Summary
In workflows compiled by gh-aw v0.64.0, the Set runtime paths step writes the safe outputs paths (GH_AW_SAFE_OUTPUTS_CONFIG_PATH, GH_AW_SAFE_OUTPUTS_TOOLS_PATH, etc.) only to $GITHUB_OUTPUT, not $GITHUB_ENV. However, downstream steps (e.g., Start MCP Gateway, Start Safe Outputs MCP HTTP Server, and any containers running MCPs) require these as true environment variables at runtime—including for Docker -e injection and in-process scripts.
What failed
Set runtime paths only writes to $GITHUB_OUTPUT.- Downstream jobs/containers reference these variables as env vars, so they're empty/undefined.
Why it failed
- A security fix to eliminate
$GITHUB_ENV writes (to mitigate injection risk) was applied, but the workflow compiler did not update downstream steps to explicitly pass the output as an env: value (e.g., env: GH_AW_SAFE_OUTPUTS_CONFIG_PATH: ${{ steps.set-runtime-paths.outputs.GH_AW_SAFE_OUTPUTS_CONFIG_PATH }}).
Root cause
- Compiler-side in
pkg/workflow/compiler_yaml_helpers.go, only $GITHUB_OUTPUT is used for these vars, and required downstream env: thread-through is missing.
Supporting evidence / References
Proposed fix
- Compiler: For every downstream step/Job/container that references these variables (especially Docker
-e), explicitly pass them as environment variables using outputs from the set-runtime-paths step (e.g., GH_AW_SAFE_OUTPUTS_CONFIG_PATH: ${{ steps.set-runtime-paths.outputs.GH_AW_SAFE_OUTPUTS_CONFIG_PATH }}).
- Add tests to ensure all required safe output variables are present both as outputs and in the runtime
env for every path-consuming job/step.
Implementation plan
- Patch workflow YAML compiler:
- Ensure affected jobs propagate required vars from outputs to step/job env.
- Add regression/unit tests in compiler to validate env propagation.
- Run a full round-trip integration (compile sample workflows, verify resulting
.lock.yml threads the variables correctly up to container run).
Summary
In workflows compiled by gh-aw v0.64.0, the
Set runtime pathsstep writes the safe outputs paths (GH_AW_SAFE_OUTPUTS_CONFIG_PATH,GH_AW_SAFE_OUTPUTS_TOOLS_PATH, etc.) only to$GITHUB_OUTPUT, not$GITHUB_ENV. However, downstream steps (e.g.,Start MCP Gateway,Start Safe Outputs MCP HTTP Server, and any containers running MCPs) require these as true environment variables at runtime—including for Docker-einjection and in-process scripts.What failed
Set runtime pathsonly writes to$GITHUB_OUTPUT.Why it failed
$GITHUB_ENVwrites (to mitigate injection risk) was applied, but the workflow compiler did not update downstream steps to explicitly pass the output as anenv:value (e.g.,env: GH_AW_SAFE_OUTPUTS_CONFIG_PATH: ${{ steps.set-runtime-paths.outputs.GH_AW_SAFE_OUTPUTS_CONFIG_PATH }}).Root cause
pkg/workflow/compiler_yaml_helpers.go, only$GITHUB_OUTPUTis used for these vars, and required downstreamenv:thread-through is missing.Supporting evidence / References
generateSetRuntimePathsStep()inpkg/workflow/compiler_yaml_helpers.goProposed fix
-e), explicitly pass them as environment variables using outputs from theset-runtime-pathsstep (e.g.,GH_AW_SAFE_OUTPUTS_CONFIG_PATH: ${{ steps.set-runtime-paths.outputs.GH_AW_SAFE_OUTPUTS_CONFIG_PATH }}).envfor every path-consuming job/step.Implementation plan
.lock.ymlthreads the variables correctly up to container run).