Skip to content

fix: skip Configure Git credentials when checkout: false#21325

Merged
pelikhan merged 3 commits intomainfrom
copilot/fix-git-credentials-emission
Mar 17, 2026
Merged

fix: skip Configure Git credentials when checkout: false#21325
pelikhan merged 3 commits intomainfrom
copilot/fix-git-credentials-emission

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Mar 17, 2026
edited
Loading

When checkout: false is set, the compiler correctly omits actions/checkout but still emitted "Configure Git credentials" steps unconditionally — including git remote set-url origin, which requires a .git directory and fails with fatal: not a git repository.

Changes

  • compiler_yaml_main_job.go: Gates both "Configure Git credentials" occurrences (before and after agent execution) on a new needsGitConfig flag: needsCheckout || customStepsContainCheckout. Steps are skipped entirely when no workspace checkout was performed.

  • git_configuration_steps.go: Adds continue-on-error: true to "Clean git credentials" so it remains a security measure without failing when there's no .git directory (e.g. custom steps that don't checkout, or git not installed).

  • git_config_test.go: Adds TestGitConfigurationSkippedWhenCheckoutDisabled asserting "Configure Git credentials" is absent and "Clean git credentials" with continue-on-error: true is present when checkout: false. Updates existing cleaner helper test for the new step count.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • https://api.github.com/graphql
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw --log-level=erro-c /usr/bin/git node /hom�� --write ../../../**/*.jsGOWORK 64/bin/go --ignore-path ../../../.pretti-c /usr/bin/git go (http block)
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw --log-level=erro-c /usr/bin/git /bin/sh -c echo "��� Code fGOSUMDB git 64/bin/go --show-toplevel go /usr/bin/git go (http block)
    • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw --log-level=erro-c /opt/hostedtoolc"prettier" --check '**/*.cjs' '**/*.ts' '**/*.json' --ignore-path ../../../.pret.prettierignore golangci-lint fmt --diff node 64/bin/go /home/REDACTED/wor/opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/compile go /usr/bin/git go (http block)
  • https://api.github.com/orgs/test-owner/actions/secrets
    • Triggering command: /usr/bin/gh gh api /orgs/test-owner/actions/secrets --jq .secrets[].name GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD erignore ache/go/1.25.0/xGO111MODULE env 7309993/b402/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE b/gh-aw/pkg/parsenv GOMODCACHE go (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v3
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v3 --jq .object.sha -aw/git/ref/tags/v2.0.0 402886/b001/_testmain.go /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE /opt/hostedtoolcache/go/1.25.0/x64/pkg/tool/linux_amd64/vet -ato�� r-test723604504/existing.md -buildtags /usr/bin/git -errorsas -ifaceassert -nilfunc git (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v5
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/pkg/tool/linux_amd64/vet GOINSECURE GOMOD GOMODCACHE 64/pkg/tool/linux_amd64/vet (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v5 --jq .object.sha "prettier" --wriGOINSECURE git 64/bin/go 0:00Z remote.origin.urenv /usr/bin/git sh -c npx prettier --wGOINSECURE git 64/bin/go =error 2>&1 LNALbmj/1onqyFxg/home/REDACTED/work/gh-aw/gh-aw/actions/setup/js/node_modules/.bin/prettier /usr/bin/infocmp--check go (http block)
  • https://api.github.com/repos/actions/checkout/git/ref/tags/v6
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha GOMODCACHE go /usr/bin/git -json GO111MODULE 64/bin/go git -C /tmp/TestCompileErrorFormatting4030956217/001 config r,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,disp--show-toplevel remote.origin.urgit flow 64/bin/go git (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/checkout/git/ref/tags/v6 --jq .object.sha xterm-color 5Z8DCkV6TG23 ache/node/24.14.0/x64/bin/node -json GO111MODULE 64/bin/go ache/node/24.14.0/x64/bin/node 4270�� GOMODCACHE sh /usr/bin/git npx prettier --cgit GOPROXY 64/bin/go git (http block)
  • https://api.github.com/repos/actions/github-script/git/ref/tags/v8
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD GOMODCACHE ache/go/1.25.0/xGO111MODULE env 7309993/b396/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE b/gh-aw/pkg/loggenv GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha /\1/p GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE node (http block)
    • Triggering command: /usr/bin/gh gh api /repos/actions/github-script/git/ref/tags/v8 --jq .object.sha e=false GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE VNgnGPLEQds7 env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE node (http block)
  • https://api.github.com/repos/actions/setup-go/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-go/git/ref/tags/v4 --jq .object.sha GOMODCACHE (http block)
  • https://api.github.com/repos/actions/setup-node/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/setup-node/git/ref/tags/v4 --jq .object.sha k/gh-aw/gh-aw/.github/workflows/archie.md go ache/node/24.14.0/x64/bin/node -json GO111MODULE 64/bin/go ache/node/24.14.0/x64/bin/node 3805�� --show-toplevel node /usr/bin/git run lint:cjs 64/bin/go git (http block)
  • https://api.github.com/repos/actions/upload-artifact/git/ref/tags/v4
    • Triggering command: /usr/bin/gh gh api /repos/actions/upload-artifact/git/ref/tags/v4 --jq .object.sha TOKEN"; }; f get TOKEN"; }; f get /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env runs/20260317-023921-28515/test-2397617365 GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go l GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
    • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env re GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .visibility -json GO111MODULE es/.bin/node GOINSECURE GOMOD GOMODCACHE go ode_�� -json GO111MODULE r: $owner, name: $name) { hasDiscussionsEnabled } } GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.0.0 --jq .object.sha -json GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go env runs/20260317-023921-28515/test-2205898528/.github/workflows GO111MODULE /opt/hostedtoolcache/go/1.25.0/x64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw-actions/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw-actions/git/ref/tags/v1.2.3 --jq .object.sha 402886/b402/_pkg_.a GO111MODULE 402886/b402=> GOINSECURE GOMOD GOMODCACHE go env NtQl/xhVqh7QChbBs18WVNtQl l 0/x64/bin/node GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/1/artifacts
    • Triggering command: /usr/bin/gh gh run download 1 --dir test-logs/run-1 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sed -ne hub/workflows GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12345/artifacts
    • Triggering command: /usr/bin/gh gh run download 12345 --dir test-logs/run-12345 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/12346/artifacts
    • Triggering command: /usr/bin/gh gh run download 12346 --dir test-logs/run-12346 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE /usr/lib/systemd/tmp/go-build894402886/b422/_testmain.go --de�� 70 --log-level 64/bin/go --log-target journal-or-kmsg 64/bin/go go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/2/artifacts
    • Triggering command: /usr/bin/gh gh run download 2 --dir test-logs/run-2 GO111MODULE x_amd64/link GOINSECURE GOMOD GOMODCACHE x_amd64/link -rn GOPATH GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go gQ/wQtfmYPJyckR0gnX0JTX/_8DtxLzCEyM21KM_Xuxg (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/3/artifacts
    • Triggering command: /usr/bin/gh gh run download 3 --dir test-logs/run-3 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE /usr/bin/php8.3 -c /etc/php/8.3/cgi/php.ini -d 64/bin/go -r foreach(ini_get_rev-parse 64/bin/go go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/4/artifacts
    • Triggering command: /usr/bin/gh gh run download 4 --dir test-logs/run-4 GO111MODULE x_amd64/vet GOINSECURE GOMOD GOMODCACHE x_amd64/vet /usr�� -mindepth 1 64/bin/go 1 -regex .*[0-9]\.[0-9] go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/runs/5/artifacts
    • Triggering command: /usr/bin/gh gh run download 5 --dir test-logs/run-5 GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sed -ne s/^session\.save_handler=\(.*\)$/\1/p GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go go (http block)
  • https://api.github.com/repos/github/gh-aw/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path -json GO111MODULE 64/bin/go GOINSECURE GOMOD erignore go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 100 GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE node (http block)
    • Triggering command: /usr/bin/gh gh run list --json databaseId,number,url,status,conclusion,workflowName,createdAt,startedAt,updatedAt,event,headBranch,headSha,displayTitle --workflow nonexistent-workflow-12345 --limit 6 GOMOD GOMODCACHE x_amd64/vet env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.0.0 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE T0/nejRrpeKXeeqTJffOULX/xjir9DgMrev-parse env -json GO111MODULE x_amd64/compile GOINSECURE GOMOD GOMODCACHE x_amd64/compile (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v1.2.3
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v1.2.3 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh -c npx prettier --c-errorsas GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go sh (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v2.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh -c npx prettier --c-errorsas GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go sh (http block)
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v2.0.0 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh -c npx prettier --c-errorsas GOPROXY 64/bin/go GOSUMDB GOWORK run-script/lib/n/tmp/gh-aw-test-runs/20260317-023921-28515/test-700300361/.github/workflows ry (http block)
  • https://api.github.com/repos/github/gh-aw/git/ref/tags/v3.0.0
    • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw/git/ref/tags/v3.0.0 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh -c npx prettier --cGOSUMDB GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go sh (http block)
  • https://api.github.com/repos/githubnext/agentics/git/ref/tags/
    • Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/# --jq .object.sha -json GO111MODULE $name) { hasDiscussionsEnabled } } GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/nonexistent/action/git/ref/tags/v999.999.999
    • Triggering command: /usr/bin/gh gh api /repos/nonexistent/action/git/ref/tags/v999.999.999 --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env 2157247281/.github/workflows GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/nonexistent/repo/actions/runs/12345
    • Triggering command: /usr/bin/gh gh run view 12345 --repo nonexistent/repo --json status,conclusion GOINSECURE GOMOD GOMODCACHE 0XVD7GS/mRL0tEU7JbrieQ94-F8q env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/owner/repo/actions/workflows
    • Triggering command: /usr/bin/gh gh workflow list --json name,state,path --repo owner/repo 64/bin/go GOINSECURE GOMOD erignore go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • https://api.github.com/repos/owner/repo/contents/file.md
    • Triggering command: /tmp/go-build894402886/b383/cli.test /tmp/go-build894402886/b383/cli.test -test.testlogfile=/tmp/go-build894402886/b383/testlog.txt -test.paniconexit0 -test.v=true -test.parallel=4 -test.timeout=10m0s -test.run=^Test -test.short=true GOINSECURE GOMOD GOMODCACHE ache/go/1.25.0/xGO111MODULE env 7309993/b369/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE b/gh-aw/tmp GOMODCACHE go (http block)
  • https://api.github.com/repos/test-owner/test-repo/actions/secrets
    • Triggering command: /usr/bin/gh gh api /repos/test-owner/test-repo/actions/secrets --jq .secrets[].name GOSUMDB GOWORK 64/bin/go GOINSECURE GOMOD erignore ache/go/1.25.0/xGO111MODULE env 7309993/b411/_pkGOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)

If you need me to access, download, or install something from one of these locations, you can either:

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot AI linked an issue Mar 17, 2026 that may be closed by this pull request
checkout: false still emits 'Configure Git credentials' steps that fail without .git #21313
Closed
@pelikhan
fix: skip Configure Git credentials when checkout: false, make Clean …
012d153 
…git credentials resilient

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Fix emission of 'Configure Git credentials' steps when checkout is false fix: skip Configure Git credentials when checkout: false Mar 17, 2026
Copilot AI requested a review from pelikhan March 17, 2026 02:44
@pelikhan pelikhan marked this pull request as ready for review March 17, 2026 02:54
Copilot AI review requested due to automatic review settings March 17, 2026 02:54
Copilot AI reviewed Mar 17, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes workflow compilation when checkout: false is set by preventing Git credential configuration steps from being emitted in jobs that don’t have a workspace .git directory, while keeping the credential-cleanup step as a best-effort security measure.

Changes:

  • Gate “Configure Git credentials” steps in the main job behind a needsGitConfig flag derived from whether a checkout is actually performed.
  • Make “Clean git credentials” resilient by adding continue-on-error: true.
  • Add/update tests and regenerate affected workflow lock files to reflect the new step emission behavior.

Reviewed changes

Copilot reviewed 175 out of 175 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
pkg/workflow/compiler_yaml_main_job.go Skips “Configure Git credentials” (both pre- and post-agent) when no checkout occurred.
pkg/workflow/git_configuration_steps.go Adds continue-on-error: true to the git-credentials cleanup step.
pkg/workflow/git_config_test.go Updates cleaner helper test and adds coverage for checkout: false behavior.
.github/workflows/ace-editor.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/agent-performance-analyzer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/agent-persona-explorer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/ai-moderator.lock.yml Removes “Configure Git credentials” steps and adds continue-on-error: true to “Clean git credentials”.
.github/workflows/archie.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/artifacts-summary.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/audit-workflows.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/auto-triage-issues.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/blog-auditor.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/bot-detection.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/brave.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/breaking-change-checker.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/changeset.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/ci-coach.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/ci-doctor.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/claude-code-user-docs-review.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/cli-consistency-checker.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/cli-version-checker.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/cloclo.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/code-scanning-fixer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/code-simplifier.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/codex-github-remote-mcp-test.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/commit-changes-analyzer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/constraint-solving-potd.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/contribution-check.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/copilot-agent-analysis.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/copilot-cli-deep-research.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/copilot-pr-merged-report.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/copilot-pr-nlp-analysis.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/copilot-pr-prompt-analysis.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/copilot-session-insights.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/craft.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-architecture-diagram.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-assign-issue-to-user.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-choice-test.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-cli-performance.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-cli-tools-tester.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-code-metrics.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-compiler-quality.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-copilot-token-report.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-doc-healer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-doc-updater.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-fact.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-file-diet.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-firewall-report.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-function-namer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-issues-report.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-malicious-code-scan.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-mcp-concurrency-analysis.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-multi-device-docs-tester.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-news.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-observability-report.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-performance-summary.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-regulatory.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-rendering-scripts-verifier.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-repo-chronicle.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-safe-output-optimizer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-safe-outputs-conformance.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-secrets-analysis.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-security-red-team.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-semgrep-scan.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-syntax-error-quality.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-team-evolution-insights.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-team-status.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-testify-uber-super-expert.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/daily-workflow-updater.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/dead-code-remover.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/deep-report.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/delight.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/dependabot-burner.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/dependabot-go-checker.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/dev-hawk.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/dev.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/developer-docs-consolidator.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/dictation-prompt.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/discussion-task-miner.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/docs-noob-tester.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/draft-pr-cleanup.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/duplicate-code-detector.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/example-permissions-warning.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/example-workflow-analyzer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/firewall-escape.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/firewall.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/functional-pragmatist.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/github-mcp-structural-analysis.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/github-mcp-tools-report.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/github-remote-mcp-auth-test.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/glossary-maintainer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/go-fan.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/go-logger.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/go-pattern-detector.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/gpclean.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/grumpy-reviewer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/hourly-ci-cleaner.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/instructions-janitor.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/issue-arborist.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/issue-monster.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/issue-triage-agent.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/jsweep.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/layout-spec-maintainer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/lockfile-stats.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/mcp-inspector.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/mergefest.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/metrics-collector.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/notion-issue-summary.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/org-health-report.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/pdf-summary.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/plan.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/poem-bot.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/portfolio-analyst.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/pr-nitpick-reviewer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/pr-triage-agent.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/prompt-clustering-analysis.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/python-data-charts.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/q.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/refiner.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/release.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/repo-audit-analyzer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/repo-tree-map.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/repository-quality-improver.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/research.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/safe-output-health.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/schema-consistency-checker.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/scout.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/security-alert-burndown.campaign.g.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/security-compliance.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/security-review.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/semantic-function-refactor.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/sergo.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/slide-deck-maintainer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-agent-all-merged.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-agent-all-none.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-agent-public-approved.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-agent-public-none.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-agent-scoped-approved.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-call-workflow.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-claude.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-codex.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-copilot-arm.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-copilot.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-create-cross-repo-pr.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-gemini.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-multi-pr.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-project.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-temporary-id.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-test-tools.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-update-cross-repo-pr.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-workflow-call-with-inputs.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/smoke-workflow-call.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/stale-repo-identifier.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/static-analysis-report.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/step-name-alignment.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/sub-issue-closer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/super-linter.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/technical-doc-writer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/terminal-stylist.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/test-create-pr-error-handling.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/test-dispatcher.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/test-project-url-default.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/test-workflow.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/tidy.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/typist.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/ubuntu-image-analyzer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/unbloat-docs.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/video-analyzer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/weekly-editors-health-check.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/weekly-issue-summary.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/weekly-safe-outputs-spec-review.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/workflow-generator.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/workflow-health-manager.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/workflow-normalizer.lock.yml Adds continue-on-error: true to “Clean git credentials”.
.github/workflows/workflow-skill-extractor.lock.yml Adds continue-on-error: true to “Clean git credentials”.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

Comment thread pkg/workflow/git_config_test.go Outdated
Comment on lines +264 to +272
// The "Clean git credentials" step should still be present (resilient, continue-on-error)
if !strings.Contains(lockContent, "Clean git credentials") {
t.Error("Expected 'Clean git credentials' step to still be present even when checkout: false")
}

// Verify continue-on-error is set on the cleaner step
if !strings.Contains(lockContent, "continue-on-error: true") {
t.Error("Expected 'continue-on-error: true' on Clean git credentials step")
}
@pelikhan
Copy link
Copy Markdown
Collaborator

pelikhan commented Mar 17, 2026

@copilot fix https://github.com/github/gh-aw/actions/runs/23175963022/job/67338791074

@pelikhan
fix: update wasm golden files and tighten continue-on-error assertion
d2df5d0 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copy link
Copy Markdown
Contributor Author

Copilot AI commented Mar 17, 2026

@copilot fix https://github.com/github/gh-aw/actions/runs/23175963022/job/67338791074

Fixed in d2df5d0. The WASM golden test snapshots (basic-copilot.golden, smoke-copilot.golden, with-imports.golden) were out of sync and needed to be updated to include continue-on-error: true on the "Clean git credentials" step. Also tightened the test assertion to check the exact step block rather than the whole YAML, addressing the review comment.

@pelikhan pelikhan merged commit 746718f into main Mar 17, 2026
53 checks passed
@pelikhan pelikhan deleted the copilot/fix-git-credentials-emission branch March 17, 2026 03:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@pelikhan pelikhan Awaiting requested review from pelikhan

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

checkout: false still emits 'Configure Git credentials' steps that fail without .git

3 participants

@pelikhan