820,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_9e0bd993b865a3ce_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_6b9e2ffc5e628cfb_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -864,7 +865,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_0e57aa2f762834ba_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_5f80dec2b93fd240_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -980,8 +981,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_0e57aa2f762834ba_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_ab35845c3b5f42c3_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_5f80dec2b93fd240_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_9583ab3a98c30557_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -995,12 +996,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_ab35845c3b5f42c3_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_9583ab3a98c30557_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_79906d81c8a19cac_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_487bcc3c1624a635_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: gh
# Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -1011,9 +1012,9 @@ jobs:
echo " token: ${GH_AW_GH_TOKEN:0:6}..."
GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GH_79906d81c8a19cac_EOF
+ GH_AW_MCP_SCRIPTS_SH_GH_487bcc3c1624a635_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_3cbfe512b70f325e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_de6480930afd6152_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1148,9 +1149,9 @@ jobs:
EOF
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_3cbfe512b70f325e_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_de6480930afd6152_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_77aa7b8105f4877e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_728c50db158e2b32_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1229,9 +1230,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_77aa7b8105f4877e_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_728c50db158e2b32_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_165177582b997cac_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_288f75e4dc98f5a6_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1316,7 +1317,7 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_165177582b997cac_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_288f75e4dc98f5a6_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh
- name: Generate MCP Scripts Server Config
@@ -1389,7 +1390,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_3bc7f8b553384dec_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_bbaab723be3e0d4f_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -1506,7 +1507,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_3bc7f8b553384dec_EOF
+ GH_AW_MCP_CONFIG_bbaab723be3e0d4f_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -1642,6 +1643,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1812,7 +1814,7 @@ jobs:
GH_AW_CREATE_DISCUSSION_ERRORS: ${{ needs.safe_outputs.outputs.create_discussion_errors }}
GH_AW_CREATE_DISCUSSION_ERROR_COUNT: ${{ needs.safe_outputs.outputs.create_discussion_error_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "15"
@@ -1834,7 +1836,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Copilot ARM64"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
GH_AW_SAFE_OUTPUT_JOBS: "{\"send_slack_message\":\"\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
@@ -2044,9 +2046,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-copilot-arm"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
GH_AW_WORKFLOW_ID: "smoke-copilot-arm"
GH_AW_WORKFLOW_NAME: "Smoke Copilot ARM64"
outputs:
diff --git a/.github/workflows/smoke-copilot-arm.md b/.github/workflows/smoke-copilot-arm.md
index b6072b8ddd9..7c539c2d878 100644
--- a/.github/workflows/smoke-copilot-arm.md
+++ b/.github/workflows/smoke-copilot-arm.md
@@ -100,7 +100,7 @@ safe-outputs:
fi
messages:
append-only-comments: true
- footer: "> ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing..."
run-success: "๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค"
run-failure: "๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident..."
diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml
index 32bffd0ad69..7e6effa8dfd 100644
--- a/.github/workflows/smoke-copilot.lock.yml
+++ b/.github/workflows/smoke-copilot.lock.yml
@@ -31,7 +31,7 @@
# - shared/mcp/serena.md
# - shared/reporting.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"a8d01acc6fc00511bf712d729839b8d2812a7fc654612f83b539b870c8d10c28","agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"a7b4d7bf4f02611637cd82a7a5f7c06048689e94db970e6f73d90a2673fdecc7","agent_id":"copilot"}
name: "Smoke Copilot"
"on":
@@ -161,7 +161,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Copilot"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -198,9 +198,9 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_373a3e0e39320264_EOF'
+ cat << 'GH_AW_PROMPT_9df51225daadb559_EOF'
- GH_AW_PROMPT_373a3e0e39320264_EOF
+ GH_AW_PROMPT_9df51225daadb559_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -208,7 +208,7 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_373a3e0e39320264_EOF'
+ cat << 'GH_AW_PROMPT_9df51225daadb559_EOF'
Tools: add_comment(max:2), create_issue, create_discussion, create_pull_request_review_comment(max:5), submit_pull_request_review, reply_to_pull_request_review_comment(max:5), add_labels, remove_labels, set_issue_type, dispatch_workflow, missing_tool, missing_data, noop, send_slack_message
@@ -240,9 +240,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_373a3e0e39320264_EOF
+ GH_AW_PROMPT_9df51225daadb559_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_373a3e0e39320264_EOF'
+ cat << 'GH_AW_PROMPT_9df51225daadb559_EOF'
## Serena Code Analysis
@@ -281,7 +281,7 @@ jobs:
{{#runtime-import .github/workflows/shared/github-queries-mcp-script.md}}
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
{{#runtime-import .github/workflows/smoke-copilot.md}}
- GH_AW_PROMPT_373a3e0e39320264_EOF
+ GH_AW_PROMPT_9df51225daadb559_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -379,6 +379,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokecopilot
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -534,12 +535,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_4dd5f8179471aa52_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_3c8a610621dc5cbf_EOF'
{"add_comment":{"allowed_repos":["github/gh-aw"],"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-copilot"],"allowed_repos":["github/gh-aw"]},"create_discussion":{"category":"announcements","close_older_discussions":true,"close_older_key":"smoke-copilot","expires":2,"fallback_to_issue":true,"labels":["ai-generated"],"max":1},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-copilot","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT"},"dispatch_workflow":{"max":1,"workflow_files":{"haiku-printer":".yml"},"workflows":["haiku-printer"]},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"reply_to_pull_request_review_comment":{"max":5},"send-slack-message":{"description":"Send a message to Slack (stub for testing)","inputs":{"message":{"description":"The message to send","required":false,"type":"string"}},"output":"Slack message stub executed!"},"set_issue_type":{},"submit_pull_request_review":{"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_4dd5f8179471aa52_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_3c8a610621dc5cbf_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_ab716969def5c297_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_d67ffee6fad53472_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -597,8 +598,8 @@ jobs:
}
]
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_ab716969def5c297_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_5fc12810f169044e_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_d67ffee6fad53472_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_d8a24fe9ebf525ab_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -868,7 +869,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_5fc12810f169044e_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_d8a24fe9ebf525ab_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -913,7 +914,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_0924150aa191d5f5_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_3e8f78b47058959a_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -1029,8 +1030,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_0924150aa191d5f5_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_908b51a2a2e8dd26_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_3e8f78b47058959a_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_e7b909a1866941c3_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -1044,12 +1045,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_908b51a2a2e8dd26_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_e7b909a1866941c3_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_015c3d84b26fbf88_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_263ef6d96de89fb3_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: gh
# Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -1060,9 +1061,9 @@ jobs:
echo " token: ${GH_AW_GH_TOKEN:0:6}..."
GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GH_015c3d84b26fbf88_EOF
+ GH_AW_MCP_SCRIPTS_SH_GH_263ef6d96de89fb3_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_56db90d7edafff66_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_05d4ab943fe86ce9_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1197,9 +1198,9 @@ jobs:
EOF
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_56db90d7edafff66_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_05d4ab943fe86ce9_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_5e0e03131855f3ff_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_8ef0432b17b9641c_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1278,9 +1279,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_5e0e03131855f3ff_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_8ef0432b17b9641c_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_a80c0cfd76883078_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_c889f4807956eb81_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1365,7 +1366,7 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_a80c0cfd76883078_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_c889f4807956eb81_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh
- name: Generate MCP Scripts Server Config
@@ -1436,7 +1437,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_b205ce64e3e0102b_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_7d1672508c35ebcf_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -1556,7 +1557,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_b205ce64e3e0102b_EOF
+ GH_AW_MCP_CONFIG_7d1672508c35ebcf_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -1692,6 +1693,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1864,7 +1866,7 @@ jobs:
GH_AW_CREATE_DISCUSSION_ERRORS: ${{ needs.safe_outputs.outputs.create_discussion_errors }}
GH_AW_CREATE_DISCUSSION_ERROR_COUNT: ${{ needs.safe_outputs.outputs.create_discussion_error_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "15"
@@ -1886,7 +1888,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Copilot"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
GH_AW_SAFE_OUTPUT_JOBS: "{\"send_slack_message\":\"\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
@@ -2094,9 +2096,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-copilot"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing...\",\"runSuccess\":\"๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค\",\"runFailure\":\"๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident...\"}"
GH_AW_WORKFLOW_ID: "smoke-copilot"
GH_AW_WORKFLOW_NAME: "Smoke Copilot"
outputs:
diff --git a/.github/workflows/smoke-copilot.md b/.github/workflows/smoke-copilot.md
index aacda1ef89a..93649992299 100644
--- a/.github/workflows/smoke-copilot.md
+++ b/.github/workflows/smoke-copilot.md
@@ -111,7 +111,7 @@ safe-outputs:
fi
messages:
append-only-comments: true
- footer: "> ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ฐ *BREAKING: Report filed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ฐ BREAKING: [{workflow_name}]({run_url}) is now investigating this {event_type}. Sources say the story is developing..."
run-success: "๐ฐ VERDICT: [{workflow_name}]({run_url}) has concluded. All systems operational. This is a developing story. ๐ค"
run-failure: "๐ฐ DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident..."
diff --git a/.github/workflows/smoke-create-cross-repo-pr.lock.yml b/.github/workflows/smoke-create-cross-repo-pr.lock.yml
index f08d28ec325..180657d337c 100644
--- a/.github/workflows/smoke-create-cross-repo-pr.lock.yml
+++ b/.github/workflows/smoke-create-cross-repo-pr.lock.yml
@@ -22,7 +22,7 @@
#
# Smoke test validating cross-repo pull request creation in githubnext/gh-aw-side-repo
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"23144cc5cfaff8c43f78aeac9193fc954d2391a4d6fc0207772ebb4127c0ad56","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"23d3c7a58f979f7799b7e17bdac619d06c521a62e3079dfc27f35b90f4bbce9f","strict":true,"agent_id":"copilot"}
name: "Smoke Create Cross-Repo PR"
"on":
@@ -142,7 +142,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Create Cross-Repo PR"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฌ *Cross-repo smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฌ [{workflow_name}]({run_url}) is testing cross-repo PR creation in githubnext/gh-aw-side-repo...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created a cross-repo PR in githubnext/gh-aw-side-repo!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create a cross-repo PR: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฌ *Cross-repo smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฌ [{workflow_name}]({run_url}) is testing cross-repo PR creation in githubnext/gh-aw-side-repo...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created a cross-repo PR in githubnext/gh-aw-side-repo!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create a cross-repo PR: {status}\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -166,19 +166,19 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_66f889bd5efa1179_EOF'
+ cat << 'GH_AW_PROMPT_b5851c5feae065c1_EOF'
- GH_AW_PROMPT_66f889bd5efa1179_EOF
+ GH_AW_PROMPT_b5851c5feae065c1_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_66f889bd5efa1179_EOF'
+ cat << 'GH_AW_PROMPT_b5851c5feae065c1_EOF'
Tools: add_comment(max:2), create_issue, create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_66f889bd5efa1179_EOF
+ GH_AW_PROMPT_b5851c5feae065c1_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_66f889bd5efa1179_EOF'
+ cat << 'GH_AW_PROMPT_b5851c5feae065c1_EOF'
The following GitHub context information is available for this workflow:
@@ -211,12 +211,12 @@ jobs:
- **Note**: If a branch you need is not in the list above and is not listed as an additional fetched ref, it has NOT been checked out. For private repositories you cannot fetch it without proper authentication. If the branch is required and not available, exit with an error and ask the user to add it to the `fetch:` option of the `checkout:` configuration (e.g., `fetch: ["refs/pulls/open/*"]` for all open PR refs, or `fetch: ["main", "feature/my-branch"]` for specific branches).
- GH_AW_PROMPT_66f889bd5efa1179_EOF
+ GH_AW_PROMPT_b5851c5feae065c1_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_66f889bd5efa1179_EOF'
+ cat << 'GH_AW_PROMPT_b5851c5feae065c1_EOF'
{{#runtime-import .github/workflows/smoke-create-cross-repo-pr.md}}
- GH_AW_PROMPT_66f889bd5efa1179_EOF
+ GH_AW_PROMPT_b5851c5feae065c1_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -305,6 +305,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokecreatecrossrepopr
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -391,12 +392,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_9a2dafe9ac1f36da_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_dda6c6cade8b9292_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_issue":{"close_older_issues":true,"expires":2,"labels":["automation","testing"],"max":1},"create_pull_request":{"draft":true,"expires":24,"fallback_as_issue":false,"github-token":"${{ secrets.GH_AW_SIDE_REPO_PAT }}","if_no_changes":"error","labels":["smoke-test"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"target-repo":"githubnext/gh-aw-side-repo","title_prefix":"[smoke] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_9a2dafe9ac1f36da_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_dda6c6cade8b9292_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_be19df97127dcc52_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_7e7ce00aac884a7c_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -406,8 +407,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_be19df97127dcc52_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_c1670dc7b2db606c_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_7e7ce00aac884a7c_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_2acf94955ef0dc17_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -554,7 +555,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_c1670dc7b2db606c_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_2acf94955ef0dc17_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -624,7 +625,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_e2a867f93e70251f_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_4e0fc3a9881a180e_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -665,7 +666,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_e2a867f93e70251f_EOF
+ GH_AW_MCP_CONFIG_4e0fc3a9881a180e_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -790,6 +791,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -953,7 +955,7 @@ jobs:
GH_AW_CODE_PUSH_FAILURE_ERRORS: ${{ needs.safe_outputs.outputs.code_push_failure_errors }}
GH_AW_CODE_PUSH_FAILURE_COUNT: ${{ needs.safe_outputs.outputs.code_push_failure_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฌ *Cross-repo smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฌ [{workflow_name}]({run_url}) is testing cross-repo PR creation in githubnext/gh-aw-side-repo...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created a cross-repo PR in githubnext/gh-aw-side-repo!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create a cross-repo PR: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฌ *Cross-repo smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฌ [{workflow_name}]({run_url}) is testing cross-repo PR creation in githubnext/gh-aw-side-repo...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created a cross-repo PR in githubnext/gh-aw-side-repo!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create a cross-repo PR: {status}\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -975,7 +977,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Create Cross-Repo PR"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฌ *Cross-repo smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฌ [{workflow_name}]({run_url}) is testing cross-repo PR creation in githubnext/gh-aw-side-repo...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created a cross-repo PR in githubnext/gh-aw-side-repo!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create a cross-repo PR: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฌ *Cross-repo smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฌ [{workflow_name}]({run_url}) is testing cross-repo PR creation in githubnext/gh-aw-side-repo...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created a cross-repo PR in githubnext/gh-aw-side-repo!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create a cross-repo PR: {status}\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1186,9 +1188,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-create-cross-repo-pr"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฌ *Cross-repo smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฌ [{workflow_name}]({run_url}) is testing cross-repo PR creation in githubnext/gh-aw-side-repo...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created a cross-repo PR in githubnext/gh-aw-side-repo!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create a cross-repo PR: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ฌ *Cross-repo smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฌ [{workflow_name}]({run_url}) is testing cross-repo PR creation in githubnext/gh-aw-side-repo...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created a cross-repo PR in githubnext/gh-aw-side-repo!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create a cross-repo PR: {status}\"}"
GH_AW_WORKFLOW_ID: "smoke-create-cross-repo-pr"
GH_AW_WORKFLOW_NAME: "Smoke Create Cross-Repo PR"
outputs:
diff --git a/.github/workflows/smoke-create-cross-repo-pr.md b/.github/workflows/smoke-create-cross-repo-pr.md
index a6fa62f9418..346ce47cc7d 100644
--- a/.github/workflows/smoke-create-cross-repo-pr.md
+++ b/.github/workflows/smoke-create-cross-repo-pr.md
@@ -50,7 +50,7 @@ safe-outputs:
hide-older-comments: true
max: 2
messages:
- footer: "> ๐ฌ *Cross-repo smoke test by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ฌ *Cross-repo smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ฌ [{workflow_name}]({run_url}) is testing cross-repo PR creation in githubnext/gh-aw-side-repo..."
run-success: "โ
[{workflow_name}]({run_url}) successfully created a cross-repo PR in githubnext/gh-aw-side-repo!"
run-failure: "โ [{workflow_name}]({run_url}) failed to create a cross-repo PR: {status}"
diff --git a/.github/workflows/smoke-gemini.lock.yml b/.github/workflows/smoke-gemini.lock.yml
index b14a3f05727..a4bce54382b 100644
--- a/.github/workflows/smoke-gemini.lock.yml
+++ b/.github/workflows/smoke-gemini.lock.yml
@@ -27,7 +27,7 @@
# - shared/gh.md
# - shared/reporting.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"bc947fc0f68789a8c2116df1b0ed091773cc6c20103a7b93a9bd3b23e65e8f61","strict":true,"agent_id":"gemini"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"0f1c00beafd1829acdd4f2160c974eae49a534ef077f9b9427e6760a627fcaef","strict":true,"agent_id":"gemini"}
name: "Smoke Gemini"
"on":
@@ -166,7 +166,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Gemini"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โจ *[{workflow_name}]({run_url}) โ Powered by Gemini*{history_link}\",\"runStarted\":\"โจ Gemini awakens... [{workflow_name}]({run_url}) begins its journey on this {event_type}...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) **MISSION COMPLETE!** Gemini has spoken. โจ\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status}. Gemini encountered unexpected challenges...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โจ *[{workflow_name}]({run_url}) โ Powered by Gemini*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"โจ Gemini awakens... [{workflow_name}]({run_url}) begins its journey on this {event_type}...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) **MISSION COMPLETE!** Gemini has spoken. โจ\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status}. Gemini encountered unexpected challenges...\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -190,15 +190,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_b7c8caf0f3ae8939_EOF'
+ cat << 'GH_AW_PROMPT_ec5ddfdb986834ab_EOF'
- GH_AW_PROMPT_b7c8caf0f3ae8939_EOF
+ GH_AW_PROMPT_ec5ddfdb986834ab_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_b7c8caf0f3ae8939_EOF'
+ cat << 'GH_AW_PROMPT_ec5ddfdb986834ab_EOF'
Tools: add_comment(max:2), create_issue, add_labels, missing_tool, missing_data, noop
@@ -230,14 +230,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_b7c8caf0f3ae8939_EOF
+ GH_AW_PROMPT_ec5ddfdb986834ab_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_b7c8caf0f3ae8939_EOF'
+ cat << 'GH_AW_PROMPT_ec5ddfdb986834ab_EOF'
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/smoke-gemini.md}}
- GH_AW_PROMPT_b7c8caf0f3ae8939_EOF
+ GH_AW_PROMPT_ec5ddfdb986834ab_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -331,6 +331,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokegemini
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -430,12 +431,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_1a7bedeeecab961a_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_01758ee466270a56_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-gemini"]},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-gemini","expires":2,"labels":["automation","testing"],"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_1a7bedeeecab961a_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_01758ee466270a56_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_6adcdc19cd13085a_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_3976c2187d2cbcfe_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -445,8 +446,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_6adcdc19cd13085a_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_96ee50354d9e913c_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_3976c2187d2cbcfe_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_0f0c060c2a233ca5_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -576,7 +577,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_96ee50354d9e913c_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_0f0c060c2a233ca5_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -621,7 +622,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_f5bedc57ba938e62_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_db61f592fb740c66_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -651,8 +652,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_f5bedc57ba938e62_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_1b5009973cbe5122_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_db61f592fb740c66_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_9ede82243d9570a1_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -666,12 +667,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_1b5009973cbe5122_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_9ede82243d9570a1_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_27041bffe4fddd9f_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_37dab787d6840ac7_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: gh
# Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -682,7 +683,7 @@ jobs:
echo " token: ${GH_AW_GH_TOKEN:0:6}..."
GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GH_27041bffe4fddd9f_EOF
+ GH_AW_MCP_SCRIPTS_SH_GH_37dab787d6840ac7_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh
- name: Generate MCP Scripts Server Config
@@ -750,7 +751,7 @@ jobs:
export GH_AW_ENGINE="gemini"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat << GH_AW_MCP_CONFIG_dde98cd75005b3cb_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_dc3832e9686c5ff4_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -804,7 +805,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_dde98cd75005b3cb_EOF
+ GH_AW_MCP_CONFIG_dc3832e9686c5ff4_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -936,6 +937,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1101,7 +1103,7 @@ jobs:
GH_AW_SECRET_VERIFICATION_RESULT: ${{ needs.activation.outputs.secret_verification_result }}
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โจ *[{workflow_name}]({run_url}) โ Powered by Gemini*{history_link}\",\"runStarted\":\"โจ Gemini awakens... [{workflow_name}]({run_url}) begins its journey on this {event_type}...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) **MISSION COMPLETE!** Gemini has spoken. โจ\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status}. Gemini encountered unexpected challenges...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โจ *[{workflow_name}]({run_url}) โ Powered by Gemini*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"โจ Gemini awakens... [{workflow_name}]({run_url}) begins its journey on this {event_type}...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) **MISSION COMPLETE!** Gemini has spoken. โจ\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status}. Gemini encountered unexpected challenges...\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -1123,7 +1125,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Gemini"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โจ *[{workflow_name}]({run_url}) โ Powered by Gemini*{history_link}\",\"runStarted\":\"โจ Gemini awakens... [{workflow_name}]({run_url}) begins its journey on this {event_type}...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) **MISSION COMPLETE!** Gemini has spoken. โจ\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status}. Gemini encountered unexpected challenges...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โจ *[{workflow_name}]({run_url}) โ Powered by Gemini*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"โจ Gemini awakens... [{workflow_name}]({run_url}) begins its journey on this {event_type}...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) **MISSION COMPLETE!** Gemini has spoken. โจ\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status}. Gemini encountered unexpected challenges...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1343,9 +1345,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-gemini"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "gemini"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โจ *[{workflow_name}]({run_url}) โ Powered by Gemini*{history_link}\",\"runStarted\":\"โจ Gemini awakens... [{workflow_name}]({run_url}) begins its journey on this {event_type}...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) **MISSION COMPLETE!** Gemini has spoken. โจ\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status}. Gemini encountered unexpected challenges...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e โจ *[{workflow_name}]({run_url}) โ Powered by Gemini*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"โจ Gemini awakens... [{workflow_name}]({run_url}) begins its journey on this {event_type}...\",\"runSuccess\":\"๐ [{workflow_name}]({run_url}) **MISSION COMPLETE!** Gemini has spoken. โจ\",\"runFailure\":\"โ ๏ธ [{workflow_name}]({run_url}) {status}. Gemini encountered unexpected challenges...\"}"
GH_AW_WORKFLOW_ID: "smoke-gemini"
GH_AW_WORKFLOW_NAME: "Smoke Gemini"
outputs:
diff --git a/.github/workflows/smoke-gemini.md b/.github/workflows/smoke-gemini.md
index 73cb25a2e09..b581e6e3935 100644
--- a/.github/workflows/smoke-gemini.md
+++ b/.github/workflows/smoke-gemini.md
@@ -44,7 +44,7 @@ safe-outputs:
add-labels:
allowed: [smoke-gemini]
messages:
- footer: "> โจ *[{workflow_name}]({run_url}) โ Powered by Gemini*{history_link}"
+ footer: "> โจ *[{workflow_name}]({run_url}) โ Powered by Gemini*{effective_tokens_suffix}{history_link}"
run-started: "โจ Gemini awakens... [{workflow_name}]({run_url}) begins its journey on this {event_type}..."
run-success: "๐ [{workflow_name}]({run_url}) **MISSION COMPLETE!** Gemini has spoken. โจ"
run-failure: "โ ๏ธ [{workflow_name}]({run_url}) {status}. Gemini encountered unexpected challenges..."
diff --git a/.github/workflows/smoke-multi-pr.lock.yml b/.github/workflows/smoke-multi-pr.lock.yml
index 6eb7e3e17f6..d1ba3a4e019 100644
--- a/.github/workflows/smoke-multi-pr.lock.yml
+++ b/.github/workflows/smoke-multi-pr.lock.yml
@@ -22,7 +22,7 @@
#
# Test creating multiple pull requests in a single workflow run
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"ee31e52ea131e5257cdee9983e2401eca1666057c51720c5e667f48b6a4de359","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"cdcc6dd9771a5732e02056aa956cc660846057deed0acec0fea5bca9af63c0b0","strict":true,"agent_id":"copilot"}
name: "Smoke Multi PR"
"on":
@@ -161,7 +161,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Multi PR"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Multi PR smoke test by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing multiple PR creation...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created multiple PRs.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create multiple PRs. Check the logs.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Multi PR smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing multiple PR creation...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created multiple PRs.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create multiple PRs. Check the logs.\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -184,19 +184,19 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_be4846a96bc8b875_EOF'
+ cat << 'GH_AW_PROMPT_8176b7650e805e07_EOF'
- GH_AW_PROMPT_be4846a96bc8b875_EOF
+ GH_AW_PROMPT_8176b7650e805e07_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_be4846a96bc8b875_EOF'
+ cat << 'GH_AW_PROMPT_8176b7650e805e07_EOF'
Tools: add_comment, create_pull_request(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_be4846a96bc8b875_EOF
+ GH_AW_PROMPT_8176b7650e805e07_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_be4846a96bc8b875_EOF'
+ cat << 'GH_AW_PROMPT_8176b7650e805e07_EOF'
The following GitHub context information is available for this workflow:
@@ -226,12 +226,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_be4846a96bc8b875_EOF
+ GH_AW_PROMPT_8176b7650e805e07_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_be4846a96bc8b875_EOF'
+ cat << 'GH_AW_PROMPT_8176b7650e805e07_EOF'
{{#runtime-import .github/workflows/smoke-multi-pr.md}}
- GH_AW_PROMPT_be4846a96bc8b875_EOF
+ GH_AW_PROMPT_8176b7650e805e07_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -314,6 +314,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokemultipr
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -394,12 +395,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_9649b231b2ed9535_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_6763693a64d3ddac_EOF'
{"add_comment":{"hide_older_comments":true,"max":1},"create_pull_request":{"expires":2,"if_no_changes":"warn","labels":["ai-generated"],"max":2,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"title_prefix":"[smoke-multi-pr] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_9649b231b2ed9535_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_6763693a64d3ddac_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_06ad339743b6399d_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_03c11e1da95a3122_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added.",
@@ -408,8 +409,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_06ad339743b6399d_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_59d9628b5684d792_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_03c11e1da95a3122_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_988248fdd10d37ac_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -523,7 +524,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_59d9628b5684d792_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_988248fdd10d37ac_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -593,7 +594,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_b350950a28443a86_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_21037b0628df299c_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -634,7 +635,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_b350950a28443a86_EOF
+ GH_AW_MCP_CONFIG_21037b0628df299c_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -783,6 +784,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -938,7 +940,7 @@ jobs:
GH_AW_CODE_PUSH_FAILURE_ERRORS: ${{ needs.safe_outputs.outputs.code_push_failure_errors }}
GH_AW_CODE_PUSH_FAILURE_COUNT: ${{ needs.safe_outputs.outputs.code_push_failure_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Multi PR smoke test by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing multiple PR creation...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created multiple PRs.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create multiple PRs. Check the logs.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Multi PR smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing multiple PR creation...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created multiple PRs.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create multiple PRs. Check the logs.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -960,7 +962,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Multi PR"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Multi PR smoke test by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing multiple PR creation...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created multiple PRs.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create multiple PRs. Check the logs.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Multi PR smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing multiple PR creation...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created multiple PRs.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create multiple PRs. Check the logs.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1169,9 +1171,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-multi-pr"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Multi PR smoke test by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing multiple PR creation...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created multiple PRs.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create multiple PRs. Check the logs.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Multi PR smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing multiple PR creation...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully created multiple PRs.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to create multiple PRs. Check the logs.\"}"
GH_AW_WORKFLOW_ID: "smoke-multi-pr"
GH_AW_WORKFLOW_NAME: "Smoke Multi PR"
outputs:
diff --git a/.github/workflows/smoke-multi-pr.md b/.github/workflows/smoke-multi-pr.md
index af689d422f0..a45506e908f 100644
--- a/.github/workflows/smoke-multi-pr.md
+++ b/.github/workflows/smoke-multi-pr.md
@@ -37,7 +37,7 @@ safe-outputs:
max: 1
messages:
append-only-comments: true
- footer: "> ๐งช *Multi PR smoke test by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐งช *Multi PR smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐งช [{workflow_name}]({run_url}) is now testing multiple PR creation..."
run-success: "โ
[{workflow_name}]({run_url}) successfully created multiple PRs."
run-failure: "โ [{workflow_name}]({run_url}) failed to create multiple PRs. Check the logs."
diff --git a/.github/workflows/smoke-project.lock.yml b/.github/workflows/smoke-project.lock.yml
index aec2770b4c9..085841b4d99 100644
--- a/.github/workflows/smoke-project.lock.yml
+++ b/.github/workflows/smoke-project.lock.yml
@@ -22,7 +22,7 @@
#
# Smoke Project - Test project operations
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"710ec62380b7f4046fc0e531419bf0be666859f6668744e95e249cc359b3d6c8","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"443639d657b72ea47c2885b9779aabe56a6cc53f605548f9ad685687fc5276b3","strict":true,"agent_id":"copilot"}
name: "Smoke Project"
"on":
@@ -159,7 +159,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Project"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Project smoke test report by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing project operations...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. All project operations validated.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Project smoke test report by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing project operations...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. All project operations validated.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -182,19 +182,19 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_b7ff3a7df690a1df_EOF'
+ cat << 'GH_AW_PROMPT_ba7946ed4c54c799_EOF'
- GH_AW_PROMPT_b7ff3a7df690a1df_EOF
+ GH_AW_PROMPT_ba7946ed4c54c799_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_b7ff3a7df690a1df_EOF'
+ cat << 'GH_AW_PROMPT_ba7946ed4c54c799_EOF'
Tools: add_comment(max:2), create_issue, create_pull_request, add_labels, remove_labels, update_project(max:20), create_project_status_update, missing_tool, missing_data, noop
- GH_AW_PROMPT_b7ff3a7df690a1df_EOF
+ GH_AW_PROMPT_ba7946ed4c54c799_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_b7ff3a7df690a1df_EOF'
+ cat << 'GH_AW_PROMPT_ba7946ed4c54c799_EOF'
The following GitHub context information is available for this workflow:
@@ -224,12 +224,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_b7ff3a7df690a1df_EOF
+ GH_AW_PROMPT_ba7946ed4c54c799_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_b7ff3a7df690a1df_EOF'
+ cat << 'GH_AW_PROMPT_ba7946ed4c54c799_EOF'
{{#runtime-import .github/workflows/smoke-project.md}}
- GH_AW_PROMPT_b7ff3a7df690a1df_EOF
+ GH_AW_PROMPT_ba7946ed4c54c799_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -313,6 +313,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokeproject
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -393,12 +394,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_167df37596ce6d99_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_b056215a99ad916b_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-project"]},"create_issue":{"close_older_issues":true,"expires":2,"group":true,"labels":["ai-generated","automation","testing"],"max":1},"create_project_status_update":{"github-token":"${{ secrets.GH_AW_PROJECT_GITHUB_TOKEN }}","max":1,"project":"https://github.com/orgs/github/projects/24068"},"create_pull_request":{"expires":2,"if_no_changes":"warn","labels":["ai-generated"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"title_prefix":"[smoke-project] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke-project"]},"update_project":{"github-token":"${{ secrets.GH_AW_PROJECT_GITHUB_TOKEN }}","max":20,"project":"https://github.com/orgs/github/projects/24068","views":[{"name":"Smoke Test Board","layout":"board","filter":"is:open"}]}}
- GH_AW_SAFE_OUTPUTS_CONFIG_167df37596ce6d99_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_b056215a99ad916b_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_d8727918a9411877_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_0a4fc139d2c619d0_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -412,8 +413,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_d8727918a9411877_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_cb4e24aa6679b7d0_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_0a4fc139d2c619d0_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_1f4a5d719749a120_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -680,7 +681,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_cb4e24aa6679b7d0_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_1f4a5d719749a120_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -750,7 +751,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_0c34fe26b235433f_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_5aaca792fea31195_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -791,7 +792,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_0c34fe26b235433f_EOF
+ GH_AW_MCP_CONFIG_5aaca792fea31195_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -916,6 +917,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1071,7 +1073,7 @@ jobs:
GH_AW_CODE_PUSH_FAILURE_ERRORS: ${{ needs.safe_outputs.outputs.code_push_failure_errors }}
GH_AW_CODE_PUSH_FAILURE_COUNT: ${{ needs.safe_outputs.outputs.code_push_failure_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Project smoke test report by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing project operations...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. All project operations validated.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Project smoke test report by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing project operations...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. All project operations validated.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "15"
@@ -1093,7 +1095,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Project"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Project smoke test report by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing project operations...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. All project operations validated.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Project smoke test report by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing project operations...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. All project operations validated.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1302,9 +1304,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-project"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Project smoke test report by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing project operations...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. All project operations validated.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Project smoke test report by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing project operations...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. All project operations validated.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
GH_AW_WORKFLOW_ID: "smoke-project"
GH_AW_WORKFLOW_NAME: "Smoke Project"
outputs:
diff --git a/.github/workflows/smoke-project.md b/.github/workflows/smoke-project.md
index a9918c53f06..96b27a01f3c 100644
--- a/.github/workflows/smoke-project.md
+++ b/.github/workflows/smoke-project.md
@@ -56,7 +56,7 @@ safe-outputs:
github-token: ${{ secrets.GH_AW_PROJECT_GITHUB_TOKEN }}
messages:
append-only-comments: true
- footer: "> ๐งช *Project smoke test report by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐งช *Project smoke test report by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐งช [{workflow_name}]({run_url}) is now testing project operations..."
run-success: "โ
[{workflow_name}]({run_url}) completed successfully. All project operations validated."
run-failure: "โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details."
diff --git a/.github/workflows/smoke-service-ports.lock.yml b/.github/workflows/smoke-service-ports.lock.yml
index 8fd61420cf2..f4eff729062 100644
--- a/.github/workflows/smoke-service-ports.lock.yml
+++ b/.github/workflows/smoke-service-ports.lock.yml
@@ -22,7 +22,7 @@
#
# Smoke test to validate --allow-host-service-ports with Redis service container
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"f87ff09b47856fe5762f2eb7eddf0eee24e2dd583dd1b53a14f1ed9fef367457","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"e5ce1ba22e481b76f0eb27bdfc0c0a87048dbff2c7d9b94295bd1713658bf76c","strict":true,"agent_id":"copilot"}
name: "Smoke Service Ports"
"on":
@@ -128,7 +128,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Service Ports"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Service ports validation by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Starting service ports validation... [{workflow_name}]({run_url}) is testing Redis connectivity...\",\"runSuccess\":\"โ
Service ports validation passed! [{workflow_name}]({run_url}) confirms agent can reach Redis.\",\"runFailure\":\"โ Service ports validation failed! [{workflow_name}]({run_url}) could not reach Redis: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Service ports validation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Starting service ports validation... [{workflow_name}]({run_url}) is testing Redis connectivity...\",\"runSuccess\":\"โ
Service ports validation passed! [{workflow_name}]({run_url}) confirms agent can reach Redis.\",\"runFailure\":\"โ Service ports validation failed! [{workflow_name}]({run_url}) could not reach Redis: {status}\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -151,14 +151,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_adf052b962132837_EOF'
+ cat << 'GH_AW_PROMPT_c31fae809a703351_EOF'
- GH_AW_PROMPT_adf052b962132837_EOF
+ GH_AW_PROMPT_c31fae809a703351_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_adf052b962132837_EOF'
+ cat << 'GH_AW_PROMPT_c31fae809a703351_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
@@ -190,12 +190,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_adf052b962132837_EOF
+ GH_AW_PROMPT_c31fae809a703351_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_adf052b962132837_EOF'
+ cat << 'GH_AW_PROMPT_c31fae809a703351_EOF'
{{#runtime-import .github/workflows/smoke-service-ports.md}}
- GH_AW_PROMPT_adf052b962132837_EOF
+ GH_AW_PROMPT_c31fae809a703351_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -286,6 +286,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokeserviceports
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -366,12 +367,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_540b8636a24c7a08_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_157c2d9ba58bbb86_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_540b8636a24c7a08_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_157c2d9ba58bbb86_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_66bf068d6618c38e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_c83d4be4db7ea1c1_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added."
@@ -379,8 +380,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_66bf068d6618c38e_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_736754397af27d75_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_c83d4be4db7ea1c1_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_78a41162c66dcf65_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -458,7 +459,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_736754397af27d75_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_78a41162c66dcf65_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -528,7 +529,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_dd21a14b63d12243_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_4d3271670f04abd8_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -569,7 +570,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_dd21a14b63d12243_EOF
+ GH_AW_MCP_CONFIG_4d3271670f04abd8_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -693,6 +694,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -846,7 +848,7 @@ jobs:
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_INFERENCE_ACCESS_ERROR: ${{ needs.agent.outputs.inference_access_error }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Service ports validation by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Starting service ports validation... [{workflow_name}]({run_url}) is testing Redis connectivity...\",\"runSuccess\":\"โ
Service ports validation passed! [{workflow_name}]({run_url}) confirms agent can reach Redis.\",\"runFailure\":\"โ Service ports validation failed! [{workflow_name}]({run_url}) could not reach Redis: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Service ports validation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Starting service ports validation... [{workflow_name}]({run_url}) is testing Redis connectivity...\",\"runSuccess\":\"โ
Service ports validation passed! [{workflow_name}]({run_url}) confirms agent can reach Redis.\",\"runFailure\":\"โ Service ports validation failed! [{workflow_name}]({run_url}) could not reach Redis: {status}\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "5"
@@ -868,7 +870,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Service Ports"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Service ports validation by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Starting service ports validation... [{workflow_name}]({run_url}) is testing Redis connectivity...\",\"runSuccess\":\"โ
Service ports validation passed! [{workflow_name}]({run_url}) confirms agent can reach Redis.\",\"runFailure\":\"โ Service ports validation failed! [{workflow_name}]({run_url}) could not reach Redis: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Service ports validation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Starting service ports validation... [{workflow_name}]({run_url}) is testing Redis connectivity...\",\"runSuccess\":\"โ
Service ports validation passed! [{workflow_name}]({run_url}) confirms agent can reach Redis.\",\"runFailure\":\"โ Service ports validation failed! [{workflow_name}]({run_url}) could not reach Redis: {status}\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1073,9 +1075,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-service-ports"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Service ports validation by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Starting service ports validation... [{workflow_name}]({run_url}) is testing Redis connectivity...\",\"runSuccess\":\"โ
Service ports validation passed! [{workflow_name}]({run_url}) confirms agent can reach Redis.\",\"runFailure\":\"โ Service ports validation failed! [{workflow_name}]({run_url}) could not reach Redis: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Service ports validation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Starting service ports validation... [{workflow_name}]({run_url}) is testing Redis connectivity...\",\"runSuccess\":\"โ
Service ports validation passed! [{workflow_name}]({run_url}) confirms agent can reach Redis.\",\"runFailure\":\"โ Service ports validation failed! [{workflow_name}]({run_url}) could not reach Redis: {status}\"}"
GH_AW_WORKFLOW_ID: "smoke-service-ports"
GH_AW_WORKFLOW_NAME: "Smoke Service Ports"
outputs:
diff --git a/.github/workflows/smoke-service-ports.md b/.github/workflows/smoke-service-ports.md
index b0e303b9170..f5b6d2661d7 100644
--- a/.github/workflows/smoke-service-ports.md
+++ b/.github/workflows/smoke-service-ports.md
@@ -34,7 +34,7 @@ safe-outputs:
hide-older-comments: true
max: 2
messages:
- footer: "> ๐ *Service ports validation by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ *Service ports validation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ Starting service ports validation... [{workflow_name}]({run_url}) is testing Redis connectivity..."
run-success: "โ
Service ports validation passed! [{workflow_name}]({run_url}) confirms agent can reach Redis."
run-failure: "โ Service ports validation failed! [{workflow_name}]({run_url}) could not reach Redis: {status}"
diff --git a/.github/workflows/smoke-temporary-id.lock.yml b/.github/workflows/smoke-temporary-id.lock.yml
index 5e6f48c1c01..ca2454873a5 100644
--- a/.github/workflows/smoke-temporary-id.lock.yml
+++ b/.github/workflows/smoke-temporary-id.lock.yml
@@ -22,7 +22,7 @@
#
# Test temporary ID functionality for issue chaining and cross-references
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"12576301d22af2259a94778128a412fb13a9fa458278f35ffd57e10d58921542","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"84179275d507c26a64c5e981337aac259c6dbb023b319c514ba82942a26e254f","strict":true,"agent_id":"copilot"}
name: "Smoke Temporary ID"
"on":
@@ -159,7 +159,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Temporary ID"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Temporary ID smoke test by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing temporary ID functionality...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. Temporary ID validation passed.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Temporary ID smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing temporary ID functionality...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. Temporary ID validation passed.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -182,14 +182,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_6546813cf4b11e20_EOF'
+ cat << 'GH_AW_PROMPT_c31eac1d4f2c45d0_EOF'
- GH_AW_PROMPT_6546813cf4b11e20_EOF
+ GH_AW_PROMPT_c31eac1d4f2c45d0_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_6546813cf4b11e20_EOF'
+ cat << 'GH_AW_PROMPT_c31eac1d4f2c45d0_EOF'
Tools: add_comment(max:2), create_issue(max:5), link_sub_issue(max:3), missing_tool, missing_data, noop
@@ -221,12 +221,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_6546813cf4b11e20_EOF
+ GH_AW_PROMPT_c31eac1d4f2c45d0_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_6546813cf4b11e20_EOF'
+ cat << 'GH_AW_PROMPT_c31eac1d4f2c45d0_EOF'
{{#runtime-import .github/workflows/smoke-temporary-id.md}}
- GH_AW_PROMPT_6546813cf4b11e20_EOF
+ GH_AW_PROMPT_c31eac1d4f2c45d0_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -309,6 +309,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smoketemporaryid
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -389,12 +390,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_28bba4477e641e52_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_4118261bca13ba4c_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_issue":{"close_older_issues":true,"expires":2,"group":true,"labels":["ai-generated","automation","testing"],"max":5,"title_prefix":"[smoke-temporary-id] "},"link_sub_issue":{"max":3},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_28bba4477e641e52_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_4118261bca13ba4c_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_6087c335d14f0974_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_db1719c4e92a5f12_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -404,8 +405,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_6087c335d14f0974_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_754ca21370a1789f_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_db1719c4e92a5f12_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_ad306700fa700567_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -534,7 +535,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_754ca21370a1789f_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_ad306700fa700567_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -604,7 +605,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_a0d87759e36f4366_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_e916af4ce11580a1_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -645,7 +646,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_a0d87759e36f4366_EOF
+ GH_AW_MCP_CONFIG_e916af4ce11580a1_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -769,6 +770,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -922,7 +924,7 @@ jobs:
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_INFERENCE_ACCESS_ERROR: ${{ needs.agent.outputs.inference_access_error }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Temporary ID smoke test by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing temporary ID functionality...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. Temporary ID validation passed.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Temporary ID smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing temporary ID functionality...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. Temporary ID validation passed.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -944,7 +946,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Temporary ID"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Temporary ID smoke test by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing temporary ID functionality...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. Temporary ID validation passed.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Temporary ID smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing temporary ID functionality...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. Temporary ID validation passed.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1152,9 +1154,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-temporary-id"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Temporary ID smoke test by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing temporary ID functionality...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. Temporary ID validation passed.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐งช *Temporary ID smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐งช [{workflow_name}]({run_url}) is now testing temporary ID functionality...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) completed successfully. Temporary ID validation passed.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details.\"}"
GH_AW_WORKFLOW_ID: "smoke-temporary-id"
GH_AW_WORKFLOW_NAME: "Smoke Temporary ID"
outputs:
diff --git a/.github/workflows/smoke-temporary-id.md b/.github/workflows/smoke-temporary-id.md
index 35986171afd..3eff5ec8514 100644
--- a/.github/workflows/smoke-temporary-id.md
+++ b/.github/workflows/smoke-temporary-id.md
@@ -35,7 +35,7 @@ safe-outputs:
hide-older-comments: true
messages:
append-only-comments: true
- footer: "> ๐งช *Temporary ID smoke test by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐งช *Temporary ID smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐งช [{workflow_name}]({run_url}) is now testing temporary ID functionality..."
run-success: "โ
[{workflow_name}]({run_url}) completed successfully. Temporary ID validation passed."
run-failure: "โ [{workflow_name}]({run_url}) encountered failures. Check the logs for details."
diff --git a/.github/workflows/smoke-test-tools.lock.yml b/.github/workflows/smoke-test-tools.lock.yml
index 712d7d11a10..d8b8c2f6580 100644
--- a/.github/workflows/smoke-test-tools.lock.yml
+++ b/.github/workflows/smoke-test-tools.lock.yml
@@ -22,7 +22,7 @@
#
# Smoke test to validate common development tools are available in the agent container
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"5f0e65a120ba50edaf8801625d4f570c66f3428d29b3a6a82a32610833d8d1a5","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"23b133eb5633ac9b7e7e9dedf421b69f17a4fbf9a1d7c94bf8ae2792eb522029","strict":true,"agent_id":"copilot"}
name: "Agent Container Smoke Test"
"on":
@@ -148,7 +148,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Agent Container Smoke Test"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ง *Tool validation by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ง Starting tool validation... [{workflow_name}]({run_url}) is checking the agent container tools...\",\"runSuccess\":\"โ
All tools validated successfully! [{workflow_name}]({run_url}) confirms agent container is ready.\",\"runFailure\":\"โ Tool validation failed! [{workflow_name}]({run_url}) detected missing tools: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ง *Tool validation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ง Starting tool validation... [{workflow_name}]({run_url}) is checking the agent container tools...\",\"runSuccess\":\"โ
All tools validated successfully! [{workflow_name}]({run_url}) confirms agent container is ready.\",\"runFailure\":\"โ Tool validation failed! [{workflow_name}]({run_url}) detected missing tools: {status}\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -171,14 +171,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_cc3bdec6e67bf3c9_EOF'
+ cat << 'GH_AW_PROMPT_72c3c12f0815b592_EOF'
- GH_AW_PROMPT_cc3bdec6e67bf3c9_EOF
+ GH_AW_PROMPT_72c3c12f0815b592_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_cc3bdec6e67bf3c9_EOF'
+ cat << 'GH_AW_PROMPT_72c3c12f0815b592_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
@@ -210,12 +210,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_cc3bdec6e67bf3c9_EOF
+ GH_AW_PROMPT_72c3c12f0815b592_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_cc3bdec6e67bf3c9_EOF'
+ cat << 'GH_AW_PROMPT_72c3c12f0815b592_EOF'
{{#runtime-import .github/workflows/smoke-test-tools.md}}
- GH_AW_PROMPT_cc3bdec6e67bf3c9_EOF
+ GH_AW_PROMPT_72c3c12f0815b592_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -298,6 +298,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smoketesttools
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -403,12 +404,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_29b4f05443d5f012_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_e1e538f92ff8eb3a_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_29b4f05443d5f012_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_e1e538f92ff8eb3a_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_6115fc9c92373cdb_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_b5dd125b152082c0_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added."
@@ -416,8 +417,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_6115fc9c92373cdb_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_95bc5ee898a54eb5_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_b5dd125b152082c0_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_350b5f58e8863755_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -495,7 +496,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_95bc5ee898a54eb5_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_350b5f58e8863755_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -565,7 +566,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_59c532c52f7e5b31_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_4afe8cef8efb619c_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -606,7 +607,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_59c532c52f7e5b31_EOF
+ GH_AW_MCP_CONFIG_4afe8cef8efb619c_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -730,6 +731,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -883,7 +885,7 @@ jobs:
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_INFERENCE_ACCESS_ERROR: ${{ needs.agent.outputs.inference_access_error }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ง *Tool validation by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ง Starting tool validation... [{workflow_name}]({run_url}) is checking the agent container tools...\",\"runSuccess\":\"โ
All tools validated successfully! [{workflow_name}]({run_url}) confirms agent container is ready.\",\"runFailure\":\"โ Tool validation failed! [{workflow_name}]({run_url}) detected missing tools: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ง *Tool validation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ง Starting tool validation... [{workflow_name}]({run_url}) is checking the agent container tools...\",\"runSuccess\":\"โ
All tools validated successfully! [{workflow_name}]({run_url}) confirms agent container is ready.\",\"runFailure\":\"โ Tool validation failed! [{workflow_name}]({run_url}) detected missing tools: {status}\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "5"
@@ -905,7 +907,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Agent Container Smoke Test"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ง *Tool validation by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ง Starting tool validation... [{workflow_name}]({run_url}) is checking the agent container tools...\",\"runSuccess\":\"โ
All tools validated successfully! [{workflow_name}]({run_url}) confirms agent container is ready.\",\"runFailure\":\"โ Tool validation failed! [{workflow_name}]({run_url}) detected missing tools: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ง *Tool validation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ง Starting tool validation... [{workflow_name}]({run_url}) is checking the agent container tools...\",\"runSuccess\":\"โ
All tools validated successfully! [{workflow_name}]({run_url}) confirms agent container is ready.\",\"runFailure\":\"โ Tool validation failed! [{workflow_name}]({run_url}) detected missing tools: {status}\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1113,9 +1115,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-test-tools"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ง *Tool validation by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ง Starting tool validation... [{workflow_name}]({run_url}) is checking the agent container tools...\",\"runSuccess\":\"โ
All tools validated successfully! [{workflow_name}]({run_url}) confirms agent container is ready.\",\"runFailure\":\"โ Tool validation failed! [{workflow_name}]({run_url}) detected missing tools: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ง *Tool validation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ง Starting tool validation... [{workflow_name}]({run_url}) is checking the agent container tools...\",\"runSuccess\":\"โ
All tools validated successfully! [{workflow_name}]({run_url}) confirms agent container is ready.\",\"runFailure\":\"โ Tool validation failed! [{workflow_name}]({run_url}) detected missing tools: {status}\"}"
GH_AW_WORKFLOW_ID: "smoke-test-tools"
GH_AW_WORKFLOW_NAME: "Agent Container Smoke Test"
outputs:
diff --git a/.github/workflows/smoke-test-tools.md b/.github/workflows/smoke-test-tools.md
index 5c72f9614f4..0c0e1eb0d9d 100644
--- a/.github/workflows/smoke-test-tools.md
+++ b/.github/workflows/smoke-test-tools.md
@@ -39,7 +39,7 @@ safe-outputs:
hide-older-comments: true
max: 2
messages:
- footer: "> ๐ง *Tool validation by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ง *Tool validation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ง Starting tool validation... [{workflow_name}]({run_url}) is checking the agent container tools..."
run-success: "โ
All tools validated successfully! [{workflow_name}]({run_url}) confirms agent container is ready."
run-failure: "โ Tool validation failed! [{workflow_name}]({run_url}) detected missing tools: {status}"
diff --git a/.github/workflows/smoke-update-cross-repo-pr.lock.yml b/.github/workflows/smoke-update-cross-repo-pr.lock.yml
index e9579a07466..e6e21408426 100644
--- a/.github/workflows/smoke-update-cross-repo-pr.lock.yml
+++ b/.github/workflows/smoke-update-cross-repo-pr.lock.yml
@@ -22,7 +22,7 @@
#
# Smoke test validating cross-repo pull request updates in githubnext/gh-aw-side-repo by adding lines from Homer's Odyssey to the README
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"1b83093f25431da3943130e4dc7707a88b79a2f8454e38a5773f5f5031b6b1d2","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"c4cc360fde9ba13fd2b610711fbb6c68dfd7f9a090849a11f1adb25e099cea6f","strict":true,"agent_id":"copilot"}
name: "Smoke Update Cross-Repo PR"
"on":
@@ -142,7 +142,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Smoke Update Cross-Repo PR"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Cross-repo PR update smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is adding the next Odyssey line to githubnext/gh-aw-side-repo PR #1...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully updated the cross-repo PR with a new Odyssey line!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to update the cross-repo PR: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Cross-repo PR update smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is adding the next Odyssey line to githubnext/gh-aw-side-repo PR #1...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully updated the cross-repo PR with a new Odyssey line!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to update the cross-repo PR: {status}\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -166,20 +166,20 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_4d1e5c370f81bbf8_EOF'
+ cat << 'GH_AW_PROMPT_6b3177d37c27b8e8_EOF'
- GH_AW_PROMPT_4d1e5c370f81bbf8_EOF
+ GH_AW_PROMPT_6b3177d37c27b8e8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_4d1e5c370f81bbf8_EOF'
+ cat << 'GH_AW_PROMPT_6b3177d37c27b8e8_EOF'
Tools: add_comment(max:2), create_issue, push_to_pull_request_branch, missing_tool, missing_data, noop
- GH_AW_PROMPT_4d1e5c370f81bbf8_EOF
+ GH_AW_PROMPT_6b3177d37c27b8e8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_push_to_pr_branch.md"
- cat << 'GH_AW_PROMPT_4d1e5c370f81bbf8_EOF'
+ cat << 'GH_AW_PROMPT_6b3177d37c27b8e8_EOF'
The following GitHub context information is available for this workflow:
@@ -212,12 +212,12 @@ jobs:
- **Note**: If a branch you need is not in the list above and is not listed as an additional fetched ref, it has NOT been checked out. For private repositories you cannot fetch it without proper authentication. If the branch is required and not available, exit with an error and ask the user to add it to the `fetch:` option of the `checkout:` configuration (e.g., `fetch: ["refs/pulls/open/*"]` for all open PR refs, or `fetch: ["main", "feature/my-branch"]` for specific branches).
- GH_AW_PROMPT_4d1e5c370f81bbf8_EOF
+ GH_AW_PROMPT_6b3177d37c27b8e8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_4d1e5c370f81bbf8_EOF'
+ cat << 'GH_AW_PROMPT_6b3177d37c27b8e8_EOF'
{{#runtime-import .github/workflows/smoke-update-cross-repo-pr.md}}
- GH_AW_PROMPT_4d1e5c370f81bbf8_EOF
+ GH_AW_PROMPT_6b3177d37c27b8e8_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -312,6 +312,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: smokeupdatecrossrepopr
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -420,12 +421,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_640a5478a4ba4777_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_97426e2a05d9f178_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_issue":{"close_older_issues":true,"expires":2,"labels":["automation","testing"],"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_to_pull_request_branch":{"github-token":"${{ secrets.GH_AW_SIDE_REPO_PAT }}","if_no_changes":"error","max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"target":"1","target-repo":"githubnext/gh-aw-side-repo"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_640a5478a4ba4777_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_97426e2a05d9f178_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_96f5eed25c267939_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_64866647fd258585_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -434,8 +435,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_96f5eed25c267939_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_fb8cecd100343f9c_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_64866647fd258585_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_17147ab8c7b67ec1_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -566,7 +567,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_fb8cecd100343f9c_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_17147ab8c7b67ec1_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -636,7 +637,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_af6ed27774c9fd16_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_814ac3400c1a07dd_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -677,7 +678,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_af6ed27774c9fd16_EOF
+ GH_AW_MCP_CONFIG_814ac3400c1a07dd_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -802,6 +803,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -977,7 +979,7 @@ jobs:
GH_AW_CODE_PUSH_FAILURE_ERRORS: ${{ needs.safe_outputs.outputs.code_push_failure_errors }}
GH_AW_CODE_PUSH_FAILURE_COUNT: ${{ needs.safe_outputs.outputs.code_push_failure_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Cross-repo PR update smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is adding the next Odyssey line to githubnext/gh-aw-side-repo PR #1...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully updated the cross-repo PR with a new Odyssey line!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to update the cross-repo PR: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Cross-repo PR update smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is adding the next Odyssey line to githubnext/gh-aw-side-repo PR #1...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully updated the cross-repo PR with a new Odyssey line!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to update the cross-repo PR: {status}\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -999,7 +1001,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Smoke Update Cross-Repo PR"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Cross-repo PR update smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is adding the next Odyssey line to githubnext/gh-aw-side-repo PR #1...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully updated the cross-repo PR with a new Odyssey line!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to update the cross-repo PR: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Cross-repo PR update smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is adding the next Odyssey line to githubnext/gh-aw-side-repo PR #1...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully updated the cross-repo PR with a new Odyssey line!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to update the cross-repo PR: {status}\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1210,9 +1212,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-update-cross-repo-pr"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Cross-repo PR update smoke test by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is adding the next Odyssey line to githubnext/gh-aw-side-repo PR #1...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully updated the cross-repo PR with a new Odyssey line!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to update the cross-repo PR: {status}\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Cross-repo PR update smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ [{workflow_name}]({run_url}) is adding the next Odyssey line to githubnext/gh-aw-side-repo PR #1...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully updated the cross-repo PR with a new Odyssey line!\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to update the cross-repo PR: {status}\"}"
GH_AW_WORKFLOW_ID: "smoke-update-cross-repo-pr"
GH_AW_WORKFLOW_NAME: "Smoke Update Cross-Repo PR"
outputs:
diff --git a/.github/workflows/smoke-update-cross-repo-pr.md b/.github/workflows/smoke-update-cross-repo-pr.md
index 85c6dd34a7b..62e4f0c37ec 100644
--- a/.github/workflows/smoke-update-cross-repo-pr.md
+++ b/.github/workflows/smoke-update-cross-repo-pr.md
@@ -50,7 +50,7 @@ safe-outputs:
if-no-changes: "error"
target: "1" # PR #1
messages:
- footer: "> ๐ *Cross-repo PR update smoke test by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ *Cross-repo PR update smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ [{workflow_name}]({run_url}) is adding the next Odyssey line to githubnext/gh-aw-side-repo PR #1..."
run-success: "โ
[{workflow_name}]({run_url}) successfully updated the cross-repo PR with a new Odyssey line!"
run-failure: "โ [{workflow_name}]({run_url}) failed to update the cross-repo PR: {status}"
diff --git a/.github/workflows/smoke-workflow-call-with-inputs.lock.yml b/.github/workflows/smoke-workflow-call-with-inputs.lock.yml
index bd38b5d7c0b..8797eceed84 100644
--- a/.github/workflows/smoke-workflow-call-with-inputs.lock.yml
+++ b/.github/workflows/smoke-workflow-call-with-inputs.lock.yml
@@ -313,6 +313,7 @@ jobs:
outputs:
artifact_prefix: ${{ needs.activation.outputs.artifact_prefix }}
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -751,6 +752,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1108,6 +1110,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-workflow-call-with-inputs"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "smoke-workflow-call-with-inputs"
diff --git a/.github/workflows/smoke-workflow-call.lock.yml b/.github/workflows/smoke-workflow-call.lock.yml
index 9a8a13ca4b8..b0424bf9ffa 100644
--- a/.github/workflows/smoke-workflow-call.lock.yml
+++ b/.github/workflows/smoke-workflow-call.lock.yml
@@ -22,7 +22,7 @@
#
# Reusable workflow to validate checkout from fork works correctly in workflow_call context
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"ec8e06e54f77696dc841d99cf0dbe8391ab81ac495ec1ebb806afab7287c77f1","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"a902b60754d3446607c3e3ee3fc802126f4ae96b4c7a3aa9f579b0c4c30d3fad","strict":true,"agent_id":"copilot"}
name: "Smoke Workflow Call"
"on":
@@ -182,14 +182,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_a8f355f18a2517e3_EOF'
+ cat << 'GH_AW_PROMPT_022421748a24fe95_EOF'
- GH_AW_PROMPT_a8f355f18a2517e3_EOF
+ GH_AW_PROMPT_022421748a24fe95_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_a8f355f18a2517e3_EOF'
+ cat << 'GH_AW_PROMPT_022421748a24fe95_EOF'
Tools: add_comment, missing_tool, missing_data, noop
@@ -221,12 +221,12 @@ jobs:
{{/if}}
- GH_AW_PROMPT_a8f355f18a2517e3_EOF
+ GH_AW_PROMPT_022421748a24fe95_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_a8f355f18a2517e3_EOF'
+ cat << 'GH_AW_PROMPT_022421748a24fe95_EOF'
{{#runtime-import .github/workflows/smoke-workflow-call.md}}
- GH_AW_PROMPT_a8f355f18a2517e3_EOF
+ GH_AW_PROMPT_022421748a24fe95_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -312,6 +312,7 @@ jobs:
outputs:
artifact_prefix: ${{ needs.activation.outputs.artifact_prefix }}
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -392,12 +393,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_49f77f29289d3cd9_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_468d4a655161a1c7_EOF'
{"add_comment":{"hide_older_comments":true,"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_49f77f29289d3cd9_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_468d4a655161a1c7_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_362a5c33f46ccaa8_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_7d8a2d5c6f7dc9fb_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added."
@@ -405,8 +406,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_362a5c33f46ccaa8_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_58e1261ba921081e_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_7d8a2d5c6f7dc9fb_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_c1b5cc799399fe5a_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -484,7 +485,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_58e1261ba921081e_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_c1b5cc799399fe5a_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -554,7 +555,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_0a5386529d75a861_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_93322c1ed722b990_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -595,7 +596,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_0a5386529d75a861_EOF
+ GH_AW_MCP_CONFIG_93322c1ed722b990_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -739,6 +740,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -892,7 +894,7 @@ jobs:
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_INFERENCE_ACCESS_ERROR: ${{ needs.agent.outputs.inference_access_error }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *workflow_call smoke test by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ [{workflow_name}]({run_url}) is validating workflow_call checkout...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully validated workflow_call checkout.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to validate workflow_call checkout. Check the logs.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *workflow_call smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ [{workflow_name}]({run_url}) is validating workflow_call checkout...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully validated workflow_call checkout.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to validate workflow_call checkout. Check the logs.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "10"
@@ -1101,9 +1103,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/smoke-workflow-call"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *workflow_call smoke test by [{workflow_name}]({run_url})*{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ [{workflow_name}]({run_url}) is validating workflow_call checkout...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully validated workflow_call checkout.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to validate workflow_call checkout. Check the logs.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *workflow_call smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"appendOnlyComments\":true,\"runStarted\":\"๐ [{workflow_name}]({run_url}) is validating workflow_call checkout...\",\"runSuccess\":\"โ
[{workflow_name}]({run_url}) successfully validated workflow_call checkout.\",\"runFailure\":\"โ [{workflow_name}]({run_url}) failed to validate workflow_call checkout. Check the logs.\"}"
GH_AW_WORKFLOW_ID: "smoke-workflow-call"
GH_AW_WORKFLOW_NAME: "Smoke Workflow Call"
outputs:
diff --git a/.github/workflows/smoke-workflow-call.md b/.github/workflows/smoke-workflow-call.md
index 0d0029b44a4..5daa77cb4e3 100644
--- a/.github/workflows/smoke-workflow-call.md
+++ b/.github/workflows/smoke-workflow-call.md
@@ -41,7 +41,7 @@ safe-outputs:
max: 1
messages:
append-only-comments: true
- footer: "> ๐ *workflow_call smoke test by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ *workflow_call smoke test by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ [{workflow_name}]({run_url}) is validating workflow_call checkout..."
run-success: "โ
[{workflow_name}]({run_url}) successfully validated workflow_call checkout."
run-failure: "โ [{workflow_name}]({run_url}) failed to validate workflow_call checkout. Check the logs."
diff --git a/.github/workflows/stale-repo-identifier.lock.yml b/.github/workflows/stale-repo-identifier.lock.yml
index 998fa9af7c0..f6e637133a9 100644
--- a/.github/workflows/stale-repo-identifier.lock.yml
+++ b/.github/workflows/stale-repo-identifier.lock.yml
@@ -30,7 +30,7 @@
# - shared/reporting.md
# - shared/trending-charts-simple.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"9119cb20b4b2e96e61078e9422f421df63ac1a57b2ba3e0dfcc4a7b1aa352504","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"ad4ae7cfa286504852c789e807486605e3da246a6f31154bb025398ff47c8262","strict":true,"agent_id":"copilot"}
name: "Stale Repository Identifier"
"on":
@@ -149,15 +149,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_e37d6fc414f44ea9_EOF'
+ cat << 'GH_AW_PROMPT_be259b00779d7244_EOF'
- GH_AW_PROMPT_e37d6fc414f44ea9_EOF
+ GH_AW_PROMPT_be259b00779d7244_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_e37d6fc414f44ea9_EOF'
+ cat << 'GH_AW_PROMPT_be259b00779d7244_EOF'
Tools: create_issue(max:10), upload_asset, missing_tool, missing_data, noop
@@ -191,9 +191,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_e37d6fc414f44ea9_EOF
+ GH_AW_PROMPT_be259b00779d7244_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_e37d6fc414f44ea9_EOF'
+ cat << 'GH_AW_PROMPT_be259b00779d7244_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
{{#runtime-import .github/workflows/shared/python-dataviz.md}}
@@ -201,7 +201,7 @@ jobs:
{{#runtime-import .github/workflows/shared/trending-charts-simple.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/stale-repo-identifier.md}}
- GH_AW_PROMPT_e37d6fc414f44ea9_EOF
+ GH_AW_PROMPT_be259b00779d7244_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -296,6 +296,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: stalerepoidentifier
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -466,12 +467,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_14a12b087a962f77_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_92764b1d01a6befe_EOF'
{"create_issue":{"expires":48,"group":true,"labels":["stale-repository","automated-analysis","cookie"],"max":10,"title_prefix":"[Stale Repository] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_14a12b087a962f77_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_92764b1d01a6befe_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_ad707a084bc3210e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_cc2e01d80ecf1001_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 10 issue(s) can be created. Title will be prefixed with \"[Stale Repository] \". Labels [\"stale-repository\" \"automated-analysis\" \"cookie\"] will be automatically added.",
@@ -480,8 +481,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_ad707a084bc3210e_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_3f7379ab2f051041_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_cc2e01d80ecf1001_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_9aeb01a057a49082_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -583,7 +584,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_3f7379ab2f051041_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_9aeb01a057a49082_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -654,7 +655,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_e0ca5436445e55af_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_907a1f67810a7780_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -698,7 +699,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_e0ca5436445e55af_EOF
+ GH_AW_MCP_CONFIG_907a1f67810a7780_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -825,6 +826,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1000,7 +1002,7 @@ jobs:
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_INFERENCE_ACCESS_ERROR: ${{ needs.agent.outputs.inference_access_error }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Analysis by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Stale Repository Identifier starting! [{workflow_name}]({run_url}) is analyzing repository activity...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has finished analyzing stale repositories.\",\"runFailure\":\"โ ๏ธ Analysis interrupted! [{workflow_name}]({run_url}) {status}.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Analysis by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Stale Repository Identifier starting! [{workflow_name}]({run_url}) is analyzing repository activity...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has finished analyzing stale repositories.\",\"runFailure\":\"โ ๏ธ Analysis interrupted! [{workflow_name}]({run_url}) {status}.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "45"
@@ -1174,9 +1176,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/stale-repo-identifier"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Analysis by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Stale Repository Identifier starting! [{workflow_name}]({run_url}) is analyzing repository activity...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has finished analyzing stale repositories.\",\"runFailure\":\"โ ๏ธ Analysis interrupted! [{workflow_name}]({run_url}) {status}.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Analysis by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Stale Repository Identifier starting! [{workflow_name}]({run_url}) is analyzing repository activity...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has finished analyzing stale repositories.\",\"runFailure\":\"โ ๏ธ Analysis interrupted! [{workflow_name}]({run_url}) {status}.\"}"
GH_AW_WORKFLOW_ID: "stale-repo-identifier"
GH_AW_WORKFLOW_NAME: "Stale Repository Identifier"
outputs:
@@ -1369,7 +1372,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Stale Repository Identifier"
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Analysis by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ Stale Repository Identifier starting! [{workflow_name}]({run_url}) is analyzing repository activity...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has finished analyzing stale repositories.\",\"runFailure\":\"โ ๏ธ Analysis interrupted! [{workflow_name}]({run_url}) {status}.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Analysis by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ Stale Repository Identifier starting! [{workflow_name}]({run_url}) is analyzing repository activity...\",\"runSuccess\":\"โ
Analysis complete! [{workflow_name}]({run_url}) has finished analyzing stale repositories.\",\"runFailure\":\"โ ๏ธ Analysis interrupted! [{workflow_name}]({run_url}) {status}.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/stale-repo-identifier.md b/.github/workflows/stale-repo-identifier.md
index 4e71465c3bd..170cc65692c 100644
--- a/.github/workflows/stale-repo-identifier.md
+++ b/.github/workflows/stale-repo-identifier.md
@@ -45,7 +45,7 @@ safe-outputs:
group: true
upload-asset:
messages:
- footer: "> ๐ *Analysis by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ *Analysis by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ Stale Repository Identifier starting! [{workflow_name}]({run_url}) is analyzing repository activity..."
run-success: "โ
Analysis complete! [{workflow_name}]({run_url}) has finished analyzing stale repositories."
run-failure: "โ ๏ธ Analysis interrupted! [{workflow_name}]({run_url}) {status}."
diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml
index 2a844fdc2e5..8cd8aa8ad0a 100644
--- a/.github/workflows/static-analysis-report.lock.yml
+++ b/.github/workflows/static-analysis-report.lock.yml
@@ -275,6 +275,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: staticanalysisreport
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -850,6 +851,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1204,6 +1206,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/static-analysis-report"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "static-analysis-report"
diff --git a/.github/workflows/step-name-alignment.lock.yml b/.github/workflows/step-name-alignment.lock.yml
index dfd86913b7f..3ad563fca8e 100644
--- a/.github/workflows/step-name-alignment.lock.yml
+++ b/.github/workflows/step-name-alignment.lock.yml
@@ -267,6 +267,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: stepnamealignment
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -785,6 +786,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1135,6 +1137,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/step-name-alignment"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "step-name-alignment"
diff --git a/.github/workflows/sub-issue-closer.lock.yml b/.github/workflows/sub-issue-closer.lock.yml
index 7d566af08f3..5636e4cb1af 100644
--- a/.github/workflows/sub-issue-closer.lock.yml
+++ b/.github/workflows/sub-issue-closer.lock.yml
@@ -260,6 +260,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: subissuecloser
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -722,6 +723,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1050,6 +1052,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/sub-issue-closer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "sub-issue-closer"
diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml
index ab05d37e5e8..d9783bd09f0 100644
--- a/.github/workflows/super-linter.lock.yml
+++ b/.github/workflows/super-linter.lock.yml
@@ -282,6 +282,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: superlinter
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -725,6 +726,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1062,6 +1064,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/super-linter"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "super-linter"
diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml
index 06b517647e1..f3bd3503c34 100644
--- a/.github/workflows/technical-doc-writer.lock.yml
+++ b/.github/workflows/technical-doc-writer.lock.yml
@@ -28,7 +28,7 @@
# - ../skills/documentation/SKILL.md
# - shared/qmd.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"b34da9436d339882200efe7fdeb011781db57b32e4f262420101b111bdfdbfe4","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"b2ea8cbbc75a281cd79dadc62deb30ff4056e8690d90b7c52765c3e8be533f39","strict":true,"agent_id":"copilot"}
name: "Rebuild the documentation after making changes"
"on":
@@ -141,9 +141,9 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_12451cec570e87f7_EOF'
+ cat << 'GH_AW_PROMPT_f2556756bd7ae828_EOF'
- GH_AW_PROMPT_12451cec570e87f7_EOF
+ GH_AW_PROMPT_f2556756bd7ae828_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -151,12 +151,12 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_12451cec570e87f7_EOF'
+ cat << 'GH_AW_PROMPT_f2556756bd7ae828_EOF'
Tools: add_comment, create_pull_request, upload_asset, missing_tool, missing_data, noop
- GH_AW_PROMPT_12451cec570e87f7_EOF
+ GH_AW_PROMPT_f2556756bd7ae828_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_12451cec570e87f7_EOF'
+ cat << 'GH_AW_PROMPT_f2556756bd7ae828_EOF'
upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
@@ -188,9 +188,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_12451cec570e87f7_EOF
+ GH_AW_PROMPT_f2556756bd7ae828_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_12451cec570e87f7_EOF'
+ cat << 'GH_AW_PROMPT_f2556756bd7ae828_EOF'
Use the `search` tool to find relevant documentation and content with a natural language request โ it queries a local vector database built from the configured collections.
@@ -211,7 +211,7 @@ jobs:
{{#runtime-import .github/skills/documentation/SKILL.md}}
{{#runtime-import .github/agents/technical-doc-writer.agent.md}}
{{#runtime-import .github/workflows/technical-doc-writer.md}}
- GH_AW_PROMPT_12451cec570e87f7_EOF
+ GH_AW_PROMPT_f2556756bd7ae828_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -316,6 +316,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: technicaldocwriter
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -458,12 +459,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_bc26093b93d7778c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_30070f1da1b2ccee_EOF'
{"add_comment":{"max":1},"create_pull_request":{"draft":false,"expires":48,"labels":["documentation"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"reviewers":["copilot"],"title_prefix":"[docs] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":10240,"max_patch_size":10240}]},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_bc26093b93d7778c_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_30070f1da1b2ccee_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_c1b4e76b275c9cb0_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_a46cb6b0a8478ed7_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added.",
@@ -473,8 +474,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_c1b4e76b275c9cb0_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_5e4d988570a1fb0f_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_a46cb6b0a8478ed7_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_067289aaddfad46a_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -597,7 +598,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_5e4d988570a1fb0f_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_067289aaddfad46a_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -704,7 +705,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_c61c89e07d6acef4_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_b1b9da9c012c0a77_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -756,7 +757,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_c61c89e07d6acef4_EOF
+ GH_AW_MCP_CONFIG_b1b9da9c012c0a77_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -883,6 +884,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1071,7 +1073,7 @@ jobs:
GH_AW_CODE_PUSH_FAILURE_ERRORS: ${{ needs.safe_outputs.outputs.code_push_failure_errors }}
GH_AW_CODE_PUSH_FAILURE_COUNT: ${{ needs.safe_outputs.outputs.code_push_failure_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Documentation by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"โ๏ธ The Technical Writer begins! [{workflow_name}]({run_url}) is documenting this {event_type}...\",\"runSuccess\":\"๐ Documentation complete! [{workflow_name}]({run_url}) has written the docs. Clear as crystal! โจ\",\"runFailure\":\"โ๏ธ Writer's block! [{workflow_name}]({run_url}) {status}. The page remains blank...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Documentation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"โ๏ธ The Technical Writer begins! [{workflow_name}]({run_url}) is documenting this {event_type}...\",\"runSuccess\":\"๐ Documentation complete! [{workflow_name}]({run_url}) has written the docs. Clear as crystal! โจ\",\"runFailure\":\"โ๏ธ Writer's block! [{workflow_name}]({run_url}) {status}. The page remains blank...\"}"
GH_AW_PUSH_REPO_MEMORY_RESULT: ${{ needs.push_repo_memory.result }}
GH_AW_REPO_MEMORY_VALIDATION_FAILED_default: ${{ needs.push_repo_memory.outputs.validation_failed_default }}
GH_AW_REPO_MEMORY_VALIDATION_ERROR_default: ${{ needs.push_repo_memory.outputs.validation_error_default }}
@@ -1404,9 +1406,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/technical-doc-writer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Documentation by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"โ๏ธ The Technical Writer begins! [{workflow_name}]({run_url}) is documenting this {event_type}...\",\"runSuccess\":\"๐ Documentation complete! [{workflow_name}]({run_url}) has written the docs. Clear as crystal! โจ\",\"runFailure\":\"โ๏ธ Writer's block! [{workflow_name}]({run_url}) {status}. The page remains blank...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Documentation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"โ๏ธ The Technical Writer begins! [{workflow_name}]({run_url}) is documenting this {event_type}...\",\"runSuccess\":\"๐ Documentation complete! [{workflow_name}]({run_url}) has written the docs. Clear as crystal! โจ\",\"runFailure\":\"โ๏ธ Writer's block! [{workflow_name}]({run_url}) {status}. The page remains blank...\"}"
GH_AW_WORKFLOW_ID: "technical-doc-writer"
GH_AW_WORKFLOW_NAME: "Rebuild the documentation after making changes"
outputs:
@@ -1639,7 +1642,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Rebuild the documentation after making changes"
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Documentation by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"โ๏ธ The Technical Writer begins! [{workflow_name}]({run_url}) is documenting this {event_type}...\",\"runSuccess\":\"๐ Documentation complete! [{workflow_name}]({run_url}) has written the docs. Clear as crystal! โจ\",\"runFailure\":\"โ๏ธ Writer's block! [{workflow_name}]({run_url}) {status}. The page remains blank...\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐ *Documentation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"โ๏ธ The Technical Writer begins! [{workflow_name}]({run_url}) is documenting this {event_type}...\",\"runSuccess\":\"๐ Documentation complete! [{workflow_name}]({run_url}) has written the docs. Clear as crystal! โจ\",\"runFailure\":\"โ๏ธ Writer's block! [{workflow_name}]({run_url}) {status}. The page remains blank...\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/technical-doc-writer.md b/.github/workflows/technical-doc-writer.md
index d260f40d201..5b6d09185a4 100644
--- a/.github/workflows/technical-doc-writer.md
+++ b/.github/workflows/technical-doc-writer.md
@@ -49,7 +49,7 @@ safe-outputs:
draft: false
upload-asset:
messages:
- footer: "> ๐ *Documentation by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐ *Documentation by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "โ๏ธ The Technical Writer begins! [{workflow_name}]({run_url}) is documenting this {event_type}..."
run-success: "๐ Documentation complete! [{workflow_name}]({run_url}) has written the docs. Clear as crystal! โจ"
run-failure: "โ๏ธ Writer's block! [{workflow_name}]({run_url}) {status}. The page remains blank..."
diff --git a/.github/workflows/terminal-stylist.lock.yml b/.github/workflows/terminal-stylist.lock.yml
index 790f2042840..2bf4ec1ae87 100644
--- a/.github/workflows/terminal-stylist.lock.yml
+++ b/.github/workflows/terminal-stylist.lock.yml
@@ -300,6 +300,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: terminalstylist
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -744,6 +745,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -917,6 +919,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/terminal-stylist"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "terminal-stylist"
diff --git a/.github/workflows/test-create-pr-error-handling.lock.yml b/.github/workflows/test-create-pr-error-handling.lock.yml
index 052c789eda6..2b7263b97e8 100644
--- a/.github/workflows/test-create-pr-error-handling.lock.yml
+++ b/.github/workflows/test-create-pr-error-handling.lock.yml
@@ -265,6 +265,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: testcreateprerrorhandling
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -769,6 +770,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1124,6 +1126,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/test-create-pr-error-handling"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "test-create-pr-error-handling"
diff --git a/.github/workflows/test-dispatcher.lock.yml b/.github/workflows/test-dispatcher.lock.yml
index db100fdb87f..001104a9107 100644
--- a/.github/workflows/test-dispatcher.lock.yml
+++ b/.github/workflows/test-dispatcher.lock.yml
@@ -253,6 +253,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: testdispatcher
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -664,6 +665,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -986,6 +988,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/test-dispatcher"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "test-dispatcher"
diff --git a/.github/workflows/test-project-url-default.lock.yml b/.github/workflows/test-project-url-default.lock.yml
index 9bb476c03ff..c4e90166d79 100644
--- a/.github/workflows/test-project-url-default.lock.yml
+++ b/.github/workflows/test-project-url-default.lock.yml
@@ -252,6 +252,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: testprojecturldefault
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -724,6 +725,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1046,6 +1048,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/test-project-url-default"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "test-project-url-default"
diff --git a/.github/workflows/test-workflow.lock.yml b/.github/workflows/test-workflow.lock.yml
index 2ff32279953..d554c416879 100644
--- a/.github/workflows/test-workflow.lock.yml
+++ b/.github/workflows/test-workflow.lock.yml
@@ -246,6 +246,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: testworkflow
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
steps:
@@ -465,6 +466,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml
index b1295ae6b18..4e8594a8f9a 100644
--- a/.github/workflows/tidy.lock.yml
+++ b/.github/workflows/tidy.lock.yml
@@ -331,6 +331,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: tidy
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -816,6 +817,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1208,6 +1210,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/tidy"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "tidy"
diff --git a/.github/workflows/typist.lock.yml b/.github/workflows/typist.lock.yml
index e728099cf9a..e9d01917427 100644
--- a/.github/workflows/typist.lock.yml
+++ b/.github/workflows/typist.lock.yml
@@ -302,6 +302,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: typist
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -822,6 +823,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -992,6 +994,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/typist"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "typist"
diff --git a/.github/workflows/ubuntu-image-analyzer.lock.yml b/.github/workflows/ubuntu-image-analyzer.lock.yml
index 3712b4fb1c5..3615e569a2c 100644
--- a/.github/workflows/ubuntu-image-analyzer.lock.yml
+++ b/.github/workflows/ubuntu-image-analyzer.lock.yml
@@ -275,6 +275,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: ubuntuimageanalyzer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -726,6 +727,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1103,6 +1105,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/ubuntu-image-analyzer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "ubuntu-image-analyzer"
diff --git a/.github/workflows/unbloat-docs.lock.yml b/.github/workflows/unbloat-docs.lock.yml
index 6ed4517145a..bc05b393bad 100644
--- a/.github/workflows/unbloat-docs.lock.yml
+++ b/.github/workflows/unbloat-docs.lock.yml
@@ -28,7 +28,7 @@
# - shared/qmd.md
# - shared/reporting.md
#
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"5cb1a238898220d72c422f335a9e11bf399825c79859fe9f982ec22cb15ac37e","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"084b24db5fd25a45b32fb5db327aeeedf9af13d218d21f35b3fdfa8428f4281f","strict":true,"agent_id":"claude"}
name: "Documentation Unbloat"
"on":
@@ -164,7 +164,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
GH_AW_WORKFLOW_NAME: "Documentation Unbloat"
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐๏ธ *Compressed by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฆ Time to slim down! [{workflow_name}]({run_url}) is trimming the excess from this {event_type}...\",\"runSuccess\":\"๐๏ธ Docs on a diet! [{workflow_name}]({run_url}) has removed the bloat. Lean and mean! ๐ช\",\"runFailure\":\"๐ฆ Unbloating paused! [{workflow_name}]({run_url}) {status}. The docs remain... fluffy.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐๏ธ *Compressed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฆ Time to slim down! [{workflow_name}]({run_url}) is trimming the excess from this {event_type}...\",\"runSuccess\":\"๐๏ธ Docs on a diet! [{workflow_name}]({run_url}) has removed the bloat. Lean and mean! ๐ช\",\"runFailure\":\"๐ฆ Unbloating paused! [{workflow_name}]({run_url}) {status}. The docs remain... fluffy.\"}"
with:
script: |
const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs');
@@ -187,9 +187,9 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_f614585bc9bb273b_EOF'
+ cat << 'GH_AW_PROMPT_2eb17a34b25e800f_EOF'
- GH_AW_PROMPT_f614585bc9bb273b_EOF
+ GH_AW_PROMPT_2eb17a34b25e800f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -197,12 +197,12 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/qmd_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_f614585bc9bb273b_EOF'
+ cat << 'GH_AW_PROMPT_2eb17a34b25e800f_EOF'
Tools: add_comment, create_pull_request, upload_asset, missing_tool, missing_data, noop
- GH_AW_PROMPT_f614585bc9bb273b_EOF
+ GH_AW_PROMPT_2eb17a34b25e800f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_f614585bc9bb273b_EOF'
+ cat << 'GH_AW_PROMPT_2eb17a34b25e800f_EOF'
upload_asset: provide a file path; returns a URL; assets are published after the workflow completes (safeoutputs).
@@ -234,9 +234,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_f614585bc9bb273b_EOF
+ GH_AW_PROMPT_2eb17a34b25e800f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_f614585bc9bb273b_EOF'
+ cat << 'GH_AW_PROMPT_2eb17a34b25e800f_EOF'
Use the `search` tool to find relevant documentation and content with a natural language request โ it queries a local vector database built from the configured collections.
@@ -257,7 +257,7 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/docs-server-lifecycle.md}}
{{#runtime-import .github/workflows/unbloat-docs.md}}
- GH_AW_PROMPT_f614585bc9bb273b_EOF
+ GH_AW_PROMPT_2eb17a34b25e800f_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -353,6 +353,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: unbloatdocs
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
model: ${{ needs.activation.outputs.model }}
output: ${{ steps.collect_output.outputs.output }}
@@ -478,12 +479,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_287bd171b304ae57_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_b9c942841a167e37_EOF'
{"add_comment":{"max":1},"create_pull_request":{"auto_merge":true,"draft":true,"expires":48,"fallback_as_issue":false,"labels":["documentation","automation"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"reviewers":["copilot"],"title_prefix":"[docs] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_287bd171b304ae57_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_b9c942841a167e37_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_846d6c967a61486a_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_4e5a473a57a99f96_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added.",
@@ -493,8 +494,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_846d6c967a61486a_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_b3205209066e394e_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_4e5a473a57a99f96_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_648a3d74baef9e58_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -617,7 +618,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_b3205209066e394e_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_648a3d74baef9e58_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -724,7 +725,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.11'
- cat << GH_AW_MCP_CONFIG_54a2d66abc8cd89a_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_35b9f7c27ddc03d3_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -801,7 +802,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_54a2d66abc8cd89a_EOF
+ GH_AW_MCP_CONFIG_35b9f7c27ddc03d3_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -1051,6 +1052,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1226,7 +1228,7 @@ jobs:
GH_AW_CODE_PUSH_FAILURE_ERRORS: ${{ needs.safe_outputs.outputs.code_push_failure_errors }}
GH_AW_CODE_PUSH_FAILURE_COUNT: ${{ needs.safe_outputs.outputs.code_push_failure_count }}
GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐๏ธ *Compressed by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฆ Time to slim down! [{workflow_name}]({run_url}) is trimming the excess from this {event_type}...\",\"runSuccess\":\"๐๏ธ Docs on a diet! [{workflow_name}]({run_url}) has removed the bloat. Lean and mean! ๐ช\",\"runFailure\":\"๐ฆ Unbloating paused! [{workflow_name}]({run_url}) {status}. The docs remain... fluffy.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐๏ธ *Compressed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฆ Time to slim down! [{workflow_name}]({run_url}) is trimming the excess from this {event_type}...\",\"runSuccess\":\"๐๏ธ Docs on a diet! [{workflow_name}]({run_url}) has removed the bloat. Lean and mean! ๐ช\",\"runFailure\":\"๐ฆ Unbloating paused! [{workflow_name}]({run_url}) {status}. The docs remain... fluffy.\"}"
GH_AW_GROUP_REPORTS: "false"
GH_AW_FAILURE_REPORT_AS_ISSUE: "true"
GH_AW_TIMEOUT_MINUTES: "30"
@@ -1248,7 +1250,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Documentation Unbloat"
GH_AW_AGENT_CONCLUSION: ${{ needs.agent.result }}
GH_AW_DETECTION_CONCLUSION: ${{ needs.detection.outputs.detection_conclusion }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐๏ธ *Compressed by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฆ Time to slim down! [{workflow_name}]({run_url}) is trimming the excess from this {event_type}...\",\"runSuccess\":\"๐๏ธ Docs on a diet! [{workflow_name}]({run_url}) has removed the bloat. Lean and mean! ๐ช\",\"runFailure\":\"๐ฆ Unbloating paused! [{workflow_name}]({run_url}) {status}. The docs remain... fluffy.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐๏ธ *Compressed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฆ Time to slim down! [{workflow_name}]({run_url}) is trimming the excess from this {event_type}...\",\"runSuccess\":\"๐๏ธ Docs on a diet! [{workflow_name}]({run_url}) has removed the bloat. Lean and mean! ๐ช\",\"runFailure\":\"๐ฆ Unbloating paused! [{workflow_name}]({run_url}) {status}. The docs remain... fluffy.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
@@ -1552,9 +1554,10 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/unbloat-docs"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐๏ธ *Compressed by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฆ Time to slim down! [{workflow_name}]({run_url}) is trimming the excess from this {event_type}...\",\"runSuccess\":\"๐๏ธ Docs on a diet! [{workflow_name}]({run_url}) has removed the bloat. Lean and mean! ๐ช\",\"runFailure\":\"๐ฆ Unbloating paused! [{workflow_name}]({run_url}) {status}. The docs remain... fluffy.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐๏ธ *Compressed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฆ Time to slim down! [{workflow_name}]({run_url}) is trimming the excess from this {event_type}...\",\"runSuccess\":\"๐๏ธ Docs on a diet! [{workflow_name}]({run_url}) has removed the bloat. Lean and mean! ๐ช\",\"runFailure\":\"๐ฆ Unbloating paused! [{workflow_name}]({run_url}) {status}. The docs remain... fluffy.\"}"
GH_AW_WORKFLOW_ID: "unbloat-docs"
GH_AW_WORKFLOW_NAME: "Documentation Unbloat"
outputs:
@@ -1787,7 +1790,7 @@ jobs:
GH_AW_WORKFLOW_NAME: "Documentation Unbloat"
GH_AW_ENGINE_ID: "claude"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
- GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐๏ธ *Compressed by [{workflow_name}]({run_url})*{history_link}\",\"runStarted\":\"๐ฆ Time to slim down! [{workflow_name}]({run_url}) is trimming the excess from this {event_type}...\",\"runSuccess\":\"๐๏ธ Docs on a diet! [{workflow_name}]({run_url}) has removed the bloat. Lean and mean! ๐ช\",\"runFailure\":\"๐ฆ Unbloating paused! [{workflow_name}]({run_url}) {status}. The docs remain... fluffy.\"}"
+ GH_AW_SAFE_OUTPUT_MESSAGES: "{\"footer\":\"\\u003e ๐๏ธ *Compressed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}\",\"runStarted\":\"๐ฆ Time to slim down! [{workflow_name}]({run_url}) is trimming the excess from this {event_type}...\",\"runSuccess\":\"๐๏ธ Docs on a diet! [{workflow_name}]({run_url}) has removed the bloat. Lean and mean! ๐ช\",\"runFailure\":\"๐ฆ Unbloating paused! [{workflow_name}]({run_url}) {status}. The docs remain... fluffy.\"}"
with:
github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
script: |
diff --git a/.github/workflows/unbloat-docs.md b/.github/workflows/unbloat-docs.md
index d2d9314e18a..859e8a45667 100644
--- a/.github/workflows/unbloat-docs.md
+++ b/.github/workflows/unbloat-docs.md
@@ -94,7 +94,7 @@ safe-outputs:
max: 1
upload-asset:
messages:
- footer: "> ๐๏ธ *Compressed by [{workflow_name}]({run_url})*{history_link}"
+ footer: "> ๐๏ธ *Compressed by [{workflow_name}]({run_url})*{effective_tokens_suffix}{history_link}"
run-started: "๐ฆ Time to slim down! [{workflow_name}]({run_url}) is trimming the excess from this {event_type}..."
run-success: "๐๏ธ Docs on a diet! [{workflow_name}]({run_url}) has removed the bloat. Lean and mean! ๐ช"
run-failure: "๐ฆ Unbloating paused! [{workflow_name}]({run_url}) {status}. The docs remain... fluffy."
diff --git a/.github/workflows/update-astro.lock.yml b/.github/workflows/update-astro.lock.yml
index 2c7850ea7c2..eae844d8a4f 100644
--- a/.github/workflows/update-astro.lock.yml
+++ b/.github/workflows/update-astro.lock.yml
@@ -282,6 +282,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: updateastro
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -707,6 +708,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1128,6 +1130,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/update-astro"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "update-astro"
diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml
index ea16e5642e5..131ed55bd0d 100644
--- a/.github/workflows/video-analyzer.lock.yml
+++ b/.github/workflows/video-analyzer.lock.yml
@@ -270,6 +270,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: videoanalyzer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -717,6 +718,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1041,6 +1043,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/video-analyzer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "video-analyzer"
diff --git a/.github/workflows/weekly-blog-post-writer.lock.yml b/.github/workflows/weekly-blog-post-writer.lock.yml
index 1ba49b1dc1c..15acab1a5a3 100644
--- a/.github/workflows/weekly-blog-post-writer.lock.yml
+++ b/.github/workflows/weekly-blog-post-writer.lock.yml
@@ -308,6 +308,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: weeklyblogpostwriter
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -873,6 +874,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1386,6 +1388,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/weekly-blog-post-writer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "weekly-blog-post-writer"
diff --git a/.github/workflows/weekly-editors-health-check.lock.yml b/.github/workflows/weekly-editors-health-check.lock.yml
index 6198addee6d..fe71a188601 100644
--- a/.github/workflows/weekly-editors-health-check.lock.yml
+++ b/.github/workflows/weekly-editors-health-check.lock.yml
@@ -267,6 +267,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: weeklyeditorshealthcheck
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -749,6 +750,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1091,6 +1093,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/weekly-editors-health-check"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "weekly-editors-health-check"
diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml
index 928623755f8..f362b11b446 100644
--- a/.github/workflows/weekly-issue-summary.lock.yml
+++ b/.github/workflows/weekly-issue-summary.lock.yml
@@ -280,6 +280,7 @@ jobs:
GH_AW_MCP_LOG_DIR: /tmp/gh-aw/mcp-logs/safeoutputs
GH_AW_WORKFLOW_ID_SANITIZED: weeklyissuesummary
outputs:
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -738,6 +739,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -930,6 +932,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/weekly-issue-summary"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "weekly-issue-summary"
diff --git a/.github/workflows/weekly-safe-outputs-spec-review.lock.yml b/.github/workflows/weekly-safe-outputs-spec-review.lock.yml
index 1fa841db9d2..901fe246a07 100644
--- a/.github/workflows/weekly-safe-outputs-spec-review.lock.yml
+++ b/.github/workflows/weekly-safe-outputs-spec-review.lock.yml
@@ -267,6 +267,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: weeklysafeoutputsspecreview
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -691,6 +692,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1025,6 +1027,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/weekly-safe-outputs-spec-review"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "weekly-safe-outputs-spec-review"
diff --git a/.github/workflows/workflow-generator.lock.yml b/.github/workflows/workflow-generator.lock.yml
index 8d221e72bae..09c0c93127b 100644
--- a/.github/workflows/workflow-generator.lock.yml
+++ b/.github/workflows/workflow-generator.lock.yml
@@ -300,6 +300,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: workflowgenerator
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -768,6 +769,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1148,6 +1150,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/workflow-generator"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "workflow-generator"
diff --git a/.github/workflows/workflow-health-manager.lock.yml b/.github/workflows/workflow-health-manager.lock.yml
index 9899b5c1291..fa50de8ad63 100644
--- a/.github/workflows/workflow-health-manager.lock.yml
+++ b/.github/workflows/workflow-health-manager.lock.yml
@@ -284,6 +284,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: workflowhealthmanager
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -790,6 +791,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1247,6 +1249,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/workflow-health-manager"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "workflow-health-manager"
diff --git a/.github/workflows/workflow-normalizer.lock.yml b/.github/workflows/workflow-normalizer.lock.yml
index 6fa5a8cd8f9..1d706b75493 100644
--- a/.github/workflows/workflow-normalizer.lock.yml
+++ b/.github/workflows/workflow-normalizer.lock.yml
@@ -268,6 +268,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: workflownormalizer
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -764,6 +765,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1091,6 +1093,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/workflow-normalizer"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_TRACKER_ID: "workflow-normalizer"
diff --git a/.github/workflows/workflow-skill-extractor.lock.yml b/.github/workflows/workflow-skill-extractor.lock.yml
index b3d9c859655..ba8cdce50ae 100644
--- a/.github/workflows/workflow-skill-extractor.lock.yml
+++ b/.github/workflows/workflow-skill-extractor.lock.yml
@@ -266,6 +266,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: workflowskillextractor
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
has_patch: ${{ steps.collect_output.outputs.has_patch }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
@@ -735,6 +736,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
@@ -1063,6 +1065,7 @@ jobs:
timeout-minutes: 15
env:
GH_AW_CALLER_WORKFLOW_ID: "${{ github.repository }}/workflow-skill-extractor"
+ GH_AW_EFFECTIVE_TOKENS: ${{ needs.agent.outputs.effective_tokens }}
GH_AW_ENGINE_ID: "copilot"
GH_AW_ENGINE_MODEL: ${{ needs.agent.outputs.model }}
GH_AW_WORKFLOW_ID: "workflow-skill-extractor"
diff --git a/actions/setup/js/messages_core.cjs b/actions/setup/js/messages_core.cjs
index f31e7d8641e..07ed7634f98 100644
--- a/actions/setup/js/messages_core.cjs
+++ b/actions/setup/js/messages_core.cjs
@@ -14,6 +14,9 @@
* - {workflow_source} - Source specification (owner/repo/path@ref)
* - {workflow_source_url} - GitHub URL for the workflow source
* - {triggering_number} - Issue/PR/Discussion number that triggered this workflow
+ * - {effective_tokens} - Raw total effective token count for the run (e.g. 1200), only present when > 0
+ * - {effective_tokens_formatted} - Compact formatted effective tokens (e.g. "1.2K", "3M"), only present when > 0
+ * - {effective_tokens_suffix} - Pre-formatted suffix including the โ symbol (e.g. " ยท โ 1.2K"), or "" when not available
* - {operation} - Operation name (for staged mode titles/descriptions)
* - {event_type} - Event type description (for run-started messages)
* - {status} - Workflow status text (for run-failure messages)
diff --git a/actions/setup/js/messages_footer.cjs b/actions/setup/js/messages_footer.cjs
index 15b052aa3e2..44fef15dce1 100644
--- a/actions/setup/js/messages_footer.cjs
+++ b/actions/setup/js/messages_footer.cjs
@@ -14,6 +14,23 @@ const { getBlockedDomains, generateBlockedDomainsSection } = require("./firewall
const { getDifcFilteredEvents, generateDifcFilteredSection } = require("./gateway_difc_filtered.cjs");
const { formatET } = require("./effective_tokens.cjs");
+/**
+ * Read effective tokens from the GH_AW_EFFECTIVE_TOKENS environment variable and return
+ * both the raw count, compact formatted string, and a pre-formatted suffix.
+ * Returns undefined/empty for all fields when the variable is absent or the parsed value
+ * is not a positive integer.
+ * @returns {{ effectiveTokens: number|undefined, effectiveTokensFormatted: string|undefined, effectiveTokensSuffix: string }}
+ */
+function getEffectiveTokensFromEnv() {
+ const raw = process.env.GH_AW_EFFECTIVE_TOKENS;
+ const parsed = raw ? parseInt(raw, 10) : NaN;
+ if (!isNaN(parsed) && parsed > 0) {
+ const effectiveTokensFormatted = formatET(parsed);
+ return { effectiveTokens: parsed, effectiveTokensFormatted, effectiveTokensSuffix: ` ยท โ ${effectiveTokensFormatted}` };
+ }
+ return { effectiveTokens: undefined, effectiveTokensFormatted: undefined, effectiveTokensSuffix: "" };
+}
+
/**
* @typedef {Object} FooterContext
* @property {string} workflowName - Name of the workflow
@@ -41,8 +58,13 @@ function getFooterMessage(ctx) {
// Pre-compute agentic_workflow_url as the direct link to the agentic workflow page
const agenticWorkflowUrl = ctx.agenticWorkflowUrl || (ctx.runUrl ? `${ctx.runUrl}/agentic_workflow` : "");
+ // Pre-compute effective_tokens_formatted and effective_tokens_suffix for use in custom templates
+ const effectiveTokensFormatted = ctx.effectiveTokens ? formatET(ctx.effectiveTokens) : undefined;
+ // effective_tokens_suffix is always a string: either " ยท โ 1.2K" or "" (for safe use in templates)
+ const effectiveTokensSuffix = effectiveTokensFormatted ? ` ยท โ ${effectiveTokensFormatted}` : "";
+
// Create context with both camelCase and snake_case keys, including computed history_link and agentic_workflow_url
- const templateContext = toSnakeCase({ ...ctx, historyLink, agenticWorkflowUrl });
+ const templateContext = toSnakeCase({ ...ctx, historyLink, agenticWorkflowUrl, effectiveTokensFormatted, effectiveTokensSuffix });
// Use custom footer template if configured (no automatic suffix appended)
if (messages?.footer) {
@@ -109,8 +131,11 @@ function getFooterWorkflowRecompileMessage(ctx) {
// Pre-compute agentic_workflow_url as the direct link to the agentic workflow page
const agenticWorkflowUrl = ctx.agenticWorkflowUrl || (ctx.runUrl ? `${ctx.runUrl}/agentic_workflow` : "");
+ // Read effective tokens from environment variable if available
+ const { effectiveTokens, effectiveTokensFormatted, effectiveTokensSuffix } = getEffectiveTokensFromEnv();
+
// Create context with both camelCase and snake_case keys
- const templateContext = toSnakeCase({ ...ctx, agenticWorkflowUrl });
+ const templateContext = toSnakeCase({ ...ctx, agenticWorkflowUrl, effectiveTokens, effectiveTokensFormatted, effectiveTokensSuffix });
// Default footer template
const defaultFooter = "> Generated by [{workflow_name}]({agentic_workflow_url})";
@@ -130,8 +155,11 @@ function getFooterWorkflowRecompileCommentMessage(ctx) {
// Pre-compute agentic_workflow_url as the direct link to the agentic workflow page
const agenticWorkflowUrl = ctx.agenticWorkflowUrl || (ctx.runUrl ? `${ctx.runUrl}/agentic_workflow` : "");
+ // Read effective tokens from environment variable if available
+ const { effectiveTokens, effectiveTokensFormatted, effectiveTokensSuffix } = getEffectiveTokensFromEnv();
+
// Create context with both camelCase and snake_case keys
- const templateContext = toSnakeCase({ ...ctx, agenticWorkflowUrl });
+ const templateContext = toSnakeCase({ ...ctx, agenticWorkflowUrl, effectiveTokens, effectiveTokensFormatted, effectiveTokensSuffix });
// Default footer template
const defaultFooter = "> Updated by [{workflow_name}]({agentic_workflow_url})";
@@ -164,8 +192,11 @@ function getFooterAgentFailureIssueMessage(ctx) {
// Pre-compute agentic_workflow_url as the direct link to the agentic workflow page
const agenticWorkflowUrl = ctx.agenticWorkflowUrl || (ctx.runUrl ? `${ctx.runUrl}/agentic_workflow` : "");
+ // Read effective tokens from environment variable if available
+ const { effectiveTokens, effectiveTokensFormatted, effectiveTokensSuffix } = getEffectiveTokensFromEnv();
+
// Create context with both camelCase and snake_case keys, including computed history_link and agentic_workflow_url
- const templateContext = toSnakeCase({ ...ctx, historyLink, agenticWorkflowUrl });
+ const templateContext = toSnakeCase({ ...ctx, historyLink, agenticWorkflowUrl, effectiveTokens, effectiveTokensFormatted, effectiveTokensSuffix });
// Use custom agent failure issue footer if configured, otherwise use default footer
if (messages?.agentFailureIssue) {
@@ -195,8 +226,11 @@ function getFooterAgentFailureCommentMessage(ctx) {
// Pre-compute agentic_workflow_url as the direct link to the agentic workflow page
const agenticWorkflowUrl = ctx.agenticWorkflowUrl || (ctx.runUrl ? `${ctx.runUrl}/agentic_workflow` : "");
+ // Read effective tokens from environment variable if available
+ const { effectiveTokens, effectiveTokensFormatted, effectiveTokensSuffix } = getEffectiveTokensFromEnv();
+
// Create context with both camelCase and snake_case keys, including computed history_link and agentic_workflow_url
- const templateContext = toSnakeCase({ ...ctx, historyLink, agenticWorkflowUrl });
+ const templateContext = toSnakeCase({ ...ctx, historyLink, agenticWorkflowUrl, effectiveTokens, effectiveTokensFormatted, effectiveTokensSuffix });
// Use custom agent failure comment footer if configured, otherwise use default footer
if (messages?.agentFailureComment) {
@@ -302,8 +336,7 @@ function generateFooterWithMessages(workflowName, runUrl, workflowSource, workfl
// Read effective tokens from environment variable if available.
// GH_AW_EFFECTIVE_TOKENS is set by parse_mcp_gateway_log.cjs after computing ET
// from the token-usage.jsonl produced by the firewall proxy.
- const effectiveTokensRaw = process.env.GH_AW_EFFECTIVE_TOKENS;
- const effectiveTokens = effectiveTokensRaw ? parseInt(effectiveTokensRaw, 10) || 0 : 0;
+ const { effectiveTokens } = getEffectiveTokensFromEnv();
const ctx = {
workflowName,
@@ -312,7 +345,7 @@ function generateFooterWithMessages(workflowName, runUrl, workflowSource, workfl
workflowSourceUrl: workflowSourceURL,
triggeringNumber,
historyUrl: historyUrl || undefined,
- effectiveTokens: effectiveTokens > 0 ? effectiveTokens : undefined,
+ effectiveTokens,
};
// Collect guard notices to show BEFORE the attribution footer
diff --git a/actions/setup/js/parse_mcp_gateway_log.cjs b/actions/setup/js/parse_mcp_gateway_log.cjs
index 125fc59b450..90f102e4b81 100644
--- a/actions/setup/js/parse_mcp_gateway_log.cjs
+++ b/actions/setup/js/parse_mcp_gateway_log.cjs
@@ -190,6 +190,10 @@ function writeStepSummaryWithTokenUsage(coreObj) {
if (parsedSummary && parsedSummary.totalEffectiveTokens > 0) {
const roundedET = Math.round(parsedSummary.totalEffectiveTokens);
coreObj.exportVariable("GH_AW_EFFECTIVE_TOKENS", String(roundedET));
+ // Also set as a step output so the value can flow to the safe_outputs job
+ // via the agent job's effective_tokens output (job-level env vars are not
+ // inherited by downstream jobs โ only job outputs are).
+ coreObj.setOutput("effective_tokens", String(roundedET));
coreObj.info(`Effective tokens: ${roundedET}`);
}
}
diff --git a/actions/setup/setup.sh b/actions/setup/setup.sh
index 561107409a2..d1402d25c7a 100755
--- a/actions/setup/setup.sh
+++ b/actions/setup/setup.sh
@@ -262,6 +262,7 @@ SAFE_OUTPUTS_FILES=(
"messages_run_status.cjs"
"messages_staged.cjs"
"messages_close_discussion.cjs"
+ "effective_tokens.cjs"
"estimate_tokens.cjs"
"generate_git_patch.cjs"
"generate_git_bundle.cjs"
diff --git a/docs/src/content/docs/reference/footers.md b/docs/src/content/docs/reference/footers.md
index 38ff387b69b..ca762b9f61e 100644
--- a/docs/src/content/docs/reference/footers.md
+++ b/docs/src/content/docs/reference/footers.md
@@ -135,7 +135,7 @@ safe-outputs:
title-prefix: "[bot] "
```
-The `messages.footer` template supports variables like `{workflow_name}`, `{agentic_workflow_url}`, `{run_url}`, `{triggering_number}`, and more. `{agentic_workflow_url}` links directly to the agentic workflow file view for the run (equivalent to `{run_url}/agentic_workflow`), while `{run_url}` links to the plain Actions run page. See [Custom Messages](/gh-aw/reference/safe-outputs/#custom-messages-messages) for complete documentation on message templates and available variables.
+The `messages.footer` template supports variables like `{workflow_name}`, `{agentic_workflow_url}`, `{run_url}`, `{triggering_number}`, `{effective_tokens_suffix}`, and more. `{agentic_workflow_url}` links directly to the agentic workflow file view for the run (equivalent to `{run_url}/agentic_workflow`), while `{run_url}` links to the plain Actions run page. `{effective_tokens_suffix}` is a pre-formatted, always-safe suffix (e.g. `" ยท โ 1.2K"` or `""`) that you can place directly before `{history_link}` โ the same `โ` format the default footer uses. See [Custom Messages](/gh-aw/reference/safe-outputs/#custom-messages-messages) for complete documentation on message templates and available variables.
## Related Documentation
diff --git a/docs/src/content/docs/reference/safe-outputs.md b/docs/src/content/docs/reference/safe-outputs.md
index 0024a9c043b..f1acf442fa3 100644
--- a/docs/src/content/docs/reference/safe-outputs.md
+++ b/docs/src/content/docs/reference/safe-outputs.md
@@ -1525,7 +1525,9 @@ safe-outputs:
**Options**: `append-only-comments` (default: `false`)
-**Variables**: `{workflow_name}`, `{run_url}`, `{agentic_workflow_url}`, `{triggering_number}`, `{workflow_source}`, `{workflow_source_url}`, `{event_type}`, `{status}`, `{operation}`
+**Variables**: `{workflow_name}`, `{run_url}`, `{agentic_workflow_url}`, `{triggering_number}`, `{workflow_source}`, `{workflow_source_url}`, `{event_type}`, `{status}`, `{operation}`, `{effective_tokens}`, `{effective_tokens_formatted}`, `{effective_tokens_suffix}`
+
+`{effective_tokens}` contains the raw total effective token count for the run (e.g. `1200`), and `{effective_tokens_formatted}` is the compact human-readable form (e.g. `1.2K`, `3M`). Both are only present when the effective token count is greater than zero. `{effective_tokens_suffix}` is a pre-formatted, always-safe suffix string (e.g. `" ยท โ 1.2K"` or `""`) that can be inserted directly into footer templates alongside `{history_link}`. The default footer automatically includes the formatted value โ use these variables in custom footer templates to include token usage in your own format. See [Effective Tokens Specification](/gh-aw/reference/effective-tokens-specification/) for details on how effective tokens are computed.
## Staged Mode
diff --git a/pkg/constants/job_constants.go b/pkg/constants/job_constants.go
index e5a14d1e163..fb69c08d196 100644
--- a/pkg/constants/job_constants.go
+++ b/pkg/constants/job_constants.go
@@ -133,6 +133,11 @@ const CheckSkipIfCheckFailingStepID StepID = "check_skip_if_check_failing"
// emitted in the pre-activation job when on.github-app is configured alongside skip-if checks.
const PreActivationAppTokenStepID StepID = "pre-activation-app-token"
+// ParseMCPGatewayStepID is the step ID for the MCP gateway log parsing step in the agent job.
+// Its effective_tokens output is exposed as an agent job output so that the safe_outputs job
+// can pass the value as GH_AW_EFFECTIVE_TOKENS to the footer template renderer.
+const ParseMCPGatewayStepID StepID = "parse-mcp-gateway"
+
// Output names for pre-activation job steps
const IsTeamMemberOutput = "is_team_member"
const StopTimeOkOutput = "stop_time_ok"
diff --git a/pkg/workflow/compiler_main_job.go b/pkg/workflow/compiler_main_job.go
index 1b5ddcac420..38da6644260 100644
--- a/pkg/workflow/compiler_main_job.go
+++ b/pkg/workflow/compiler_main_job.go
@@ -141,6 +141,10 @@ func (c *Compiler) buildMainJob(data *WorkflowData, activationJobCreated bool) (
// Always include model output for reuse in other jobs - now sourced from activation job
outputs := map[string]string{
"model": "${{ needs.activation.outputs.model }}",
+ // effective_tokens is the total ET for the run, captured by the MCP gateway log parser step.
+ // It is exposed here so that the safe_outputs job can set GH_AW_EFFECTIVE_TOKENS and render
+ // the {effective_tokens_suffix} template expression in footer templates.
+ "effective_tokens": fmt.Sprintf("${{ steps.%s.outputs.effective_tokens }}", constants.ParseMCPGatewayStepID),
}
// Note: secret_verification_result is now an output of the activation job (not the agent job).
diff --git a/pkg/workflow/compiler_safe_outputs_job.go b/pkg/workflow/compiler_safe_outputs_job.go
index 41c442e03ba..c4bff5baf38 100644
--- a/pkg/workflow/compiler_safe_outputs_job.go
+++ b/pkg/workflow/compiler_safe_outputs_job.go
@@ -508,6 +508,11 @@ func (c *Compiler) buildJobLevelSafeOutputEnvVars(data *WorkflowData, workflowID
}
}
+ // Pass effective tokens from the agent job so footer templates can use {effective_tokens_suffix}.
+ // The value is set by parse_mcp_gateway_log.cjs in the agent job and exposed as a job output.
+ // An empty/missing value is handled gracefully by getEffectiveTokensFromEnv() in messages_footer.cjs.
+ envVars["GH_AW_EFFECTIVE_TOKENS"] = fmt.Sprintf("${{ needs.%s.outputs.effective_tokens }}", constants.AgentJobName)
+
// Add safe output job environment variables (staged/target repo)
if data.SafeOutputs != nil && (c.trialMode || data.SafeOutputs.Staged) {
envVars["GH_AW_SAFE_OUTPUTS_STAGED"] = "\"true\""
diff --git a/pkg/workflow/compiler_yaml_ai_execution.go b/pkg/workflow/compiler_yaml_ai_execution.go
index 41a9fdf44f6..201aca8e39b 100644
--- a/pkg/workflow/compiler_yaml_ai_execution.go
+++ b/pkg/workflow/compiler_yaml_ai_execution.go
@@ -3,6 +3,8 @@ package workflow
import (
"fmt"
"strings"
+
+ "github.com/github/gh-aw/pkg/constants"
)
func getObservabilityJobSummaryMode(data *WorkflowData) string {
@@ -104,6 +106,7 @@ func (c *Compiler) generateMCPGatewayLogParsing(yaml *strings.Builder) {
yaml.WriteString(" - name: Parse MCP Gateway logs for step summary\n")
yaml.WriteString(" if: always()\n")
+ fmt.Fprintf(yaml, " id: %s\n", constants.ParseMCPGatewayStepID)
fmt.Fprintf(yaml, " uses: %s\n", GetActionPin("actions/github-script"))
yaml.WriteString(" with:\n")
yaml.WriteString(" script: |\n")
diff --git a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden
index 0b69a754739..a39c81e6c62 100644
--- a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden
+++ b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden
@@ -224,6 +224,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: basiccopilot
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
steps:
@@ -443,6 +444,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
diff --git a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden
index a2bf5407edd..ededa215db4 100644
--- a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden
+++ b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden
@@ -225,6 +225,7 @@ jobs:
GH_AW_WORKFLOW_ID_SANITIZED: withimports
outputs:
checkout_pr_success: ${{ steps.checkout-pr.outputs.checkout_pr_success || 'true' }}
+ effective_tokens: ${{ steps.parse-mcp-gateway.outputs.effective_tokens }}
inference_access_error: ${{ steps.detect-inference-error.outputs.inference_access_error || 'false' }}
model: ${{ needs.activation.outputs.model }}
steps:
@@ -444,6 +445,7 @@ jobs:
await main();
- name: Parse MCP Gateway logs for step summary
if: always()
+ id: parse-mcp-gateway
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |