DIFC proxy does not pass GITHUB_SERVER_URL to container — breaks GHEC integrity filtering

[lpcox]

Problem

The DIFC proxy (start_difc_proxy.sh) does not pass GITHUB_SERVER_URL to the mcpg proxy container. This means the proxy cannot determine the correct upstream GitHub API endpoint on GHEC (.ghe.com) tenants.

The MCP gateway already handles this correctly — it passes -e GITHUB_SERVER_URL to the container (mcp_setup_generator.go:641). The DIFC proxy uses the same container image but omits this env var.

Current behavior

# start_difc_proxy.sh L37-48
docker run -d --name awmg-proxy --network host \
  -e GH_TOKEN \
  -e DEBUG='*' \
  ...
  "$CONTAINER_IMAGE" proxy ...

Only GH_TOKEN and DEBUG are passed. On GHEC, the proxy has no way to know the upstream API should be api.TENANT.ghe.com instead of api.github.com.

Expected behavior

The proxy container should receive GITHUB_SERVER_URL so it can route upstream requests to the correct enterprise API:

docker run -d --name awmg-proxy --network host \
  -e GH_TOKEN \
  -e GITHUB_SERVER_URL \   # ← route to correct upstream
  -e DEBUG='*' \
  ...

Impact

• GHEC workflows with DIFC guards: Integrity filtering on pre-agent gh CLI and actions/github-script steps silently fails or routes to the wrong API
• github.com workflows: Unaffected (proxy defaults to api.github.com)

Root cause

Two files need changes:

1. actions/setup/sh/start_difc_proxy.sh

Add -e GITHUB_SERVER_URL to the docker run command (L37):

docker run -d --name awmg-proxy --network host \
  -e GH_TOKEN \
  -e GITHUB_SERVER_URL \
  -e DEBUG='*' \
  ...

2. pkg/workflow/compiler_difc_proxy.go

The compiler generates the DIFC proxy step in buildStartDIFCProxyStepYAML(). Currently (L210-218) it only sets GH_TOKEN in the step env:

sb.WriteString("      - name: Start DIFC proxy for pre-agent gh calls\n")
sb.WriteString("        env:\n")
fmt.Fprintf(&sb, "          GH_TOKEN: %s\n", effectiveToken)

The shell script receives GITHUB_SERVER_URL from the runner environment automatically (it is a standard GitHub Actions context variable), so the compiler change is not strictly required — the script inherits it. However, for consistency with the gateway (which explicitly passes it), consider documenting this dependency.

Comparison with gateway

The gateway already handles GHEC correctly in mcp_setup_generator.go:

// L640-641
containerCmd.WriteString(" -e GITHUB_REPOSITORY")
containerCmd.WriteString(" -e GITHUB_SERVER_URL")  // ← gateway passes this

And the guard policy renderer sets GITHUB_HOST from $GITHUB_SERVER_URL (mcp_renderer_github.go:163).

Dependencies

This fix depends on the mcpg proxy mode supporting GITHUB_SERVER_URL for upstream routing. A corresponding issue should be filed in github/gh-aw-mcpg if the proxy mode does not already use this env var.

Notes

• The hardcoded proxy-local paths (GITHUB_API_URL=https://localhost:18443/api/v3, GITHUB_GRAPHQL_URL=https://localhost:18443/api/graphql) in start_difc_proxy.sh are correct — these are the proxy's local listener paths, not the upstream paths
• The /api/v3 and /api/graphql path structure is the same on both github.com and GHEC
• The health check at https://localhost:18443/api/v3/health should also work regardless of upstream

[lpcox]

Companion mcpg issue: github/gh-aw-mcpg#2675 — proxy mode needs to use GITHUB_SERVER_URL for upstream routing.

[lpcox]

@pelikhan this resovles a conflict between ghec supprot and integrity fitlering