Conversation
There was a problem hiding this comment.
Pull request overview
Adds a new smoke-test workflow to validate the shared/run-dag-artifact.md import by generating run DAG artifacts and creating an issue containing the Mermaid DAG.
Changes:
- Introduces
smoke-run-dagworkflow definition (.md) that imports the run DAG artifact helper and instructs the agent to validate outputs + create an issue. - Adds the compiled gh-aw lock workflow for
smoke-run-dag. - Adds a shared import (
shared/run-dag-artifact.md) that generates and uploadsrun-dag.json+run-dag.md.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| .github/workflows/smoke-run-dag.md | Defines the smoke-test workflow behavior and required agent output (issue with Mermaid DAG). |
| .github/workflows/smoke-run-dag.lock.yml | Compiled workflow used by GitHub Actions to execute the smoke test. |
| .github/workflows/shared/run-dag-artifact.md | Shared import that generates and uploads the run DAG artifact files. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| The issue body should include: | ||
|
|
||
| - `Status: PASS` | ||
| - `Current run: ...` | ||
| - `Parent edge: present` or `Parent edge: absent` | ||
| - The Mermaid block from `/tmp/gh-aw/run-dag/run-dag.md` | ||
|
|
||
| ```json | ||
| { | ||
| "type": "create_issue", | ||
| "title": "Smoke Run DAG - ${{ github.run_id }}", | ||
| "body": "## Run DAG Smoke Test\n\nStatus: PASS\n\nCurrent run: [fill from run-dag.json]\nParent edge: [present or absent based on run-dag.json]\n\n[Paste the Mermaid block from run-dag.md here]" | ||
| } |
There was a problem hiding this comment.
The instructions hard-code Status: PASS in both the required issue body fields and the example create_issue payload. This makes the smoke test misleading when validations fail (e.g., missing files or schema mismatch). Update the instructions/example to set status dynamically (PASS/FAIL) based on the verification steps and include a brief failure reason when failing.
| # - smoke-dag # Label filtering applied via job conditions | ||
| types: | ||
| - labeled | ||
| workflow_dispatch: |
There was a problem hiding this comment.
This compiled workflow is missing the auto-injected workflow_dispatch.inputs.aw_context block (present in other compiled workflows). Without declaring aw_context, upstream dispatch_workflow/call_workflow handlers won’t inject parent context, which reduces coverage for the run-DAG parent edge. Recompile with the repository’s current gh-aw version (or otherwise ensure aw_context input injection is enabled) so the lock file includes the standard aw_context input.
| workflow_dispatch: | |
| workflow_dispatch: | |
| inputs: | |
| aw_context: | |
| description: "gh-aw parent context" | |
| required: false | |
| type: string |
| - name: Install GitHub Copilot CLI | ||
| run: ${RUNNER_TEMP}/gh-aw/actions/install_copilot_cli.sh latest | ||
| env: | ||
| GH_HOST: github.com | ||
| - name: Install AWF binary | ||
| run: bash ${RUNNER_TEMP}/gh-aw/actions/install_awf_binary.sh v0.24.5 | ||
| - name: Determine automatic lockdown mode for GitHub MCP Server | ||
| id: determine-automatic-lockdown | ||
| uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 | ||
| env: | ||
| GH_AW_GITHUB_TOKEN: ${{ secrets.GH_AW_GITHUB_TOKEN }} | ||
| GH_AW_GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN }} | ||
| with: | ||
| script: | | ||
| const determineAutomaticLockdown = require('${{ runner.temp }}/gh-aw/actions/determine_automatic_lockdown.cjs'); | ||
| await determineAutomaticLockdown(github, context, core); | ||
| - name: Download container images | ||
| run: bash ${RUNNER_TEMP}/gh-aw/actions/download_docker_images.sh ghcr.io/github/gh-aw-firewall/agent:0.24.5 ghcr.io/github/gh-aw-firewall/api-proxy:0.24.5 ghcr.io/github/gh-aw-firewall/squid:0.24.5 ghcr.io/github/gh-aw-mcpg:v0.1.20 ghcr.io/github/github-mcp-server:v0.32.0 node:lts-alpine |
There was a problem hiding this comment.
This lock file pins AWF/firewall assets to v0.24.5 (e.g., install_awf_binary.sh v0.24.5 and the gh-aw-firewall/*:0.24.5 images), while the rest of the repository’s workflows are on v0.25.0. Please recompile with the current version so this workflow stays consistent with the repo and picks up the same fixes/behavior as other workflows.
|
No description provided.