diff --git a/.github/workflows/agent-performance-analyzer.lock.yml b/.github/workflows/agent-performance-analyzer.lock.yml index 95fdca65aa..489ef7b96c 100644 --- a/.github/workflows/agent-performance-analyzer.lock.yml +++ b/.github/workflows/agent-performance-analyzer.lock.yml @@ -156,8 +156,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -168,8 +176,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Install gh-aw extension env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/agent-persona-explorer.lock.yml b/.github/workflows/agent-persona-explorer.lock.yml index 5993df81be..402cb2782f 100644 --- a/.github/workflows/agent-persona-explorer.lock.yml +++ b/.github/workflows/agent-persona-explorer.lock.yml @@ -158,8 +158,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -170,8 +178,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Install gh-aw extension env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/ai-moderator.lock.yml b/.github/workflows/ai-moderator.lock.yml index 7e8376ea69..ab1a49bfc7 100644 --- a/.github/workflows/ai-moderator.lock.yml +++ b/.github/workflows/ai-moderator.lock.yml @@ -164,8 +164,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -176,8 +184,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/archie.lock.yml b/.github/workflows/archie.lock.yml index 4e6592514b..620d787ae3 100644 --- a/.github/workflows/archie.lock.yml +++ b/.github/workflows/archie.lock.yml @@ -185,8 +185,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -197,8 +205,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml index d7d818469f..3de8fe6c9a 100644 --- a/.github/workflows/artifacts-summary.lock.yml +++ b/.github/workflows/artifacts-summary.lock.yml @@ -143,8 +143,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -155,8 +163,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml index 68fb94e90c..a9af043ad2 100644 --- a/.github/workflows/audit-workflows.lock.yml +++ b/.github/workflows/audit-workflows.lock.yml @@ -216,10 +216,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -230,8 +236,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/auto-triage-issues.lock.yml b/.github/workflows/auto-triage-issues.lock.yml index 894227a192..95dbd91837 100644 --- a/.github/workflows/auto-triage-issues.lock.yml +++ b/.github/workflows/auto-triage-issues.lock.yml @@ -146,8 +146,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -158,8 +166,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/blog-auditor.lock.yml b/.github/workflows/blog-auditor.lock.yml index cc02825507..4f00826e15 100644 --- a/.github/workflows/blog-auditor.lock.yml +++ b/.github/workflows/blog-auditor.lock.yml @@ -147,10 +147,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -161,8 +167,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml index 30e50301d7..d7df5c42f4 100644 --- a/.github/workflows/brave.lock.yml +++ b/.github/workflows/brave.lock.yml @@ -173,8 +173,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker docker.io/mcp/brave-search ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -185,8 +193,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh docker.io/mcp/brave-search ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/breaking-change-checker.lock.yml b/.github/workflows/breaking-change-checker.lock.yml index 913bec3474..3fe95d8cb3 100644 --- a/.github/workflows/breaking-change-checker.lock.yml +++ b/.github/workflows/breaking-change-checker.lock.yml @@ -140,8 +140,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -152,8 +160,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/changeset.lock.yml b/.github/workflows/changeset.lock.yml index 3ac79aba39..0925fff942 100644 --- a/.github/workflows/changeset.lock.yml +++ b/.github/workflows/changeset.lock.yml @@ -181,15 +181,16 @@ jobs: env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY }} OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - - name: Setup Node.js - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 - with: - node-version: '24' - package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @openai/codex \ + --cli-version 0.92.0 \ + --cli-verify "codex --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -200,8 +201,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/chroma-issue-indexer.lock.yml b/.github/workflows/chroma-issue-indexer.lock.yml index 8001125d49..b4fde2ad6b 100644 --- a/.github/workflows/chroma-issue-indexer.lock.yml +++ b/.github/workflows/chroma-issue-indexer.lock.yml @@ -147,8 +147,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 python:alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -159,8 +167,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 python:alpine - name: Start MCP gateway id: start-mcp-gateway env: diff --git a/.github/workflows/ci-coach.lock.yml b/.github/workflows/ci-coach.lock.yml index 7b2e044406..70e76acaf3 100644 --- a/.github/workflows/ci-coach.lock.yml +++ b/.github/workflows/ci-coach.lock.yml @@ -196,8 +196,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -208,8 +216,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml index 0b20f52b4b..3e04b9d81b 100644 --- a/.github/workflows/ci-doctor.lock.yml +++ b/.github/workflows/ci-doctor.lock.yml @@ -166,8 +166,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -178,8 +186,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/claude-code-user-docs-review.lock.yml b/.github/workflows/claude-code-user-docs-review.lock.yml index f1bed6657d..b8f1564159 100644 --- a/.github/workflows/claude-code-user-docs-review.lock.yml +++ b/.github/workflows/claude-code-user-docs-review.lock.yml @@ -155,10 +155,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -169,8 +175,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml index c356254cec..04ede4a327 100644 --- a/.github/workflows/cli-consistency-checker.lock.yml +++ b/.github/workflows/cli-consistency-checker.lock.yml @@ -139,8 +139,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -151,8 +159,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml index e77ead181f..ef6c5f2627 100644 --- a/.github/workflows/cli-version-checker.lock.yml +++ b/.github/workflows/cli-version-checker.lock.yml @@ -162,10 +162,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -176,8 +182,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/cloclo.lock.yml b/.github/workflows/cloclo.lock.yml index e74cb7d9f7..18714c8cfb 100644 --- a/.github/workflows/cloclo.lock.yml +++ b/.github/workflows/cloclo.lock.yml @@ -246,10 +246,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -260,8 +266,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/code-scanning-fixer.lock.yml b/.github/workflows/code-scanning-fixer.lock.yml index e951e6d2e3..4a2dc0b16c 100644 --- a/.github/workflows/code-scanning-fixer.lock.yml +++ b/.github/workflows/code-scanning-fixer.lock.yml @@ -159,8 +159,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -171,8 +179,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/code-simplifier.lock.yml b/.github/workflows/code-simplifier.lock.yml index 875e5e7f6f..82bf4f9f23 100644 --- a/.github/workflows/code-simplifier.lock.yml +++ b/.github/workflows/code-simplifier.lock.yml @@ -146,8 +146,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -158,8 +166,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/codex-github-remote-mcp-test.lock.yml b/.github/workflows/codex-github-remote-mcp-test.lock.yml index 5678ac73c5..843bc9746c 100644 --- a/.github/workflows/codex-github-remote-mcp-test.lock.yml +++ b/.github/workflows/codex-github-remote-mcp-test.lock.yml @@ -122,15 +122,15 @@ jobs: env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY }} OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - - name: Setup Node.js - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 - with: - node-version: '24' - package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @openai/codex \ + --cli-version 0.92.0 \ + --cli-verify "codex --version" - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -141,8 +141,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 - name: Start MCP gateway id: start-mcp-gateway env: diff --git a/.github/workflows/commit-changes-analyzer.lock.yml b/.github/workflows/commit-changes-analyzer.lock.yml index 5e7ee76177..ad33215226 100644 --- a/.github/workflows/commit-changes-analyzer.lock.yml +++ b/.github/workflows/commit-changes-analyzer.lock.yml @@ -149,10 +149,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -163,8 +169,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/copilot-agent-analysis.lock.yml b/.github/workflows/copilot-agent-analysis.lock.yml index 29e183c31a..e4f7c52fa8 100644 --- a/.github/workflows/copilot-agent-analysis.lock.yml +++ b/.github/workflows/copilot-agent-analysis.lock.yml @@ -179,10 +179,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -193,8 +199,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/copilot-cli-deep-research.lock.yml b/.github/workflows/copilot-cli-deep-research.lock.yml index a499b92698..e21636ccab 100644 --- a/.github/workflows/copilot-cli-deep-research.lock.yml +++ b/.github/workflows/copilot-cli-deep-research.lock.yml @@ -154,8 +154,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -166,8 +174,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml index fdf7d9dfdf..8584de87d4 100644 --- a/.github/workflows/copilot-pr-merged-report.lock.yml +++ b/.github/workflows/copilot-pr-merged-report.lock.yml @@ -144,10 +144,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml index cb2ec639f7..8d5ca75a2a 100644 --- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml +++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml @@ -204,8 +204,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -216,8 +224,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml index 1819921b8d..17de29fbc2 100644 --- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml +++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml @@ -175,8 +175,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -187,8 +195,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/copilot-session-insights.lock.yml b/.github/workflows/copilot-session-insights.lock.yml index 75ff17377d..c86e74a990 100644 --- a/.github/workflows/copilot-session-insights.lock.yml +++ b/.github/workflows/copilot-session-insights.lock.yml @@ -203,10 +203,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -217,8 +223,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml index cfb2312e73..1f33eac9e5 100644 --- a/.github/workflows/craft.lock.yml +++ b/.github/workflows/craft.lock.yml @@ -175,8 +175,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -187,8 +195,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-assign-issue-to-user.lock.yml b/.github/workflows/daily-assign-issue-to-user.lock.yml index f9829dc71d..88e2d971bb 100644 --- a/.github/workflows/daily-assign-issue-to-user.lock.yml +++ b/.github/workflows/daily-assign-issue-to-user.lock.yml @@ -138,8 +138,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -150,8 +158,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-choice-test.lock.yml b/.github/workflows/daily-choice-test.lock.yml index 3faa164cc4..04630b1e36 100644 --- a/.github/workflows/daily-choice-test.lock.yml +++ b/.github/workflows/daily-choice-test.lock.yml @@ -142,10 +142,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -156,8 +162,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml index 9e7d98cf28..36f263db49 100644 --- a/.github/workflows/daily-cli-performance.lock.yml +++ b/.github/workflows/daily-cli-performance.lock.yml @@ -153,8 +153,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -165,8 +173,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-code-metrics.lock.yml b/.github/workflows/daily-code-metrics.lock.yml index 313c9acbad..04e68cf7e1 100644 --- a/.github/workflows/daily-code-metrics.lock.yml +++ b/.github/workflows/daily-code-metrics.lock.yml @@ -192,10 +192,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -206,8 +212,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-compiler-quality.lock.yml b/.github/workflows/daily-compiler-quality.lock.yml index 7ef31e97fd..e8a4835deb 100644 --- a/.github/workflows/daily-compiler-quality.lock.yml +++ b/.github/workflows/daily-compiler-quality.lock.yml @@ -154,8 +154,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -166,8 +174,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-copilot-token-report.lock.yml b/.github/workflows/daily-copilot-token-report.lock.yml index 71a67d5b57..ebde541913 100644 --- a/.github/workflows/daily-copilot-token-report.lock.yml +++ b/.github/workflows/daily-copilot-token-report.lock.yml @@ -202,8 +202,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -214,8 +222,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-doc-updater.lock.yml b/.github/workflows/daily-doc-updater.lock.yml index 2602189164..a3d0cd8735 100644 --- a/.github/workflows/daily-doc-updater.lock.yml +++ b/.github/workflows/daily-doc-updater.lock.yml @@ -154,10 +154,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -168,8 +174,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-fact.lock.yml b/.github/workflows/daily-fact.lock.yml index 7ed1ecab7a..e6544595fc 100644 --- a/.github/workflows/daily-fact.lock.yml +++ b/.github/workflows/daily-fact.lock.yml @@ -127,15 +127,16 @@ jobs: env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY }} OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - - name: Setup Node.js - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 - with: - node-version: '24' - package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @openai/codex \ + --cli-version 0.92.0 \ + --cli-verify "codex --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -146,8 +147,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml index 52512b8150..27784b42ae 100644 --- a/.github/workflows/daily-file-diet.lock.yml +++ b/.github/workflows/daily-file-diet.lock.yml @@ -146,8 +146,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -158,8 +166,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml index a59a328e09..ecf9f5eee9 100644 --- a/.github/workflows/daily-firewall-report.lock.yml +++ b/.github/workflows/daily-firewall-report.lock.yml @@ -198,8 +198,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -210,8 +218,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-issues-report.lock.yml b/.github/workflows/daily-issues-report.lock.yml index 51f6961bac..1d8fa37335 100644 --- a/.github/workflows/daily-issues-report.lock.yml +++ b/.github/workflows/daily-issues-report.lock.yml @@ -191,15 +191,16 @@ jobs: env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY }} OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - - name: Setup Node.js - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 - with: - node-version: '24' - package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @openai/codex \ + --cli-version 0.92.0 \ + --cli-verify "codex --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -210,8 +211,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml index 370ae333b8..42eb1d1905 100644 --- a/.github/workflows/daily-malicious-code-scan.lock.yml +++ b/.github/workflows/daily-malicious-code-scan.lock.yml @@ -143,8 +143,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -155,8 +163,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-multi-device-docs-tester.lock.yml b/.github/workflows/daily-multi-device-docs-tester.lock.yml index 29dd31abb2..ac96ee8f3d 100644 --- a/.github/workflows/daily-multi-device-docs-tester.lock.yml +++ b/.github/workflows/daily-multi-device-docs-tester.lock.yml @@ -153,10 +153,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -167,8 +173,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml index 1da734dbdb..d993483e23 100644 --- a/.github/workflows/daily-news.lock.yml +++ b/.github/workflows/daily-news.lock.yml @@ -259,8 +259,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -271,8 +279,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-observability-report.lock.yml b/.github/workflows/daily-observability-report.lock.yml index dc0e4feb16..44842f5294 100644 --- a/.github/workflows/daily-observability-report.lock.yml +++ b/.github/workflows/daily-observability-report.lock.yml @@ -146,15 +146,16 @@ jobs: env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY }} OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - - name: Setup Node.js - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 - with: - node-version: '24' - package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @openai/codex \ + --cli-version 0.92.0 \ + --cli-verify "codex --version" \ + --docker alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -165,8 +166,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Install gh-aw extension env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml index cae7423b16..87a5398bd7 100644 --- a/.github/workflows/daily-performance-summary.lock.yml +++ b/.github/workflows/daily-performance-summary.lock.yml @@ -181,15 +181,16 @@ jobs: env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY }} OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - - name: Setup Node.js - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 - with: - node-version: '24' - package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @openai/codex \ + --cli-version 0.92.0 \ + --cli-verify "codex --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -200,8 +201,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-regulatory.lock.yml b/.github/workflows/daily-regulatory.lock.yml index 0f520a3818..fc4cc98a76 100644 --- a/.github/workflows/daily-regulatory.lock.yml +++ b/.github/workflows/daily-regulatory.lock.yml @@ -146,8 +146,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -158,8 +166,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml index ea293a649c..3f9d0c9ebc 100644 --- a/.github/workflows/daily-repo-chronicle.lock.yml +++ b/.github/workflows/daily-repo-chronicle.lock.yml @@ -179,8 +179,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -191,8 +199,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml index e29b587594..e5ecf93231 100644 --- a/.github/workflows/daily-safe-output-optimizer.lock.yml +++ b/.github/workflows/daily-safe-output-optimizer.lock.yml @@ -186,10 +186,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -200,8 +206,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-secrets-analysis.lock.yml b/.github/workflows/daily-secrets-analysis.lock.yml index 238db20eca..1101af8506 100644 --- a/.github/workflows/daily-secrets-analysis.lock.yml +++ b/.github/workflows/daily-secrets-analysis.lock.yml @@ -144,8 +144,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -156,8 +164,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-semgrep-scan.lock.yml b/.github/workflows/daily-semgrep-scan.lock.yml index f323476790..3d2ea6affd 100644 --- a/.github/workflows/daily-semgrep-scan.lock.yml +++ b/.github/workflows/daily-semgrep-scan.lock.yml @@ -144,8 +144,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine semgrep/semgrep:latest - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -156,8 +164,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine semgrep/semgrep:latest - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-team-evolution-insights.lock.yml b/.github/workflows/daily-team-evolution-insights.lock.yml index 747ce47f0a..7b34cb421a 100644 --- a/.github/workflows/daily-team-evolution-insights.lock.yml +++ b/.github/workflows/daily-team-evolution-insights.lock.yml @@ -149,10 +149,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -163,8 +169,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml index 78b3fa418b..300da9756c 100644 --- a/.github/workflows/daily-team-status.lock.yml +++ b/.github/workflows/daily-team-status.lock.yml @@ -152,8 +152,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -164,8 +172,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-testify-uber-super-expert.lock.yml b/.github/workflows/daily-testify-uber-super-expert.lock.yml index b1546534be..c6034dc217 100644 --- a/.github/workflows/daily-testify-uber-super-expert.lock.yml +++ b/.github/workflows/daily-testify-uber-super-expert.lock.yml @@ -156,8 +156,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -168,8 +176,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml index f31cc905bd..5d6b10d215 100644 --- a/.github/workflows/daily-workflow-updater.lock.yml +++ b/.github/workflows/daily-workflow-updater.lock.yml @@ -139,8 +139,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -151,8 +159,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml index e48cb67736..d435e97e84 100644 --- a/.github/workflows/deep-report.lock.yml +++ b/.github/workflows/deep-report.lock.yml @@ -191,15 +191,16 @@ jobs: env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY }} OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - - name: Setup Node.js - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 - with: - node-version: '24' - package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @openai/codex \ + --cli-version 0.92.0 \ + --cli-verify "codex --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -210,8 +211,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/delight.lock.yml b/.github/workflows/delight.lock.yml index 8699354506..25d692517a 100644 --- a/.github/workflows/delight.lock.yml +++ b/.github/workflows/delight.lock.yml @@ -157,8 +157,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -169,8 +177,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/dependabot-bundler.lock.yml b/.github/workflows/dependabot-bundler.lock.yml index 1205d747ec..5aa0298ece 100644 --- a/.github/workflows/dependabot-bundler.lock.yml +++ b/.github/workflows/dependabot-bundler.lock.yml @@ -159,8 +159,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -171,8 +179,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/dependabot-burner.lock.yml b/.github/workflows/dependabot-burner.lock.yml index e31e83f335..9cef21b8f3 100644 --- a/.github/workflows/dependabot-burner.lock.yml +++ b/.github/workflows/dependabot-burner.lock.yml @@ -147,8 +147,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -159,8 +167,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml index 523586f1de..5a08245cb3 100644 --- a/.github/workflows/dependabot-go-checker.lock.yml +++ b/.github/workflows/dependabot-go-checker.lock.yml @@ -140,8 +140,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -152,8 +160,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index 56146099cc..0774393b07 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -169,8 +169,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -181,8 +189,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml index 515efd9110..f106f124f2 100644 --- a/.github/workflows/dev.lock.yml +++ b/.github/workflows/dev.lock.yml @@ -136,8 +136,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -148,8 +156,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/developer-docs-consolidator.lock.yml b/.github/workflows/developer-docs-consolidator.lock.yml index 5ed84344f9..81548d6140 100644 --- a/.github/workflows/developer-docs-consolidator.lock.yml +++ b/.github/workflows/developer-docs-consolidator.lock.yml @@ -160,10 +160,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -174,8 +180,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml index b31038d6b6..0b5f4ebb12 100644 --- a/.github/workflows/dictation-prompt.lock.yml +++ b/.github/workflows/dictation-prompt.lock.yml @@ -142,8 +142,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -154,8 +162,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/discussion-task-miner.lock.yml b/.github/workflows/discussion-task-miner.lock.yml index ed2d31ca15..f4e6c4f8d9 100644 --- a/.github/workflows/discussion-task-miner.lock.yml +++ b/.github/workflows/discussion-task-miner.lock.yml @@ -157,8 +157,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -169,8 +177,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml index c502d627dd..5949603588 100644 --- a/.github/workflows/docs-noob-tester.lock.yml +++ b/.github/workflows/docs-noob-tester.lock.yml @@ -143,8 +143,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -155,8 +163,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/draft-pr-cleanup.lock.yml b/.github/workflows/draft-pr-cleanup.lock.yml index a0326ea19d..abb9bae866 100644 --- a/.github/workflows/draft-pr-cleanup.lock.yml +++ b/.github/workflows/draft-pr-cleanup.lock.yml @@ -138,8 +138,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -150,8 +158,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/duplicate-code-detector.lock.yml b/.github/workflows/duplicate-code-detector.lock.yml index 62a08dd7d6..f7bd375ab3 100644 --- a/.github/workflows/duplicate-code-detector.lock.yml +++ b/.github/workflows/duplicate-code-detector.lock.yml @@ -138,15 +138,16 @@ jobs: env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY }} OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - - name: Setup Node.js - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 - with: - node-version: '24' - package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @openai/codex \ + --cli-version 0.92.0 \ + --cli-verify "codex --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -157,8 +158,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/example-custom-error-patterns.lock.yml b/.github/workflows/example-custom-error-patterns.lock.yml index 85268722bc..698412fbc6 100644 --- a/.github/workflows/example-custom-error-patterns.lock.yml +++ b/.github/workflows/example-custom-error-patterns.lock.yml @@ -125,8 +125,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -137,8 +145,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 - name: Start MCP gateway id: start-mcp-gateway env: diff --git a/.github/workflows/example-permissions-warning.lock.yml b/.github/workflows/example-permissions-warning.lock.yml index cb2367eeac..34593e4863 100644 --- a/.github/workflows/example-permissions-warning.lock.yml +++ b/.github/workflows/example-permissions-warning.lock.yml @@ -124,8 +124,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -136,8 +144,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 - name: Start MCP gateway id: start-mcp-gateway env: diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml index d7c4a88f4a..648037d1c0 100644 --- a/.github/workflows/example-workflow-analyzer.lock.yml +++ b/.github/workflows/example-workflow-analyzer.lock.yml @@ -148,10 +148,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -162,8 +168,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Install gh-aw extension env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/firewall-escape.lock.yml b/.github/workflows/firewall-escape.lock.yml index 57a3987e55..00db128a4d 100644 --- a/.github/workflows/firewall-escape.lock.yml +++ b/.github/workflows/firewall-escape.lock.yml @@ -170,8 +170,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -182,8 +190,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/firewall.lock.yml b/.github/workflows/firewall.lock.yml index 746115e485..9e8b129d99 100644 --- a/.github/workflows/firewall.lock.yml +++ b/.github/workflows/firewall.lock.yml @@ -124,8 +124,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -136,8 +144,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 - name: Start MCP gateway id: start-mcp-gateway env: diff --git a/.github/workflows/github-mcp-structural-analysis.lock.yml b/.github/workflows/github-mcp-structural-analysis.lock.yml index cfd6ba1902..788c54f149 100644 --- a/.github/workflows/github-mcp-structural-analysis.lock.yml +++ b/.github/workflows/github-mcp-structural-analysis.lock.yml @@ -184,10 +184,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -198,8 +204,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/github-mcp-tools-report.lock.yml b/.github/workflows/github-mcp-tools-report.lock.yml index b4d40d1757..9a1b9e06ad 100644 --- a/.github/workflows/github-mcp-tools-report.lock.yml +++ b/.github/workflows/github-mcp-tools-report.lock.yml @@ -161,10 +161,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -175,8 +181,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/github-remote-mcp-auth-test.lock.yml b/.github/workflows/github-remote-mcp-auth-test.lock.yml index cfbaa08b00..62d2589764 100644 --- a/.github/workflows/github-remote-mcp-auth-test.lock.yml +++ b/.github/workflows/github-remote-mcp-auth-test.lock.yml @@ -139,8 +139,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -151,8 +159,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml index b0de07187a..80643ec8cf 100644 --- a/.github/workflows/glossary-maintainer.lock.yml +++ b/.github/workflows/glossary-maintainer.lock.yml @@ -155,8 +155,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -167,8 +175,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/go-fan.lock.yml b/.github/workflows/go-fan.lock.yml index 9377a24942..c326675fb0 100644 --- a/.github/workflows/go-fan.lock.yml +++ b/.github/workflows/go-fan.lock.yml @@ -158,10 +158,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -172,8 +178,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml index 5bab0e94b8..f88e836c2f 100644 --- a/.github/workflows/go-logger.lock.yml +++ b/.github/workflows/go-logger.lock.yml @@ -174,10 +174,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -188,8 +194,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml index 5ce35e921c..1b2ce43469 100644 --- a/.github/workflows/go-pattern-detector.lock.yml +++ b/.github/workflows/go-pattern-detector.lock.yml @@ -149,10 +149,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 mcp/ast-grep:latest node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -163,8 +169,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcp/ast-grep:latest node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml index c2b944f879..6437819f78 100644 --- a/.github/workflows/grumpy-reviewer.lock.yml +++ b/.github/workflows/grumpy-reviewer.lock.yml @@ -184,8 +184,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -196,8 +204,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/hourly-ci-cleaner.lock.yml b/.github/workflows/hourly-ci-cleaner.lock.yml index d98cdcd0e1..eb91e9eeca 100644 --- a/.github/workflows/hourly-ci-cleaner.lock.yml +++ b/.github/workflows/hourly-ci-cleaner.lock.yml @@ -168,8 +168,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -180,8 +188,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/instructions-janitor.lock.yml b/.github/workflows/instructions-janitor.lock.yml index eb1d3b2c56..7408b2dec3 100644 --- a/.github/workflows/instructions-janitor.lock.yml +++ b/.github/workflows/instructions-janitor.lock.yml @@ -154,10 +154,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -168,8 +174,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/issue-arborist.lock.yml b/.github/workflows/issue-arborist.lock.yml index 89a3242e69..903c1c6f45 100644 --- a/.github/workflows/issue-arborist.lock.yml +++ b/.github/workflows/issue-arborist.lock.yml @@ -149,15 +149,16 @@ jobs: env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY }} OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - - name: Setup Node.js - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 - with: - node-version: '24' - package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @openai/codex \ + --cli-version 0.92.0 \ + --cli-verify "codex --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -168,8 +169,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml index 9050515243..5bccfa711f 100644 --- a/.github/workflows/issue-monster.lock.yml +++ b/.github/workflows/issue-monster.lock.yml @@ -151,8 +151,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -163,8 +171,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/issue-triage-agent.lock.yml b/.github/workflows/issue-triage-agent.lock.yml index 5a28637b89..6716e5cb04 100644 --- a/.github/workflows/issue-triage-agent.lock.yml +++ b/.github/workflows/issue-triage-agent.lock.yml @@ -123,8 +123,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -135,8 +143,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/jsweep.lock.yml b/.github/workflows/jsweep.lock.yml index 8f65de53d5..bfa9671914 100644 --- a/.github/workflows/jsweep.lock.yml +++ b/.github/workflows/jsweep.lock.yml @@ -160,8 +160,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -172,8 +180,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/layout-spec-maintainer.lock.yml b/.github/workflows/layout-spec-maintainer.lock.yml index 30c3d6eeda..26c5f4280b 100644 --- a/.github/workflows/layout-spec-maintainer.lock.yml +++ b/.github/workflows/layout-spec-maintainer.lock.yml @@ -147,8 +147,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -159,8 +167,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/lockfile-stats.lock.yml b/.github/workflows/lockfile-stats.lock.yml index 790e636a2b..3339aa7435 100644 --- a/.github/workflows/lockfile-stats.lock.yml +++ b/.github/workflows/lockfile-stats.lock.yml @@ -158,10 +158,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -172,8 +178,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index 475a97227d..5a1e553bf2 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -197,8 +197,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker docker.io/mcp/brave-search ghcr.io/github/github-mcp-server:v0.30.2 mcp/arxiv-mcp-server mcp/ast-grep:latest mcp/context7 mcp/markitdown mcp/memory mcp/notion node:lts-alpine python:alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -209,8 +217,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh docker.io/mcp/brave-search ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcp/arxiv-mcp-server mcp/ast-grep:latest mcp/context7 mcp/markitdown mcp/memory mcp/notion node:lts-alpine python:alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml index 6e68a0c0d6..1566893da0 100644 --- a/.github/workflows/mergefest.lock.yml +++ b/.github/workflows/mergefest.lock.yml @@ -161,8 +161,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -173,8 +181,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/metrics-collector.lock.yml b/.github/workflows/metrics-collector.lock.yml index 3246d34b05..76017092f6 100644 --- a/.github/workflows/metrics-collector.lock.yml +++ b/.github/workflows/metrics-collector.lock.yml @@ -140,8 +140,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -152,8 +160,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 - name: Install gh-aw extension env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml index d36f3ecd2f..25c307975e 100644 --- a/.github/workflows/notion-issue-summary.lock.yml +++ b/.github/workflows/notion-issue-summary.lock.yml @@ -145,8 +145,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 mcp/notion node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -157,8 +165,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcp/notion node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/org-health-report.lock.yml b/.github/workflows/org-health-report.lock.yml index 089b6304a3..b0e5428dc6 100644 --- a/.github/workflows/org-health-report.lock.yml +++ b/.github/workflows/org-health-report.lock.yml @@ -183,10 +183,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml index 888eee0a06..b72290c659 100644 --- a/.github/workflows/pdf-summary.lock.yml +++ b/.github/workflows/pdf-summary.lock.yml @@ -204,8 +204,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 mcp/markitdown node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -216,8 +224,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcp/markitdown node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml index 0b84e8ede2..5c7c11c2c3 100644 --- a/.github/workflows/plan.lock.yml +++ b/.github/workflows/plan.lock.yml @@ -174,8 +174,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -186,8 +194,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml index 308de010b9..7425c20559 100644 --- a/.github/workflows/poem-bot.lock.yml +++ b/.github/workflows/poem-bot.lock.yml @@ -193,8 +193,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -205,8 +213,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/portfolio-analyst.lock.yml b/.github/workflows/portfolio-analyst.lock.yml index 89275f2df5..f1c0e8c8b1 100644 --- a/.github/workflows/portfolio-analyst.lock.yml +++ b/.github/workflows/portfolio-analyst.lock.yml @@ -205,8 +205,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -217,8 +225,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml index d442dc40c9..807886451b 100644 --- a/.github/workflows/pr-nitpick-reviewer.lock.yml +++ b/.github/workflows/pr-nitpick-reviewer.lock.yml @@ -205,8 +205,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -217,8 +225,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/pr-triage-agent.lock.yml b/.github/workflows/pr-triage-agent.lock.yml index e4f6b618ee..b5c553e92d 100644 --- a/.github/workflows/pr-triage-agent.lock.yml +++ b/.github/workflows/pr-triage-agent.lock.yml @@ -147,8 +147,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -159,8 +167,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml index bd2f88d221..d8e602912e 100644 --- a/.github/workflows/prompt-clustering-analysis.lock.yml +++ b/.github/workflows/prompt-clustering-analysis.lock.yml @@ -231,10 +231,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -245,8 +251,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index f0f72d9007..b953d28401 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -177,8 +177,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -189,8 +197,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Install gh-aw extension env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index 325a596d84..c041a3c15d 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -233,8 +233,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -245,8 +253,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml index 8ee9b358f4..7698e78e28 100644 --- a/.github/workflows/release.lock.yml +++ b/.github/workflows/release.lock.yml @@ -158,8 +158,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -170,8 +178,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/repo-audit-analyzer.lock.yml b/.github/workflows/repo-audit-analyzer.lock.yml index 7b19876a04..22bfebef51 100644 --- a/.github/workflows/repo-audit-analyzer.lock.yml +++ b/.github/workflows/repo-audit-analyzer.lock.yml @@ -160,8 +160,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -172,8 +180,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml index 093855b9c1..9d6de18880 100644 --- a/.github/workflows/repo-tree-map.lock.yml +++ b/.github/workflows/repo-tree-map.lock.yml @@ -143,8 +143,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -155,8 +163,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/repository-quality-improver.lock.yml b/.github/workflows/repository-quality-improver.lock.yml index c8c7e6fae1..519d8970e3 100644 --- a/.github/workflows/repository-quality-improver.lock.yml +++ b/.github/workflows/repository-quality-improver.lock.yml @@ -156,8 +156,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -168,8 +176,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml index 393f9307ad..235e3e22b2 100644 --- a/.github/workflows/research.lock.yml +++ b/.github/workflows/research.lock.yml @@ -146,8 +146,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -158,8 +166,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml index 95080bde3e..b026ef9167 100644 --- a/.github/workflows/safe-output-health.lock.yml +++ b/.github/workflows/safe-output-health.lock.yml @@ -183,10 +183,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -197,8 +203,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/schema-consistency-checker.lock.yml b/.github/workflows/schema-consistency-checker.lock.yml index 1cca192f3a..bae048ecee 100644 --- a/.github/workflows/schema-consistency-checker.lock.yml +++ b/.github/workflows/schema-consistency-checker.lock.yml @@ -161,10 +161,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -175,8 +181,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/scout.lock.yml b/.github/workflows/scout.lock.yml index 2eebc1d031..8c1814adfa 100644 --- a/.github/workflows/scout.lock.yml +++ b/.github/workflows/scout.lock.yml @@ -237,10 +237,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 mcp/arxiv-mcp-server mcp/markitdown node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -251,8 +257,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcp/arxiv-mcp-server mcp/markitdown node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/secret-scanning-triage.lock.yml b/.github/workflows/secret-scanning-triage.lock.yml index 13556a3b16..0dbea1c0a5 100644 --- a/.github/workflows/secret-scanning-triage.lock.yml +++ b/.github/workflows/secret-scanning-triage.lock.yml @@ -161,8 +161,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -173,8 +181,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/security-alert-burndown.lock.yml b/.github/workflows/security-alert-burndown.lock.yml index 09225d9796..e29fc0e40e 100644 --- a/.github/workflows/security-alert-burndown.lock.yml +++ b/.github/workflows/security-alert-burndown.lock.yml @@ -137,8 +137,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -149,8 +157,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/security-compliance.lock.yml b/.github/workflows/security-compliance.lock.yml index a3d38fa7dc..082de18741 100644 --- a/.github/workflows/security-compliance.lock.yml +++ b/.github/workflows/security-compliance.lock.yml @@ -154,8 +154,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -166,8 +174,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/security-fix-pr.lock.yml b/.github/workflows/security-fix-pr.lock.yml index 49df224019..9dbde2a57a 100644 --- a/.github/workflows/security-fix-pr.lock.yml +++ b/.github/workflows/security-fix-pr.lock.yml @@ -164,8 +164,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -176,8 +184,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/security-guard.lock.yml b/.github/workflows/security-guard.lock.yml index 4ad0c9d540..3dc31e2229 100644 --- a/.github/workflows/security-guard.lock.yml +++ b/.github/workflows/security-guard.lock.yml @@ -144,8 +144,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -156,8 +164,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/security-review.lock.yml b/.github/workflows/security-review.lock.yml index 9367805e6a..495c677128 100644 --- a/.github/workflows/security-review.lock.yml +++ b/.github/workflows/security-review.lock.yml @@ -189,8 +189,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -201,8 +209,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Install gh-aw extension env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/semantic-function-refactor.lock.yml b/.github/workflows/semantic-function-refactor.lock.yml index 06e178d400..85d350cc9e 100644 --- a/.github/workflows/semantic-function-refactor.lock.yml +++ b/.github/workflows/semantic-function-refactor.lock.yml @@ -147,10 +147,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -161,8 +167,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/sergo.lock.yml b/.github/workflows/sergo.lock.yml index 843edc5f5a..2d54a2b5d9 100644 --- a/.github/workflows/sergo.lock.yml +++ b/.github/workflows/sergo.lock.yml @@ -159,10 +159,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -173,8 +179,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/slide-deck-maintainer.lock.yml b/.github/workflows/slide-deck-maintainer.lock.yml index 9910840aa4..ca439de160 100644 --- a/.github/workflows/slide-deck-maintainer.lock.yml +++ b/.github/workflows/slide-deck-maintainer.lock.yml @@ -168,8 +168,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -180,8 +188,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml index 463009553e..467291217c 100644 --- a/.github/workflows/smoke-claude.lock.yml +++ b/.github/workflows/smoke-claude.lock.yml @@ -194,10 +194,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -221,8 +227,6 @@ jobs: permission-discussions: read permission-issues: read permission-pull-requests: read - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml index 9dbace1a1d..4c3cdab1a6 100644 --- a/.github/workflows/smoke-codex.lock.yml +++ b/.github/workflows/smoke-codex.lock.yml @@ -186,15 +186,16 @@ jobs: env: CODEX_API_KEY: ${{ secrets.CODEX_API_KEY }} OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} - - name: Setup Node.js - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 - with: - node-version: '24' - package-manager-cache: false - - name: Install Codex - run: npm install -g --silent @openai/codex@0.92.0 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @openai/codex \ + --cli-version 0.92.0 \ + --cli-verify "codex --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -205,8 +206,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml index ebf8179efb..201e97b355 100644 --- a/.github/workflows/smoke-copilot.lock.yml +++ b/.github/workflows/smoke-copilot.lock.yml @@ -187,8 +187,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -199,8 +207,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh alpine:latest ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Install gh-aw extension env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/smoke-test-tools.lock.yml b/.github/workflows/smoke-test-tools.lock.yml index ccadf39d63..e56ec13ef8 100644 --- a/.github/workflows/smoke-test-tools.lock.yml +++ b/.github/workflows/smoke-test-tools.lock.yml @@ -170,8 +170,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -182,8 +190,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/stale-repo-identifier.lock.yml b/.github/workflows/stale-repo-identifier.lock.yml index fec70795d3..9b2f64b1f2 100644 --- a/.github/workflows/stale-repo-identifier.lock.yml +++ b/.github/workflows/stale-repo-identifier.lock.yml @@ -225,10 +225,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml index 63a1a7f92b..4743251511 100644 --- a/.github/workflows/static-analysis-report.lock.yml +++ b/.github/workflows/static-analysis-report.lock.yml @@ -182,10 +182,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -196,8 +202,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/step-name-alignment.lock.yml b/.github/workflows/step-name-alignment.lock.yml index 05b70aa7b8..f9348adb8a 100644 --- a/.github/workflows/step-name-alignment.lock.yml +++ b/.github/workflows/step-name-alignment.lock.yml @@ -154,10 +154,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -168,8 +174,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/sub-issue-closer.lock.yml b/.github/workflows/sub-issue-closer.lock.yml index d8b13e4840..de14c139af 100644 --- a/.github/workflows/sub-issue-closer.lock.yml +++ b/.github/workflows/sub-issue-closer.lock.yml @@ -138,8 +138,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -150,8 +158,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml index 77f3d5130c..7bbf69bbf7 100644 --- a/.github/workflows/super-linter.lock.yml +++ b/.github/workflows/super-linter.lock.yml @@ -162,8 +162,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -174,8 +182,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml index 62b1ac67a4..ac34dc83e9 100644 --- a/.github/workflows/technical-doc-writer.lock.yml +++ b/.github/workflows/technical-doc-writer.lock.yml @@ -174,8 +174,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -186,8 +194,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/terminal-stylist.lock.yml b/.github/workflows/terminal-stylist.lock.yml index 3596e7e077..d9b5bfd00b 100644 --- a/.github/workflows/terminal-stylist.lock.yml +++ b/.github/workflows/terminal-stylist.lock.yml @@ -137,8 +137,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -149,8 +157,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/test-create-pr-error-handling.lock.yml b/.github/workflows/test-create-pr-error-handling.lock.yml index 500cba9415..85f373bb4b 100644 --- a/.github/workflows/test-create-pr-error-handling.lock.yml +++ b/.github/workflows/test-create-pr-error-handling.lock.yml @@ -151,10 +151,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -165,8 +171,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml index d04b955b01..28b0232934 100644 --- a/.github/workflows/tidy.lock.yml +++ b/.github/workflows/tidy.lock.yml @@ -185,8 +185,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -197,8 +205,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/typist.lock.yml b/.github/workflows/typist.lock.yml index 180441ad1c..775c0e94ea 100644 --- a/.github/workflows/typist.lock.yml +++ b/.github/workflows/typist.lock.yml @@ -146,10 +146,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -160,8 +166,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/ubuntu-image-analyzer.lock.yml b/.github/workflows/ubuntu-image-analyzer.lock.yml index fdd961f53b..c288f7f616 100644 --- a/.github/workflows/ubuntu-image-analyzer.lock.yml +++ b/.github/workflows/ubuntu-image-analyzer.lock.yml @@ -143,8 +143,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -155,8 +163,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/unbloat-docs.lock.yml b/.github/workflows/unbloat-docs.lock.yml index 6f865eb401..049fa957e2 100644 --- a/.github/workflows/unbloat-docs.lock.yml +++ b/.github/workflows/unbloat-docs.lock.yml @@ -199,10 +199,16 @@ jobs: with: node-version: '24' package-manager-cache: false - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 - - name: Install Claude Code CLI - run: npm install -g --silent @anthropic-ai/claude-code@2.1.22 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-npm @anthropic-ai/claude-code \ + --cli-version 2.1.22 \ + --cli-verify "claude-code --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -213,8 +219,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 mcr.microsoft.com/playwright/mcp node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml index b3680c8218..1fd3078c6b 100644 --- a/.github/workflows/video-analyzer.lock.yml +++ b/.github/workflows/video-analyzer.lock.yml @@ -153,8 +153,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -165,8 +173,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml index 396387f8c0..87e743140f 100644 --- a/.github/workflows/weekly-issue-summary.lock.yml +++ b/.github/workflows/weekly-issue-summary.lock.yml @@ -160,8 +160,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -172,8 +180,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/workflow-generator.lock.yml b/.github/workflows/workflow-generator.lock.yml index cb84e43b2a..d3cfd5d463 100644 --- a/.github/workflows/workflow-generator.lock.yml +++ b/.github/workflows/workflow-generator.lock.yml @@ -169,8 +169,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -181,8 +189,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/workflow-health-manager.lock.yml b/.github/workflows/workflow-health-manager.lock.yml index 735ec11acb..4f8ee6bdcb 100644 --- a/.github/workflows/workflow-health-manager.lock.yml +++ b/.github/workflows/workflow-health-manager.lock.yml @@ -155,8 +155,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -167,8 +175,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/workflow-normalizer.lock.yml b/.github/workflows/workflow-normalizer.lock.yml index 1b5592b7ae..251c2b38ab 100644 --- a/.github/workflows/workflow-normalizer.lock.yml +++ b/.github/workflows/workflow-normalizer.lock.yml @@ -161,8 +161,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -173,8 +181,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/.github/workflows/workflow-skill-extractor.lock.yml b/.github/workflows/workflow-skill-extractor.lock.yml index c95a8fba40..06039a34a0 100644 --- a/.github/workflows/workflow-skill-extractor.lock.yml +++ b/.github/workflows/workflow-skill-extractor.lock.yml @@ -144,8 +144,16 @@ jobs: COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} - name: Install GitHub Copilot CLI run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.397 - - name: Install awf binary - run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.11.2 + - name: Install dependencies in parallel + run: | + # Install dependencies in parallel to reduce setup time + # This parallelizes AWF binary, CLI, and Docker image downloads + bash /opt/gh-aw/actions/install_parallel_setup.sh \ + --awf v0.11.2 \ + --cli-script https://raw.githubusercontent.com/github/copilot-cli/main/install.sh \ + --cli-version 0.0.397 \ + --cli-verify "copilot --version" \ + --docker ghcr.io/github/github-mcp-server:v0.30.2 node:lts-alpine - name: Determine automatic lockdown mode for GitHub MCP server id: determine-automatic-lockdown env: @@ -156,8 +164,6 @@ jobs: script: | const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - - name: Download container images - run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.30.2 ghcr.io/githubnext/gh-aw-mcpg:v0.0.84 node:lts-alpine - name: Write Safe Outputs Config run: | mkdir -p /opt/gh-aw/safeoutputs diff --git a/actions/setup/sh/install_parallel_setup.sh b/actions/setup/sh/install_parallel_setup.sh new file mode 100755 index 0000000000..e30d87bb17 --- /dev/null +++ b/actions/setup/sh/install_parallel_setup.sh @@ -0,0 +1,214 @@ +#!/usr/bin/env bash +# Install dependencies in parallel to reduce sequential execution time +# Usage: install_parallel_setup.sh [OPTIONS] +# +# This script parallelizes independent setup operations: +# - AWF binary installation (if --awf is specified) +# - CLI installation via script, npm, or download (if --cli-* is specified) +# - Docker image downloads (if --docker is specified) +# +# Options: +# --awf VERSION Install AWF binary with version VERSION +# --cli-script URL Install CLI using installer script from URL +# --cli-npm PACKAGE Install CLI using npm install -g PACKAGE +# --cli-download URL Install CLI by downloading binary from URL +# --cli-version VERSION Version for CLI installation (optional) +# --cli-verify CMD Command to verify CLI installation (optional) +# --docker IMAGE... Download Docker images (space-separated list) +# +# All operations run in parallel using background jobs, with proper error handling +# that preserves exit codes from failed jobs. + +set -euo pipefail + +# Parse arguments +AWF_VERSION="" +CLI_METHOD="" +CLI_SCRIPT_URL="" +CLI_NPM_PACKAGE="" +CLI_DOWNLOAD_URL="" +CLI_VERSION="" +CLI_VERIFY_CMD="" +DOCKER_IMAGES=() + +while [[ $# -gt 0 ]]; do + case $1 in + --awf) + AWF_VERSION="$2" + shift 2 + ;; + --cli-script) + CLI_METHOD="script" + CLI_SCRIPT_URL="$2" + shift 2 + ;; + --cli-npm) + CLI_METHOD="npm" + CLI_NPM_PACKAGE="$2" + shift 2 + ;; + --cli-download) + CLI_METHOD="download" + CLI_DOWNLOAD_URL="$2" + shift 2 + ;; + --cli-version) + CLI_VERSION="$2" + shift 2 + ;; + --cli-verify) + CLI_VERIFY_CMD="$2" + shift 2 + ;; + --docker) + shift + # Collect all remaining args as docker images + while [[ $# -gt 0 ]] && [[ ! $1 =~ ^-- ]]; do + DOCKER_IMAGES+=("$1") + shift + done + ;; + *) + echo "ERROR: Unknown option: $1" + echo "Usage: $0 [--awf VERSION] [--cli-script URL | --cli-npm PACKAGE | --cli-download URL] [--cli-version VERSION] [--cli-verify CMD] [--docker IMAGE1 IMAGE2 ...]" + exit 1 + ;; + esac +done + +# Track background job PIDs +PIDS=() +JOB_NAMES=() + +# Error handling: collect exit codes from background jobs +EXIT_CODES=() + +echo "Starting parallel setup operations..." + +# Start AWF installation in background if requested +if [ -n "$AWF_VERSION" ]; then + echo "Starting AWF binary installation (version: $AWF_VERSION)..." + { + bash /opt/gh-aw/actions/install_awf_binary.sh "$AWF_VERSION" + exit $? + } & + PIDS+=($!) + JOB_NAMES+=("AWF binary") +fi + +# Start CLI installation in background if requested +if [ -n "$CLI_METHOD" ]; then + case "$CLI_METHOD" in + script) + echo "Starting CLI installation via script (URL: $CLI_SCRIPT_URL)..." + { + # Download installer script + INSTALLER_TEMP="/tmp/cli-install-$$.sh" + curl -fsSL "$CLI_SCRIPT_URL" -o "$INSTALLER_TEMP" + + # Execute the installer with version if specified + if [ -n "$CLI_VERSION" ]; then + sudo VERSION="$CLI_VERSION" bash "$INSTALLER_TEMP" + else + sudo bash "$INSTALLER_TEMP" + fi + + # Cleanup + rm -f "$INSTALLER_TEMP" + + # Verify installation if command provided + if [ -n "$CLI_VERIFY_CMD" ]; then + eval "$CLI_VERIFY_CMD" + fi + + exit $? + } & + PIDS+=($!) + JOB_NAMES+=("CLI (script)") + ;; + npm) + echo "Starting CLI installation via npm (package: $CLI_NPM_PACKAGE)..." + { + # Install via npm + if [ -n "$CLI_VERSION" ]; then + npm install -g "${CLI_NPM_PACKAGE}@${CLI_VERSION}" + else + npm install -g "$CLI_NPM_PACKAGE" + fi + + # Verify installation if command provided + if [ -n "$CLI_VERIFY_CMD" ]; then + eval "$CLI_VERIFY_CMD" + fi + + exit $? + } & + PIDS+=($!) + JOB_NAMES+=("CLI (npm)") + ;; + download) + echo "Starting CLI installation via direct download (URL: $CLI_DOWNLOAD_URL)..." + { + # Download binary + CLI_TEMP="/tmp/cli-binary-$$" + curl -fsSL "$CLI_DOWNLOAD_URL" -o "$CLI_TEMP" + + # Make executable and install + chmod +x "$CLI_TEMP" + sudo mv "$CLI_TEMP" /usr/local/bin/ + + # Verify installation if command provided + if [ -n "$CLI_VERIFY_CMD" ]; then + eval "$CLI_VERIFY_CMD" + fi + + exit $? + } & + PIDS+=($!) + JOB_NAMES+=("CLI (download)") + ;; + esac +fi + +# Start Docker image downloads in background if requested +if [ ${#DOCKER_IMAGES[@]} -gt 0 ]; then + echo "Starting Docker image downloads (${#DOCKER_IMAGES[@]} images)..." + { + bash /opt/gh-aw/actions/download_docker_images.sh "${DOCKER_IMAGES[@]}" + exit $? + } & + PIDS+=($!) + JOB_NAMES+=("Docker images") +fi + +# Wait for all background jobs to complete and collect exit codes +echo "Waiting for ${#PIDS[@]} parallel operations to complete..." + +FAILED_JOBS=() +for i in "${!PIDS[@]}"; do + PID="${PIDS[$i]}" + JOB_NAME="${JOB_NAMES[$i]}" + + # Wait for specific PID and capture its exit code + if wait "$PID"; then + echo "✓ ${JOB_NAME} completed successfully" + EXIT_CODES+=("0") + else + EXIT_CODE=$? + echo "✗ ${JOB_NAME} failed with exit code ${EXIT_CODE}" + EXIT_CODES+=("${EXIT_CODE}") + FAILED_JOBS+=("${JOB_NAME}") + fi +done + +# Report results +if [ ${#FAILED_JOBS[@]} -eq 0 ]; then + echo "✓ All ${#PIDS[@]} parallel setup operations completed successfully" + exit 0 +else + echo "✗ ${#FAILED_JOBS[@]} of ${#PIDS[@]} operations failed:" + for JOB in "${FAILED_JOBS[@]}"; do + echo " - ${JOB}" + done + exit 1 +fi diff --git a/pkg/workflow/agentic_workflow_test.go b/pkg/workflow/agentic_workflow_test.go index ae9eac4202..b443cb7be5 100644 --- a/pkg/workflow/agentic_workflow_test.go +++ b/pkg/workflow/agentic_workflow_test.go @@ -150,7 +150,7 @@ func TestAgenticWorkflowsInstallStepIncludesGHToken(t *testing.T) { var yaml strings.Builder engine := NewCopilotEngine() - c.generateMCPSetup(&yaml, workflowData.Tools, engine, workflowData) + c.generateMCPSetup(&yaml, workflowData.Tools, engine, workflowData, false) result := yaml.String() // Verify the install step is present @@ -185,7 +185,7 @@ func TestAgenticWorkflowsInstallStepWithCustomToken(t *testing.T) { var yaml strings.Builder engine := NewCopilotEngine() - c.generateMCPSetup(&yaml, workflowData.Tools, engine, workflowData) + c.generateMCPSetup(&yaml, workflowData.Tools, engine, workflowData, false) result := yaml.String() // Verify the install step is present @@ -214,7 +214,7 @@ func TestAgenticWorkflowsInstallStepSkippedWithImport(t *testing.T) { var yaml strings.Builder engine := NewCopilotEngine() - c.generateMCPSetup(&yaml, workflowData.Tools, engine, workflowData) + c.generateMCPSetup(&yaml, workflowData.Tools, engine, workflowData, false) result := yaml.String() // Verify the install step is NOT present when import exists @@ -239,7 +239,7 @@ func TestAgenticWorkflowsInstallStepPresentWithoutImport(t *testing.T) { var yaml strings.Builder engine := NewCopilotEngine() - c.generateMCPSetup(&yaml, workflowData.Tools, engine, workflowData) + c.generateMCPSetup(&yaml, workflowData.Tools, engine, workflowData, false) result := yaml.String() // Verify the install step IS present when no import exists diff --git a/pkg/workflow/claude_engine.go b/pkg/workflow/claude_engine.go index 8765cd3e6d..62026e1bf7 100644 --- a/pkg/workflow/claude_engine.go +++ b/pkg/workflow/claude_engine.go @@ -106,26 +106,17 @@ func (e *ClaudeEngine) GetInstallationSteps(workflowData *WorkflowData) []GitHub // Add AWF installation if firewall is enabled if isFirewallEnabled(workflowData) { - // Install AWF after Node.js setup but before Claude CLI installation - firewallConfig := getFirewallConfig(workflowData) - agentConfig := getAgentConfig(workflowData) - var awfVersion string - if firewallConfig != nil { - awfVersion = firewallConfig.Version - } - - // Install AWF binary (or skip if custom command is specified) - awfInstall := generateAWFInstallationStep(awfVersion, agentConfig) - if len(awfInstall) > 0 { - steps = append(steps, awfInstall) + // Use parallel installation for AWF + Claude CLI + // This is handled by generateParallelInstallationStep in compiler_yaml_main_job.go + // Skip individual AWF and Claude steps here - they'll be combined + claudeLog.Print("Skipping individual AWF and Claude installation steps (will use parallel installation)") + } else { + // No firewall, just install Claude CLI sequentially + if len(npmSteps) > 1 { + steps = append(steps, npmSteps[1:]...) // Install Claude CLI and subsequent steps } } - // Add Claude CLI installation step after sandbox installation - if len(npmSteps) > 1 { - steps = append(steps, npmSteps[1:]...) // Install Claude CLI and subsequent steps - } - return steps } diff --git a/pkg/workflow/claude_engine_network_test.go b/pkg/workflow/claude_engine_network_test.go index bdc5d5c15d..b7ba7091c3 100644 --- a/pkg/workflow/claude_engine_network_test.go +++ b/pkg/workflow/claude_engine_network_test.go @@ -19,8 +19,9 @@ func TestClaudeEngineNetworkPermissions(t *testing.T) { } steps := engine.GetInstallationSteps(workflowData) + // Without firewall: secret validation + Node.js setup + Claude install if len(steps) != 3 { - t.Errorf("Expected 3 installation steps without network permissions (secret validation + Node.js setup + install), got %d", len(steps)) + t.Errorf("Expected 3 installation steps without network permissions (secret validation + Node.js setup + Claude install), got %d", len(steps)) } }) @@ -37,15 +38,32 @@ func TestClaudeEngineNetworkPermissions(t *testing.T) { } steps := engine.GetInstallationSteps(workflowData) - // With AWF enabled: secret validation + Node.js setup + AWF install + Claude install - if len(steps) != 4 { - t.Errorf("Expected 4 installation steps with network permissions and AWF (secret validation + Node.js setup + AWF install + Claude install), got %d", len(steps)) + // With AWF enabled (using parallel installation): secret validation + Node.js setup + // AWF and Claude CLI installation are deferred to parallel installation step + if len(steps) != 2 { + t.Errorf("Expected 2 installation steps with firewall enabled (secret validation + Node.js setup), got %d", len(steps)) } - // Check AWF installation step (3rd step, index 2) - awfStepStr := strings.Join(steps[2], "\n") - if !strings.Contains(awfStepStr, "Install awf binary") { - t.Error("Third step should install AWF binary") + // Verify that AWF installation is skipped (will be handled by parallel installation) + for _, step := range steps { + stepStr := strings.Join(step, "\n") + if strings.Contains(stepStr, "Install awf binary") { + t.Error("AWF installation should be deferred to parallel installation step") + } + } + + // Verify that parallel installation should be used + if !ShouldUseParallelInstallation(workflowData, engine) { + t.Error("Parallel installation should be enabled with firewall and Claude engine") + } + + // Verify parallel installation config includes AWF + config := GetParallelInstallConfig(workflowData, engine) + if config.AWFVersion == "" { + t.Error("Parallel installation should include AWF version") + } + if config.CLIInfo == nil { + t.Error("Parallel installation should include CLI info") } }) @@ -186,21 +204,43 @@ func TestNetworkPermissionsIntegration(t *testing.T) { Firewall: &FirewallConfig{Enabled: true}, } + workflowData := &WorkflowData{ + EngineConfig: config, + NetworkPermissions: networkPermissions, + } + // Get installation steps - steps := engine.GetInstallationSteps(&WorkflowData{EngineConfig: config, NetworkPermissions: networkPermissions}) - // With AWF enabled: secret validation + Node.js setup + AWF install + Claude install - if len(steps) != 4 { - t.Fatalf("Expected 4 installation steps (secret validation + Node.js setup + AWF install + Claude install), got %d", len(steps)) + steps := engine.GetInstallationSteps(workflowData) + // With AWF enabled (using parallel installation): secret validation + Node.js setup + // AWF and Claude CLI installation are deferred to parallel installation step + if len(steps) != 2 { + t.Fatalf("Expected 2 installation steps (secret validation + Node.js setup), got %d", len(steps)) + } + + // Verify that AWF installation is NOT in engine installation steps + for _, step := range steps { + stepStr := strings.Join(step, "\n") + if strings.Contains(stepStr, "Install awf binary") { + t.Error("AWF installation should be deferred to parallel installation step") + } + } + + // Verify that parallel installation should be used + if !ShouldUseParallelInstallation(workflowData, engine) { + t.Error("Parallel installation should be enabled with firewall and Claude engine") } - // Verify AWF installation step (third step, index 2) - awfStep := strings.Join(steps[2], "\n") - if !strings.Contains(awfStep, "Install awf binary") { - t.Error("Third step should install AWF binary") + // Verify parallel installation config includes AWF + parallelConfig := GetParallelInstallConfig(workflowData, engine) + if parallelConfig.AWFVersion == "" { + t.Error("Parallel installation config should include AWF version") + } + if parallelConfig.CLIInfo == nil { + t.Error("Parallel installation should include CLI info") } // Get execution steps - execSteps := engine.GetExecutionSteps(&WorkflowData{Name: "test-workflow", EngineConfig: config, NetworkPermissions: networkPermissions}, "test-log") + execSteps := engine.GetExecutionSteps(workflowData, "test-log") if len(execSteps) == 0 { t.Fatal("Expected at least one execution step") } diff --git a/pkg/workflow/codex_engine.go b/pkg/workflow/codex_engine.go index b76557b077..bd93b08d52 100644 --- a/pkg/workflow/codex_engine.go +++ b/pkg/workflow/codex_engine.go @@ -75,8 +75,27 @@ func (e *CodexEngine) GetInstallationSteps(workflowData *WorkflowData) []GitHubA return []GitHubActionStep{} } - // Use base installation steps (secret validation + npm install) - steps := GetBaseInstallationSteps(EngineInstallConfig{ + // Check if parallel installation will be used + useParallel := isFirewallEnabled(workflowData) + + if useParallel { + // When using parallel installation, only return secret validation step + // CLI installation will be handled by the parallel installation step + codexEngineLog.Print("Using parallel installation, only adding secret validation") + + var steps []GitHubActionStep + secretValidation := GenerateMultiSecretValidationStep( + []string{"CODEX_API_KEY", "OPENAI_API_KEY"}, + "Codex", + "https://githubnext.github.io/gh-aw/reference/engines/#openai-codex", + ) + steps = append(steps, secretValidation) + return steps + } + + // Sequential installation (no firewall): use base installation steps (secret validation + npm install) + codexEngineLog.Print("Using sequential installation") + return GetBaseInstallationSteps(EngineInstallConfig{ Secrets: []string{"CODEX_API_KEY", "OPENAI_API_KEY"}, DocsURL: "https://githubnext.github.io/gh-aw/reference/engines/#openai-codex", NpmPackage: "@openai/codex", @@ -84,24 +103,6 @@ func (e *CodexEngine) GetInstallationSteps(workflowData *WorkflowData) []GitHubA Name: "Codex", CliName: "codex", }, workflowData) - - // Add AWF installation step if firewall is enabled - if isFirewallEnabled(workflowData) { - firewallConfig := getFirewallConfig(workflowData) - agentConfig := getAgentConfig(workflowData) - var awfVersion string - if firewallConfig != nil { - awfVersion = firewallConfig.Version - } - - // Install AWF binary (or skip if custom command is specified) - awfInstall := generateAWFInstallationStep(awfVersion, agentConfig) - if len(awfInstall) > 0 { - steps = append(steps, awfInstall) - } - } - - return steps } // GetDeclaredOutputFiles returns the output files that Codex may produce diff --git a/pkg/workflow/compiler_yaml_main_job.go b/pkg/workflow/compiler_yaml_main_job.go index 239a542eef..251cfdbf75 100644 --- a/pkg/workflow/compiler_yaml_main_job.go +++ b/pkg/workflow/compiler_yaml_main_job.go @@ -140,6 +140,17 @@ func (c *Compiler) generateMainJobSteps(yaml *strings.Builder, data *WorkflowDat } } + // Add parallel installation step if applicable + // This parallelizes AWF binary, CLI, and Docker image downloads + if ShouldUseParallelInstallation(data, engine) { + compilerYamlLog.Print("Generating parallel installation step") + parallelConfig := GetParallelInstallConfig(data, engine) + parallelStep := generateParallelInstallationStep(parallelConfig) + for _, line := range parallelStep { + yaml.WriteString(line + "\n") + } + } + // GH_AW_SAFE_OUTPUTS is now set at job level, no setup step needed // Add GitHub MCP lockdown detection step if needed @@ -148,8 +159,9 @@ func (c *Compiler) generateMainJobSteps(yaml *strings.Builder, data *WorkflowDat // Add GitHub MCP app token minting step if configured c.generateGitHubMCPAppTokenMintingStep(yaml, data) - // Add MCP setup - c.generateMCPSetup(yaml, data.Tools, engine, data) + // Add MCP setup (skip Docker downloads if parallel installation is used) + skipDockerDownload := ShouldUseParallelInstallation(data, engine) + c.generateMCPSetup(yaml, data.Tools, engine, data, skipDockerDownload) // Stop-time safety checks are now handled by a dedicated job (stop_time_check) // No longer generated in the main job steps diff --git a/pkg/workflow/copilot_engine_installation.go b/pkg/workflow/copilot_engine_installation.go index a923210368..6381f0877d 100644 --- a/pkg/workflow/copilot_engine_installation.go +++ b/pkg/workflow/copilot_engine_installation.go @@ -121,25 +121,21 @@ func (e *CopilotEngine) GetInstallationSteps(workflowData *WorkflowData) []GitHu } else { copilotInstallLog.Print("Skipping SRT installation (custom command specified)") } - } else if isFirewallEnabled(workflowData) { - // Install AWF after Node.js setup but before Copilot CLI installation - firewallConfig := getFirewallConfig(workflowData) - agentConfig := getAgentConfig(workflowData) - var awfVersion string - if firewallConfig != nil { - awfVersion = firewallConfig.Version - } - // Install AWF binary (or skip if custom command is specified) - awfInstall := generateAWFInstallationStep(awfVersion, agentConfig) - if len(awfInstall) > 0 { - steps = append(steps, awfInstall) + // Add Copilot CLI installation step after SRT installation (sequential for SRT) + if len(npmSteps) > 1 { + steps = append(steps, npmSteps[1:]...) // Install Copilot CLI and subsequent steps + } + } else if isFirewallEnabled(workflowData) { + // Use parallel installation for AWF + Copilot CLI + // This is handled by generateParallelInstallationStep in compiler_yaml_main_job.go + // Skip individual AWF and Copilot steps here - they'll be combined + copilotInstallLog.Print("Skipping individual AWF and Copilot installation steps (will use parallel installation)") + } else { + // No firewall, just install Copilot CLI sequentially + if len(npmSteps) > 1 { + steps = append(steps, npmSteps[1:]...) // Install Copilot CLI and subsequent steps } - } - - // Add Copilot CLI installation step after sandbox installation - if len(npmSteps) > 1 { - steps = append(steps, npmSteps[1:]...) // Install Copilot CLI and subsequent steps } return steps diff --git a/pkg/workflow/engine_includes_test.go b/pkg/workflow/engine_includes_test.go index 700a1aaaf3..de7f5092e4 100644 --- a/pkg/workflow/engine_includes_test.go +++ b/pkg/workflow/engine_includes_test.go @@ -74,8 +74,11 @@ This should inherit the engine from the included file. lockStr := string(lockContent) // Should contain references to codex installation and execution - if !strings.Contains(lockStr, "Install Codex") { - t.Error("Expected lock file to contain 'Install Codex' step") + // Check for either sequential "Install Codex" or parallel installation step + hasCodexInstall := strings.Contains(lockStr, "Install Codex") || + (strings.Contains(lockStr, "Install dependencies in parallel") && strings.Contains(lockStr, "--cli-npm @openai/codex")) + if !hasCodexInstall { + t.Error("Expected lock file to contain Codex installation step (sequential or parallel)") } if !strings.Contains(lockStr, "codex") || !strings.Contains(lockStr, "exec") { t.Error("Expected lock file to contain 'codex exec' command") @@ -299,12 +302,15 @@ This workflow specifies claude engine directly without any includes. } lockStr := string(lockContent) - // Should contain references to claude command and npm install + // Should contain references to claude command and installation if !strings.Contains(lockStr, "claude --print") { t.Error("Expected lock file to contain claude command reference") } - if !strings.Contains(lockStr, "npm install -g --silent @anthropic-ai/claude-code") { - t.Error("Expected lock file to contain npm install command") + // Check for either sequential npm install or parallel installation + hasClaudeInstall := strings.Contains(lockStr, "npm install -g --silent @anthropic-ai/claude-code") || + (strings.Contains(lockStr, "Install dependencies in parallel") && strings.Contains(lockStr, "--cli-npm @anthropic-ai/claude-code")) + if !hasClaudeInstall { + t.Error("Expected lock file to contain Claude installation (sequential or parallel)") } } diff --git a/pkg/workflow/firewall_default_enablement_test.go b/pkg/workflow/firewall_default_enablement_test.go index 09094d0671..909df93142 100644 --- a/pkg/workflow/firewall_default_enablement_test.go +++ b/pkg/workflow/firewall_default_enablement_test.go @@ -177,18 +177,38 @@ func TestCopilotFirewallDefaultIntegration(t *testing.T) { engine := NewCopilotEngine() steps := engine.GetInstallationSteps(workflowData) - // Verify AWF installation step is present - found := false + // AWF installation should NOT be in engine installation steps + // It's deferred to parallel installation step for _, step := range steps { stepStr := strings.Join(step, "\n") - if strings.Contains(stepStr, "Install awf binary") || strings.Contains(stepStr, "awf --version") { - found = true - break + if strings.Contains(stepStr, "Install awf binary") { + t.Error("AWF installation should be deferred to parallel installation step") } } - if !found { - t.Error("Expected AWF installation steps to be included") + // Verify that parallel installation should be used + if !ShouldUseParallelInstallation(workflowData, engine) { + t.Error("Parallel installation should be enabled with network restrictions and Copilot engine") + } + + // Verify parallel installation config includes AWF + config := GetParallelInstallConfig(workflowData, engine) + if config.AWFVersion == "" { + t.Error("Parallel installation config should include AWF version") + } + if config.CLIInfo == nil { + t.Error("Parallel installation should include CLI info") + } + + // Generate the parallel installation step to verify it contains AWF + parallelStep := generateParallelInstallationStep(config) + parallelStepStr := strings.Join(parallelStep, "\n") + + if !strings.Contains(parallelStepStr, "--awf") || !strings.Contains(parallelStepStr, "install_parallel_setup.sh") { + t.Error("Expected AWF installation to be included in parallel installation step") + } + if !strings.Contains(parallelStepStr, "--cli-") { + t.Error("Expected CLI installation to be included in parallel installation step") } }) diff --git a/pkg/workflow/firewall_version_pinning_test.go b/pkg/workflow/firewall_version_pinning_test.go index 977686783c..4762825f77 100644 --- a/pkg/workflow/firewall_version_pinning_test.go +++ b/pkg/workflow/firewall_version_pinning_test.go @@ -60,7 +60,7 @@ func TestAWFInstallationStepDefaultVersion(t *testing.T) { }) } -// TestCopilotEngineFirewallInstallation verifies that Copilot engine includes AWF installation when firewall is enabled +// TestCopilotEngineFirewallInstallation verifies that Copilot engine uses parallel installation when firewall is enabled func TestCopilotEngineFirewallInstallation(t *testing.T) { t.Run("includes AWF installation step when firewall enabled", func(t *testing.T) { engine := NewCopilotEngine() @@ -78,33 +78,48 @@ func TestCopilotEngineFirewallInstallation(t *testing.T) { steps := engine.GetInstallationSteps(workflowData) - // Find the AWF installation step - var foundAWFStep bool - var awfStepStr string + // AWF installation should NOT be in engine installation steps anymore + // It's deferred to parallel installation step for _, step := range steps { stepStr := strings.Join(step, "\n") if strings.Contains(stepStr, "Install awf binary") { - foundAWFStep = true - awfStepStr = stepStr - break + t.Error("AWF installation should be deferred to parallel installation step") } } - if !foundAWFStep { - t.Fatal("Expected to find AWF installation step when firewall is enabled") + // Verify that parallel installation should be used + if !ShouldUseParallelInstallation(workflowData, engine) { + t.Error("Parallel installation should be enabled with firewall and Copilot engine") } + // Verify parallel installation config includes AWF with default version + config := GetParallelInstallConfig(workflowData, engine) + if config.AWFVersion != string(constants.DefaultFirewallVersion) { + t.Errorf("Expected AWF version %s, got %s", string(constants.DefaultFirewallVersion), config.AWFVersion) + } + if config.CLIInfo == nil { + t.Error("Parallel installation should include CLI info for Copilot") + } + + // Generate the parallel installation step to verify it contains AWF installation + parallelStep := generateParallelInstallationStep(config) + parallelStepStr := strings.Join(parallelStep, "\n") + // Verify it passes the default version to the script - if !strings.Contains(awfStepStr, string(constants.DefaultFirewallVersion)) { - t.Errorf("AWF installation step should pass default version %s to script", string(constants.DefaultFirewallVersion)) + if !strings.Contains(parallelStepStr, string(constants.DefaultFirewallVersion)) { + t.Errorf("Parallel installation step should include default version %s", string(constants.DefaultFirewallVersion)) } - // Verify it calls the install_awf_binary.sh script - if !strings.Contains(awfStepStr, "install_awf_binary.sh") { - t.Error("AWF installation should call install_awf_binary.sh script") + // Verify it calls the install_parallel_setup.sh script + if !strings.Contains(parallelStepStr, "install_parallel_setup.sh") { + t.Error("Parallel installation should call install_parallel_setup.sh script") } - // Verify it's NOT using the old unverified installer script pattern - if strings.Contains(awfStepStr, "raw.githubusercontent.com") { - t.Error("AWF installation should NOT download from raw.githubusercontent.com") + // Verify it includes --awf flag + if !strings.Contains(parallelStepStr, "--awf") { + t.Error("Parallel installation should include --awf flag") + } + // Verify it includes CLI installation flags + if !strings.Contains(parallelStepStr, "--cli-") { + t.Error("Parallel installation should include CLI installation flags") } }) @@ -126,35 +141,33 @@ func TestCopilotEngineFirewallInstallation(t *testing.T) { steps := engine.GetInstallationSteps(workflowData) - // Find the AWF installation step - var foundAWFStep bool - var awfStepStr string + // AWF installation should NOT be in engine installation steps anymore + // It's deferred to parallel installation step for _, step := range steps { stepStr := strings.Join(step, "\n") if strings.Contains(stepStr, "Install awf binary") { - foundAWFStep = true - awfStepStr = stepStr - break + t.Error("AWF installation should be deferred to parallel installation step") } } - if !foundAWFStep { - t.Fatal("Expected to find AWF installation step when firewall is enabled") + // Verify parallel installation config includes AWF with custom version + config := GetParallelInstallConfig(workflowData, engine) + if config.AWFVersion != customVersion { + t.Errorf("Expected AWF version %s, got %s", customVersion, config.AWFVersion) } - // Verify it passes the custom version to the script - if !strings.Contains(awfStepStr, customVersion) { - t.Errorf("AWF installation step should pass custom version %s to script", customVersion) - } + // Generate the parallel installation step to verify it contains custom version + parallelStep := generateParallelInstallationStep(config) + parallelStepStr := strings.Join(parallelStep, "\n") - // Verify it calls the install_awf_binary.sh script - if !strings.Contains(awfStepStr, "install_awf_binary.sh") { - t.Error("AWF installation should call install_awf_binary.sh script") + // Verify it passes the custom version to the script + if !strings.Contains(parallelStepStr, customVersion) { + t.Errorf("Parallel installation step should include custom version %s", customVersion) } - // Verify it's NOT using the old unverified installer script pattern - if strings.Contains(awfStepStr, "raw.githubusercontent.com") { - t.Error("AWF installation should NOT download from raw.githubusercontent.com") + // Verify it calls the install_parallel_setup.sh script + if !strings.Contains(parallelStepStr, "install_parallel_setup.sh") { + t.Error("Parallel installation should call install_parallel_setup.sh script") } }) diff --git a/pkg/workflow/firewall_workflow_test.go b/pkg/workflow/firewall_workflow_test.go index 52bbba48e2..ca2d6fbe56 100644 --- a/pkg/workflow/firewall_workflow_test.go +++ b/pkg/workflow/firewall_workflow_test.go @@ -38,15 +38,32 @@ func TestFirewallWorkflowNetworkConfiguration(t *testing.T) { engine := NewClaudeEngine() steps := engine.GetInstallationSteps(workflowData) - // With AWF enabled: secret validation, Node.js setup, AWF install, Claude install - if len(steps) != 4 { - t.Errorf("Expected 4 installation steps with firewall enabled (secret validation + Node.js setup + AWF install + Claude install), got %d", len(steps)) + // With AWF enabled (using parallel installation): secret validation, Node.js setup + // AWF and Claude CLI installation are deferred to parallel installation step + if len(steps) != 2 { + t.Errorf("Expected 2 installation steps with firewall enabled (secret validation + Node.js setup), got %d", len(steps)) } - // Check AWF installation step (3rd step, index 2) - awfStepStr := strings.Join(steps[2], "\n") - if !strings.Contains(awfStepStr, "Install awf binary") { - t.Error("Third step should install AWF binary") + // Verify that AWF installation is skipped (will be handled by parallel installation) + for _, step := range steps { + stepStr := strings.Join(step, "\n") + if strings.Contains(stepStr, "Install awf binary") { + t.Error("AWF installation should be deferred to parallel installation step") + } + } + + // Verify that parallel installation should be used + if !ShouldUseParallelInstallation(workflowData, engine) { + t.Error("Parallel installation should be enabled with firewall and Claude engine") + } + + // Verify parallel installation config includes AWF + config := GetParallelInstallConfig(workflowData, engine) + if config.AWFVersion == "" { + t.Error("Parallel installation should include AWF version") + } + if config.CLIInfo == nil { + t.Error("Parallel installation should include CLI info") } }) diff --git a/pkg/workflow/mcp_setup_generator.go b/pkg/workflow/mcp_setup_generator.go index 9371e06c8e..b07e7396f1 100644 --- a/pkg/workflow/mcp_setup_generator.go +++ b/pkg/workflow/mcp_setup_generator.go @@ -13,7 +13,9 @@ import ( var mcpSetupGeneratorLog = logger.New("workflow:mcp_setup_generator") // generateMCPSetup generates the MCP server configuration setup -func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any, engine CodingAgentEngine, workflowData *WorkflowData) { +// If skipDockerDownload is true, Docker image download step is skipped +// (used when parallel installation is enabled) +func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any, engine CodingAgentEngine, workflowData *WorkflowData, skipDockerDownload bool) { mcpSetupGeneratorLog.Print("Generating MCP server configuration setup") // Collect tools that need MCP server configuration var mcpTools []string @@ -68,8 +70,13 @@ func (c *Compiler) generateMCPSetup(yaml *strings.Builder, tools map[string]any, ensureDefaultMCPGatewayConfig(workflowData) // Collect all Docker images that will be used and generate download step - dockerImages := collectDockerImages(tools, workflowData) - generateDownloadDockerImagesStep(yaml, dockerImages) + // Skip if parallel installation is handling downloads + if !skipDockerDownload { + dockerImages := collectDockerImages(tools, workflowData) + generateDownloadDockerImagesStep(yaml, dockerImages) + } else { + mcpSetupGeneratorLog.Print("Skipping Docker download step (handled by parallel installation)") + } // If no MCP tools, no configuration needed if len(mcpTools) == 0 { diff --git a/pkg/workflow/mcp_setup_generator_test.go b/pkg/workflow/mcp_setup_generator_test.go index f4e6b8a890..81cb8b1b2c 100644 --- a/pkg/workflow/mcp_setup_generator_test.go +++ b/pkg/workflow/mcp_setup_generator_test.go @@ -63,7 +63,7 @@ func TestSafeInputsStepCodeGenerationStability(t *testing.T) { for i := 0; i < iterations; i++ { var yaml strings.Builder - compiler.generateMCPSetup(&yaml, workflowData.Tools, mockEngine, workflowData) + compiler.generateMCPSetup(&yaml, workflowData.Tools, mockEngine, workflowData, false) outputs[i] = yaml.String() } @@ -219,7 +219,7 @@ func TestMCPGatewayVersionFromFrontmatter(t *testing.T) { var yaml strings.Builder mockEngine := &CustomEngine{} - compiler.generateMCPSetup(&yaml, workflowData.Tools, mockEngine, workflowData) + compiler.generateMCPSetup(&yaml, workflowData.Tools, mockEngine, workflowData, false) setupOutput := yaml.String() // The setup output should contain the container image with the correct version diff --git a/pkg/workflow/parallel_installation.go b/pkg/workflow/parallel_installation.go new file mode 100644 index 0000000000..4b26d6aad8 --- /dev/null +++ b/pkg/workflow/parallel_installation.go @@ -0,0 +1,229 @@ +package workflow + +import ( + "fmt" + "strings" + + "github.com/githubnext/gh-aw/pkg/constants" + "github.com/githubnext/gh-aw/pkg/logger" +) + +var parallelInstallLog = logger.New("workflow:parallel_installation") + +// CLIInstallMethod defines how a CLI should be installed +type CLIInstallMethod string + +const ( + CLIInstallMethodScript CLIInstallMethod = "script" // Use installer script from URL + CLIInstallMethodNpm CLIInstallMethod = "npm" // Use npm install + CLIInstallMethodDownload CLIInstallMethod = "download" // Direct binary download +) + +// CLIInstallInfo contains information about how to install a CLI +type CLIInstallInfo struct { + Method CLIInstallMethod // Installation method + Version string // Version to install + PackageName string // NPM package name (for npm method) + ScriptURL string // Installer script URL (for script method) + BinaryURL string // Binary download URL (for download method) + VerifyCmd string // Command to verify installation (e.g., "copilot --version") +} + +// ParallelInstallConfig holds configuration for parallel installation +type ParallelInstallConfig struct { + AWFVersion string // AWF binary version to install (empty to skip) + CLIInfo *CLIInstallInfo // CLI installation info (nil to skip) + DockerImages []string // Docker images to download (empty to skip) +} + +// generateParallelInstallationStep generates a single step that installs dependencies in parallel +// This parallelizes AWF binary installation, CLI installation, and Docker image downloads +// to reduce sequential execution time by 8-12 seconds. +func generateParallelInstallationStep(config ParallelInstallConfig) GitHubActionStep { + if config.AWFVersion == "" && config.CLIInfo == nil && len(config.DockerImages) == 0 { + parallelInstallLog.Print("No parallel installations configured, skipping") + return GitHubActionStep([]string{}) + } + + // Count how many operations will run in parallel + operationCount := 0 + if config.AWFVersion != "" { + operationCount++ + } + if config.CLIInfo != nil { + operationCount++ + } + if len(config.DockerImages) > 0 { + operationCount++ + } + + parallelInstallLog.Printf("Generating parallel installation step for %d operations", operationCount) + + stepLines := []string{ + " - name: Install dependencies in parallel", + " run: |", + " # Install dependencies in parallel to reduce setup time", + " # This parallelizes AWF binary, CLI, and Docker image downloads", + " bash /opt/gh-aw/actions/install_parallel_setup.sh \\", + } + + // Add AWF installation argument + if config.AWFVersion != "" { + stepLines = append(stepLines, fmt.Sprintf(" --awf %s \\", config.AWFVersion)) + } + + // Add CLI installation arguments based on method + if config.CLIInfo != nil { + switch config.CLIInfo.Method { + case CLIInstallMethodScript: + // Pass script URL and version + stepLines = append(stepLines, fmt.Sprintf(" --cli-script %s \\", config.CLIInfo.ScriptURL)) + if config.CLIInfo.Version != "" { + stepLines = append(stepLines, fmt.Sprintf(" --cli-version %s \\", config.CLIInfo.Version)) + } + if config.CLIInfo.VerifyCmd != "" { + stepLines = append(stepLines, fmt.Sprintf(" --cli-verify %q \\", config.CLIInfo.VerifyCmd)) + } + case CLIInstallMethodNpm: + // Pass npm package and version + stepLines = append(stepLines, fmt.Sprintf(" --cli-npm %s \\", config.CLIInfo.PackageName)) + if config.CLIInfo.Version != "" { + stepLines = append(stepLines, fmt.Sprintf(" --cli-version %s \\", config.CLIInfo.Version)) + } + if config.CLIInfo.VerifyCmd != "" { + stepLines = append(stepLines, fmt.Sprintf(" --cli-verify %q \\", config.CLIInfo.VerifyCmd)) + } + case CLIInstallMethodDownload: + // Pass binary URL + stepLines = append(stepLines, fmt.Sprintf(" --cli-download %s \\", config.CLIInfo.BinaryURL)) + if config.CLIInfo.VerifyCmd != "" { + stepLines = append(stepLines, fmt.Sprintf(" --cli-verify %q \\", config.CLIInfo.VerifyCmd)) + } + } + } + + // Add Docker images argument + if len(config.DockerImages) > 0 { + var dockerArgs strings.Builder + dockerArgs.WriteString(" --docker") + for _, image := range config.DockerImages { + fmt.Fprintf(&dockerArgs, " %s", image) + } + stepLines = append(stepLines, dockerArgs.String()) + } else { + // Remove trailing backslash from last line if no docker images + lastLine := stepLines[len(stepLines)-1] + if strings.HasSuffix(lastLine, " \\") { + stepLines[len(stepLines)-1] = strings.TrimSuffix(lastLine, " \\") + } + } + + return GitHubActionStep(stepLines) +} + +// ShouldUseParallelInstallation determines if parallel installation should be used +// based on the workflow configuration. Parallel installation is used when: +// - Multiple independent network-bound operations need to run (AWF + CLI + Docker) +// - At minimum, need 2 or more operations to justify parallelization overhead +// - SRT is NOT enabled (SRT has sequential dependencies) +func ShouldUseParallelInstallation(workflowData *WorkflowData, engine CodingAgentEngine) bool { + // Don't use parallel installation if custom command is specified + if workflowData.EngineConfig != nil && workflowData.EngineConfig.Command != "" { + return false + } + + // Don't use parallel installation for SRT (has sequential dependencies) + if isSRTEnabled(workflowData) { + return false + } + + // Count how many independent operations we have + operationCount := 0 + + // AWF binary installation + if isFirewallEnabled(workflowData) { + operationCount++ + } + + // CLI installation (for supported engines) + engineID := engine.GetID() + if engineID == "copilot" || engineID == "claude" || engineID == "codex" { + operationCount++ + } + + // Docker image downloads + dockerImages := collectDockerImages(workflowData.Tools, workflowData) + if len(dockerImages) > 0 { + operationCount++ + } + + // Use parallel installation only if we have 2 or more operations + // Single operation doesn't benefit from parallelization overhead + return operationCount >= 2 +} + +// GetParallelInstallConfig extracts the parallel installation configuration +// from the workflow data and engine configuration +func GetParallelInstallConfig(workflowData *WorkflowData, engine CodingAgentEngine) ParallelInstallConfig { + config := ParallelInstallConfig{} + + // Get AWF version if firewall is enabled + if isFirewallEnabled(workflowData) { + agentConfig := getAgentConfig(workflowData) + // Only install AWF if no custom command is specified + if agentConfig == nil || agentConfig.Command == "" { + firewallConfig := getFirewallConfig(workflowData) + if firewallConfig != nil && firewallConfig.Version != "" { + config.AWFVersion = firewallConfig.Version + } else { + config.AWFVersion = string(constants.DefaultFirewallVersion) + } + } + } + + // Get CLI installation info based on engine + engineID := engine.GetID() + switch engineID { + case "copilot": + version := string(constants.DefaultCopilotVersion) + if workflowData.EngineConfig != nil && workflowData.EngineConfig.Version != "" { + version = workflowData.EngineConfig.Version + } + // Only use parallel if installing globally (not for SRT local installation) + if !isSRTEnabled(workflowData) { + config.CLIInfo = &CLIInstallInfo{ + Method: CLIInstallMethodScript, + Version: version, + ScriptURL: "https://raw.githubusercontent.com/github/copilot-cli/main/install.sh", + VerifyCmd: "copilot --version", + } + } + case "claude": + version := string(constants.DefaultClaudeCodeVersion) + if workflowData.EngineConfig != nil && workflowData.EngineConfig.Version != "" { + version = workflowData.EngineConfig.Version + } + config.CLIInfo = &CLIInstallInfo{ + Method: CLIInstallMethodNpm, + Version: version, + PackageName: "@anthropic-ai/claude-code", + VerifyCmd: "claude-code --version", + } + case "codex": + version := string(constants.DefaultCodexVersion) + if workflowData.EngineConfig != nil && workflowData.EngineConfig.Version != "" { + version = workflowData.EngineConfig.Version + } + config.CLIInfo = &CLIInstallInfo{ + Method: CLIInstallMethodNpm, + Version: version, + PackageName: "@openai/codex", + VerifyCmd: "codex --version", + } + } + + // Get Docker images + config.DockerImages = collectDockerImages(workflowData.Tools, workflowData) + + return config +} diff --git a/pkg/workflow/sandbox_custom_agent_test.go b/pkg/workflow/sandbox_custom_agent_test.go index 884fd06dd5..a4fe5bf6b2 100644 --- a/pkg/workflow/sandbox_custom_agent_test.go +++ b/pkg/workflow/sandbox_custom_agent_test.go @@ -240,9 +240,11 @@ sandbox: t.Error("Expected standard AWF command 'sudo -E awf' with legacy type field") } - // Verify installation step is present - if !strings.Contains(lockStr, "Install awf binary") { - t.Error("Expected AWF installation step with legacy type field") + // Verify installation step is present (either individual or parallel) + hasAWFInstall := strings.Contains(lockStr, "Install awf binary") || + (strings.Contains(lockStr, "Install dependencies in parallel") && strings.Contains(lockStr, "--awf")) + if !hasAWFInstall { + t.Error("Expected AWF installation step (sequential or parallel) with legacy type field") } })