Skip to content

Remove shared gh-aw import and inline MCP config in agentic workflows #13482

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pelikhan merged 3 commits into from
Feb 3, 2026
Merged

Remove shared gh-aw import and inline MCP config in agentic workflows #13482

pelikhan merged 3 commits into from
Feb 3, 2026

Conversation

@Codex
Copy link
Contributor

@Codex Codex AI commented Feb 3, 2026
edited
Loading

Retires the shared shared/mcp/gh-aw.md import and embeds the agentic-workflows MCP tool directly in workflows to simplify compilation and avoid shared dependency drift.

  • Problem: Workflows depended on shared/mcp/gh-aw.md; requirement is to drop the shared import and declare tools.agentic-workflows in each workflow front matter.
  • Workflow updates: Removed the shared import and added explicit agentic-workflows tool blocks (or retained existing tool lists) across affected workflows including Dev Hawk, Cloclo, Static Analysis Report, Audit Workflows, Safe Output Health, Deep Report, Workflow Normalizer, Daily Safe Output Optimizer, Portfolio Analyst, Prompt Clustering Analysis, MCP Inspector, Q, Daily Firewall Report, and their regenerated .lock.yml files.
  • Shared file removal: Deleted .github/workflows/shared/mcp/gh-aw.md.
  • Hash test alignment: Updated frontmatter_hash_github_api.test.cjs to expect the new Go hash after workflow frontmatter changes.

Example change:

tools:
  agentic-workflows:
  github:
    toolsets: [pull_requests, actions, repos]
Original prompt

Delete shared agentic workflow file shared/mcp/gh-aw.md and update all the agentic workflows that use it by removing the import and add tools.agentic-workflows in front matter.
Fix permissions, recompile.

@Codex Codex AI assigned Codex and pelikhan Feb 3, 2026
This was referenced Feb 3, 2026
Closed
Merged
Closed
@Codex Codex AI changed the title [WIP] Remove shared agentic workflow file and update usages Remove shared gh-aw import and inline MCP config in agentic workflows Feb 3, 2026
@Codex Codex AI requested a review from pelikhan February 3, 2026 13:04
@pelikhan pelikhan marked this pull request as ready for review February 3, 2026 13:06
Copilot AI review requested due to automatic review settings February 3, 2026 13:06
@pelikhan pelikhan merged commit 1f704ab into main Feb 3, 2026
1 check passed
@pelikhan pelikhan deleted the codex/remove-shared-workflow-file branch February 3, 2026 13:06
Copilot AI reviewed Feb 3, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR removes the shared shared/mcp/gh-aw.md import and embeds the agentic-workflows MCP tool configuration directly in each workflow to simplify compilation and avoid shared dependency drift.

Changes:

  • Deleted the shared MCP configuration file shared/mcp/gh-aw.md
  • Updated 14+ workflow source files (.md) to remove the shared import and add explicit agentic-workflows: tool declaration
  • Regenerated all corresponding .lock.yml files with new MCP server configuration (switching from HTTP to stdio-based containerized approach)
  • Updated the Go hash in test file to reflect the new frontmatter structure

Reviewed changes

Copilot reviewed 29 out of 29 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
.github/workflows/shared/mcp/gh-aw.md Deleted shared MCP configuration file
.github/workflows/*.md (14 files) Removed shared import, added agentic-workflows: tool to frontmatter
.github/workflows/*.lock.yml (14 files) Regenerated with new stdio-based MCP server config, removed old HTTP setup steps, added gh-aw extension installation
actions/setup/js/frontmatter_hash_github_api.test.cjs Updated expected Go hash to match new frontmatter structure
.github/workflows/changelog-from-changesets.lock.yml Added DEBUG environment variable (appears unrelated to main PR purpose)

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

.github/workflows/static-analysis-report.lock.yml
"gh-aw": {
"type": "http",
"url": "http://host.docker.internal:8765"
"agentic_workflows": {
Copy link

Copilot AI Feb 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The MCP server configuration for "agentic_workflows" is missing the "type" field. Based on the PR description example which shows "type": "stdio" and comparing with similar MCP server configurations in the same file (e.g., "github" server has "type": "stdio"), the "agentic_workflows" configuration should also explicitly specify "type": "stdio" for consistency and clarity.

The same issue appears in other Claude-engine workflows (safe-output-health.lock.yml, prompt-clustering-analysis.lock.yml, daily-safe-output-optimizer.lock.yml, audit-workflows.lock.yml, deep-report.lock.yml, daily-firewall-report.lock.yml, portfolio-analyst.lock.yml, cloclo.lock.yml, static-analysis-report.lock.yml, mcp-inspector.lock.yml).

Copilot uses AI. Check for mistakes.
.github/workflows/static-analysis-report.lock.yml
"entrypointArgs": ["mcp-server"],
"mounts": ["/opt/gh-aw:/opt/gh-aw:ro", "${{ github.workspace }}:${{ github.workspace }}:rw", "/tmp/gh-aw:/tmp/gh-aw:rw"],
"env": {
"GITHUB_TOKEN": "$GITHUB_TOKEN"
Copy link

Copilot AI Feb 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's an inconsistency in environment variable escaping for GITHUB_TOKEN in the MCP configuration. Copilot-based workflows (like workflow-normalizer.lock.yml, q.lock.yml, dev-hawk.lock.yml) use escaped "\${GITHUB_TOKEN}" while Claude-based workflows (like this one) use unescaped "$GITHUB_TOKEN".

If this difference is intentional based on how different AI engines handle MCP configurations, it should work correctly. However, for consistency and maintainability, consider documenting why this difference exists or standardizing the approach if possible.

This same pattern appears in multiple files: safe-output-health.lock.yml, prompt-clustering-analysis.lock.yml, daily-safe-output-optimizer.lock.yml, audit-workflows.lock.yml, deep-report.lock.yml, daily-firewall-report.lock.yml, portfolio-analyst.lock.yml, cloclo.lock.yml, static-analysis-report.lock.yml, mcp-inspector.lock.yml

Suggested change
"GITHUB_TOKEN": "$GITHUB_TOKEN"
"GITHUB_TOKEN": "\${GITHUB_TOKEN}"

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@pelikhan pelikhan pelikhan approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@pelikhan pelikhan

@Codex Codex

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Codex @pelikhan