From 84a566cd95331b7719ff116b680ba9d4fe6ebf43 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 26 Mar 2026 20:49:35 +0000 Subject: [PATCH 1/2] Initial plan From 85242aa5d482b99800f2843667ded9374960994c Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 26 Mar 2026 21:10:17 +0000 Subject: [PATCH 2/2] fix: disable failure issue reporting for daily-integrity-analysis to prevent noise from transient Copilot API auth errors Agent-Logs-Url: https://github.com/github/gh-aw/sessions/912f6d9f-eee4-4e53-9aee-a4683ccac178 Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .../daily-integrity-analysis.lock.yml | 44 +++++++++---------- .github/workflows/daily-integrity-analysis.md | 1 + 2 files changed, 23 insertions(+), 22 deletions(-) diff --git a/.github/workflows/daily-integrity-analysis.lock.yml b/.github/workflows/daily-integrity-analysis.lock.yml index 4da576e6c9a..2349d93f568 100644 --- a/.github/workflows/daily-integrity-analysis.lock.yml +++ b/.github/workflows/daily-integrity-analysis.lock.yml @@ -27,7 +27,7 @@ # - shared/python-dataviz.md # - shared/reporting.md # -# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"14da1f5ca53ca2611e94e9df1d61b170baabd80c9f60f2fa200cc233cbce1143","strict":true,"agent_id":"copilot"} +# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"2d7bdc2c9df8a9ef69a209cea5855d1478baa39e46e88f3000eefeb59c1726f6","strict":true,"agent_id":"copilot"} name: "Daily DIFC Integrity-Filtered Events Analyzer" "on": @@ -138,16 +138,16 @@ jobs: run: | bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh { - cat << 'GH_AW_PROMPT_64684d6c5669d29b_EOF' + cat << 'GH_AW_PROMPT_e8417d56c072359d_EOF' - GH_AW_PROMPT_64684d6c5669d29b_EOF + GH_AW_PROMPT_e8417d56c072359d_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md" cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_64684d6c5669d29b_EOF' + cat << 'GH_AW_PROMPT_e8417d56c072359d_EOF' Tools: create_discussion, upload_asset, missing_tool, missing_data, noop @@ -181,20 +181,20 @@ jobs: {{/if}} - GH_AW_PROMPT_64684d6c5669d29b_EOF + GH_AW_PROMPT_e8417d56c072359d_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md" - cat << 'GH_AW_PROMPT_64684d6c5669d29b_EOF' + cat << 'GH_AW_PROMPT_e8417d56c072359d_EOF' - GH_AW_PROMPT_64684d6c5669d29b_EOF - cat << 'GH_AW_PROMPT_64684d6c5669d29b_EOF' + GH_AW_PROMPT_e8417d56c072359d_EOF + cat << 'GH_AW_PROMPT_e8417d56c072359d_EOF' {{#runtime-import .github/workflows/shared/reporting.md}} - GH_AW_PROMPT_64684d6c5669d29b_EOF - cat << 'GH_AW_PROMPT_64684d6c5669d29b_EOF' + GH_AW_PROMPT_e8417d56c072359d_EOF + cat << 'GH_AW_PROMPT_e8417d56c072359d_EOF' {{#runtime-import .github/workflows/shared/python-dataviz.md}} - GH_AW_PROMPT_64684d6c5669d29b_EOF - cat << 'GH_AW_PROMPT_64684d6c5669d29b_EOF' + GH_AW_PROMPT_e8417d56c072359d_EOF + cat << 'GH_AW_PROMPT_e8417d56c072359d_EOF' {{#runtime-import .github/workflows/daily-integrity-analysis.md}} - GH_AW_PROMPT_64684d6c5669d29b_EOF + GH_AW_PROMPT_e8417d56c072359d_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 @@ -460,12 +460,12 @@ jobs: mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_7a204e672b504ab9_EOF' + cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_416a710afd3368a5_EOF' {"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[integrity] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}} - GH_AW_SAFE_OUTPUTS_CONFIG_7a204e672b504ab9_EOF + GH_AW_SAFE_OUTPUTS_CONFIG_416a710afd3368a5_EOF - name: Write Safe Outputs Tools run: | - cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_78a4be8fdb37aae5_EOF' + cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_a2a3eb9304d70347_EOF' { "description_suffixes": { "create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[integrity] \". Discussions will be created in category \"audits\".", @@ -474,8 +474,8 @@ jobs: "repo_params": {}, "dynamic_tools": [] } - GH_AW_SAFE_OUTPUTS_TOOLS_META_78a4be8fdb37aae5_EOF - cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_0b23b3cb47c93693_EOF' + GH_AW_SAFE_OUTPUTS_TOOLS_META_a2a3eb9304d70347_EOF + cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_152f4ae87306fcef_EOF' { "create_discussion": { "defaultMax": 1, @@ -570,7 +570,7 @@ jobs: } } } - GH_AW_SAFE_OUTPUTS_VALIDATION_0b23b3cb47c93693_EOF + GH_AW_SAFE_OUTPUTS_VALIDATION_152f4ae87306fcef_EOF node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs - name: Generate Safe Outputs MCP Server Config id: safe-outputs-config @@ -642,7 +642,7 @@ jobs: export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.6' mkdir -p /home/runner/.copilot - cat << GH_AW_MCP_CONFIG_440982b9b0077129_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh + cat << GH_AW_MCP_CONFIG_c56afeb252060ef8_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh { "mcpServers": { "agenticworkflows": { @@ -702,7 +702,7 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_440982b9b0077129_EOF + GH_AW_MCP_CONFIG_c56afeb252060ef8_EOF - name: Download activation artifact uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: @@ -1007,7 +1007,7 @@ jobs: GH_AW_CREATE_DISCUSSION_ERROR_COUNT: ${{ needs.safe_outputs.outputs.create_discussion_error_count }} GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }} GH_AW_GROUP_REPORTS: "false" - GH_AW_FAILURE_REPORT_AS_ISSUE: "true" + GH_AW_FAILURE_REPORT_AS_ISSUE: "false" GH_AW_TIMEOUT_MINUTES: "30" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/daily-integrity-analysis.md b/.github/workflows/daily-integrity-analysis.md index 9803d2221f9..11cdd759d01 100644 --- a/.github/workflows/daily-integrity-analysis.md +++ b/.github/workflows/daily-integrity-analysis.md @@ -39,6 +39,7 @@ tools: - "*" safe-outputs: + report-failure-as-issue: false upload-asset: create-discussion: expires: 3d