From 80672f994cffc4b8106af7b7e086fbb53ede7d96 Mon Sep 17 00:00:00 2001 From: Landon Cox Date: Sat, 4 Apr 2026 15:51:43 -0700 Subject: [PATCH 1/3] fix: change token optimizer output from discussion to issue Replace shared/daily-audit-discussion.md import with inline safe-outputs create-issue config. Update prompt references from 'discussion' to 'issue'. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .../copilot-token-optimizer.lock.yml | 62 ++++++++++--------- .github/workflows/copilot-token-optimizer.md | 15 ++--- 2 files changed, 41 insertions(+), 36 deletions(-) diff --git a/.github/workflows/copilot-token-optimizer.lock.yml b/.github/workflows/copilot-token-optimizer.lock.yml index 567037774da..a7275965377 100644 --- a/.github/workflows/copilot-token-optimizer.lock.yml +++ b/.github/workflows/copilot-token-optimizer.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"711f32a7552facdfd64cd7b87379b0761180f36ccec3654c8b6e1b15fc4c0d7d","strict":true,"agent_id":"copilot"} +# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"06712682038683db00cb66786c6820d8b0bb91f869d3cca73c92ea49252cf8a8","strict":true,"agent_id":"copilot"} # ___ _ _ # / _ \ | | (_) # | |_| | __ _ ___ _ __ | |_ _ ___ @@ -26,7 +26,6 @@ # Resolved workflow manifest: # Imports: # - copilot-setup-steps.yml -# - shared/daily-audit-discussion.md # - shared/mcp/gh-aw.md # - shared/repo-memory-standard.md # - shared/reporting.md @@ -150,18 +149,18 @@ jobs: run: | bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh { - cat << 'GH_AW_PROMPT_70b3610d51da5d44_EOF' + cat << 'GH_AW_PROMPT_e3e1cde7e000c1b9_EOF' - GH_AW_PROMPT_70b3610d51da5d44_EOF + GH_AW_PROMPT_e3e1cde7e000c1b9_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md" cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_70b3610d51da5d44_EOF' + cat << 'GH_AW_PROMPT_e3e1cde7e000c1b9_EOF' - Tools: create_discussion, missing_tool, missing_data, noop + Tools: create_issue, missing_tool, missing_data, noop The following GitHub context information is available for this workflow: @@ -191,14 +190,14 @@ jobs: {{/if}} - GH_AW_PROMPT_70b3610d51da5d44_EOF + GH_AW_PROMPT_e3e1cde7e000c1b9_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md" - cat << 'GH_AW_PROMPT_70b3610d51da5d44_EOF' + cat << 'GH_AW_PROMPT_e3e1cde7e000c1b9_EOF' {{#runtime-import .github/workflows/shared/mcp/gh-aw.md}} {{#runtime-import .github/workflows/shared/reporting.md}} {{#runtime-import .github/workflows/copilot-token-optimizer.md}} - GH_AW_PROMPT_70b3610d51da5d44_EOF + GH_AW_PROMPT_e3e1cde7e000c1b9_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 @@ -423,23 +422,23 @@ jobs: mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_e3270863d960a7f7_EOF' - {"create_discussion":{"category":"audits","close_older_discussions":true,"expires":168,"fallback_to_issue":true,"max":1,"title_prefix":"[copilot-token-optimizer] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":10240}]}} - GH_AW_SAFE_OUTPUTS_CONFIG_e3270863d960a7f7_EOF + cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_0b9c3402c3c6c886_EOF' + {"create_issue":{"expires":168,"max":1,"title_prefix":"[copilot-token-optimizer] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":10240}]}} + GH_AW_SAFE_OUTPUTS_CONFIG_0b9c3402c3c6c886_EOF - name: Write Safe Outputs Tools run: | - cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_a39a8061be3ab911_EOF' + cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_db1a7d6ab27e8b37_EOF' { "description_suffixes": { - "create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[copilot-token-optimizer] \". Discussions will be created in category \"audits\"." + "create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[copilot-token-optimizer] \"." }, "repo_params": {}, "dynamic_tools": [] } - GH_AW_SAFE_OUTPUTS_TOOLS_META_a39a8061be3ab911_EOF - cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_ec2de261c878b880_EOF' + GH_AW_SAFE_OUTPUTS_TOOLS_META_db1a7d6ab27e8b37_EOF + cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4df0ddf7739ba873_EOF' { - "create_discussion": { + "create_issue": { "defaultMax": 1, "fields": { "body": { @@ -448,15 +447,22 @@ jobs: "sanitize": true, "maxLength": 65000 }, - "category": { - "type": "string", - "sanitize": true, - "maxLength": 128 + "labels": { + "type": "array", + "itemType": "string", + "itemSanitize": true, + "itemMaxLength": 128 + }, + "parent": { + "issueOrPRNumber": true }, "repo": { "type": "string", "maxLength": 256 }, + "temporary_id": { + "type": "string" + }, "title": { "required": true, "type": "string", @@ -523,7 +529,7 @@ jobs: } } } - GH_AW_SAFE_OUTPUTS_VALIDATION_ec2de261c878b880_EOF + GH_AW_SAFE_OUTPUTS_VALIDATION_4df0ddf7739ba873_EOF node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs - name: Generate Safe Outputs MCP Server Config id: safe-outputs-config @@ -594,7 +600,7 @@ jobs: export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12' mkdir -p /home/runner/.copilot - cat << GH_AW_MCP_CONFIG_88101803d64e3d6f_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh + cat << GH_AW_MCP_CONFIG_f360b5b664aa2241_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh { "mcpServers": { "agenticworkflows": { @@ -654,7 +660,7 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_88101803d64e3d6f_EOF + GH_AW_MCP_CONFIG_f360b5b664aa2241_EOF - name: Download activation artifact uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: @@ -867,7 +873,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - discussions: write issues: write concurrency: group: "gh-aw-conclusion-copilot-token-optimizer" @@ -949,8 +954,6 @@ jobs: GH_AW_ENGINE_ID: "copilot" GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }} GH_AW_INFERENCE_ACCESS_ERROR: ${{ needs.agent.outputs.inference_access_error }} - GH_AW_CREATE_DISCUSSION_ERRORS: ${{ needs.safe_outputs.outputs.create_discussion_errors }} - GH_AW_CREATE_DISCUSSION_ERROR_COUNT: ${{ needs.safe_outputs.outputs.create_discussion_error_count }} GH_AW_LOCKDOWN_CHECK_FAILED: ${{ needs.activation.outputs.lockdown_check_failed }} GH_AW_PUSH_REPO_MEMORY_RESULT: ${{ needs.push_repo_memory.result }} GH_AW_REPO_MEMORY_VALIDATION_FAILED_default: ${{ needs.push_repo_memory.outputs.validation_failed_default }} @@ -1214,7 +1217,6 @@ jobs: runs-on: ubuntu-slim permissions: contents: read - discussions: write issues: write timeout-minutes: 15 env: @@ -1230,6 +1232,8 @@ jobs: code_push_failure_errors: ${{ steps.process_safe_outputs.outputs.code_push_failure_errors }} create_discussion_error_count: ${{ steps.process_safe_outputs.outputs.create_discussion_error_count }} create_discussion_errors: ${{ steps.process_safe_outputs.outputs.create_discussion_errors }} + created_issue_number: ${{ steps.process_safe_outputs.outputs.created_issue_number }} + created_issue_url: ${{ steps.process_safe_outputs.outputs.created_issue_url }} process_safe_outputs_processed_count: ${{ steps.process_safe_outputs.outputs.processed_count }} process_safe_outputs_temporary_id_map: ${{ steps.process_safe_outputs.outputs.temporary_id_map }} steps: @@ -1275,7 +1279,7 @@ jobs: GH_AW_ALLOWED_DOMAINS: "api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.googleapis.com" GITHUB_SERVER_URL: ${{ github.server_url }} GITHUB_API_URL: ${{ github.api_url }} - GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_discussion\":{\"category\":\"audits\",\"close_older_discussions\":true,\"expires\":168,\"fallback_to_issue\":true,\"max\":1,\"title_prefix\":\"[copilot-token-optimizer] \"},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"}}" + GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_issue\":{\"expires\":168,\"max\":1,\"title_prefix\":\"[copilot-token-optimizer] \"},\"missing_data\":{},\"missing_tool\":{},\"noop\":{\"max\":1,\"report-as-issue\":\"true\"}}" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/copilot-token-optimizer.md b/.github/workflows/copilot-token-optimizer.md index eb119b08a1e..9a72240caae 100644 --- a/.github/workflows/copilot-token-optimizer.md +++ b/.github/workflows/copilot-token-optimizer.md @@ -17,12 +17,13 @@ tools: toolsets: [default] bash: - "*" +safe-outputs: + create-issue: + expires: 7d + title-prefix: "[copilot-token-optimizer] " + max: 1 timeout-minutes: 30 imports: - - uses: shared/daily-audit-discussion.md - with: - title-prefix: "[copilot-token-optimizer] " - expires: "7d" - uses: shared/repo-memory-standard.md with: branch-name: "memory/token-audit" @@ -45,7 +46,7 @@ You are the Copilot Token Optimizer — an analyst that picks one high-token-usa 2. Pick the **single workflow** with the highest total token usage that has **not been optimized recently**. 3. Use the `agentic-workflows` MCP tools (`logs`, `audit`) to deeply inspect 5–10 recent runs of that workflow. 4. Analyze firewall proxy token logs, tool usage patterns, MCP server calls, and error/warning counts. -5. Produce a conservative, evidence-based optimization discussion with specific recommendations. +5. Produce a conservative, evidence-based optimization issue with specific recommendations. ## Guiding Principles @@ -203,9 +204,9 @@ Generate specific, actionable recommendations with estimated token savings: - Use shared components to reduce duplication - Pre-compute data in bash steps to reduce agent work -## Phase 5 — Publish Discussion +## Phase 5 — Publish Issue -Create a discussion with the analysis. Use this structure: +Create an issue with the analysis. Use this structure: ``` ### 🔍 Optimization Target: [Workflow Name] From 99ef4cb721763a51b5433c45ccc80db86acb28dd Mon Sep 17 00:00:00 2001 From: Landon Cox Date: Sat, 4 Apr 2026 16:04:24 -0700 Subject: [PATCH 2/3] fix: increase repo-memory max-patch-size for token workflows The audit snapshot (~18 KB) exceeded the default max-patch-size (10 KB), causing push_repo_memory to reject the data. The push_repo_memory job reported success but had nothing to push, so the memory/token-audit branch was never created. This meant the optimizer couldn't read any audit data. Fix: - Add max-patch-size input to shared/repo-memory-standard.md - Set max-patch-size to 51200 (50 KB) for both token workflows Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .../workflows/copilot-token-audit.lock.yml | 72 +++++++++++++------ .github/workflows/copilot-token-audit.md | 1 + .../copilot-token-optimizer.lock.yml | 61 +++++++++++----- .github/workflows/copilot-token-optimizer.md | 1 + .../workflows/shared/repo-memory-standard.md | 5 ++ 5 files changed, 101 insertions(+), 39 deletions(-) diff --git a/.github/workflows/copilot-token-audit.lock.yml b/.github/workflows/copilot-token-audit.lock.yml index 4e9be857ab9..785c8a056b2 100644 --- a/.github/workflows/copilot-token-audit.lock.yml +++ b/.github/workflows/copilot-token-audit.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"4993afcb4a3c4deba55338531bccb1f2368e81e959816495af1ce71b96edac94","strict":true,"agent_id":"copilot"} +# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"30107ff06ddff13a593f175c86fe6ac713e80c7174980a1b05dddccb48fff938","strict":true,"agent_id":"copilot"} # ___ _ _ # / _ \ | | (_) # | |_| | __ _ ___ _ __ | |_ _ ___ @@ -79,6 +79,7 @@ jobs: comment_repo: "" lockdown_check_failed: ${{ steps.generate_aw_info.outputs.lockdown_check_failed == 'true' }} model: ${{ steps.generate_aw_info.outputs.model }} + setup-trace-id: ${{ steps.setup.outputs.trace-id }} steps: - name: Checkout actions folder uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 @@ -88,9 +89,11 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} - name: Generate agentic run info id: generate_aw_info env: @@ -154,9 +157,9 @@ jobs: run: | bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh { - cat << 'GH_AW_PROMPT_054db1186592fa8a_EOF' + cat << 'GH_AW_PROMPT_ce062c0246294651_EOF' - GH_AW_PROMPT_054db1186592fa8a_EOF + GH_AW_PROMPT_ce062c0246294651_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" @@ -164,7 +167,7 @@ jobs: cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_054db1186592fa8a_EOF' + cat << 'GH_AW_PROMPT_ce062c0246294651_EOF' Tools: create_discussion, upload_asset, missing_tool, missing_data, noop @@ -198,15 +201,15 @@ jobs: {{/if}} - GH_AW_PROMPT_054db1186592fa8a_EOF + GH_AW_PROMPT_ce062c0246294651_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md" - cat << 'GH_AW_PROMPT_054db1186592fa8a_EOF' + cat << 'GH_AW_PROMPT_ce062c0246294651_EOF' {{#runtime-import .github/workflows/shared/mcp/gh-aw.md}} {{#runtime-import .github/workflows/shared/reporting.md}} {{#runtime-import .github/workflows/shared/python-dataviz.md}} {{#runtime-import .github/workflows/copilot-token-audit.md}} - GH_AW_PROMPT_054db1186592fa8a_EOF + GH_AW_PROMPT_ce062c0246294651_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 @@ -234,7 +237,7 @@ jobs: GH_AW_GITHUB_RUN_ID: ${{ github.run_id }} GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }} GH_AW_MEMORY_BRANCH_NAME: 'memory/token-audit' - GH_AW_MEMORY_CONSTRAINTS: "\n\n**Constraints:**\n- **Allowed Files**: Only files matching patterns: memory/token-audit/*.json, memory/token-audit/*.jsonl, memory/token-audit/*.csv, memory/token-audit/*.md\n- **Max File Size**: 102400 bytes (0.10 MB) per file\n- **Max File Count**: 100 files per commit\n- **Max Patch Size**: 10240 bytes (10 KB) total per push (max: 100 KB)\n" + GH_AW_MEMORY_CONSTRAINTS: "\n\n**Constraints:**\n- **Allowed Files**: Only files matching patterns: memory/token-audit/*.json, memory/token-audit/*.jsonl, memory/token-audit/*.csv, memory/token-audit/*.md\n- **Max File Size**: 102400 bytes (0.10 MB) per file\n- **Max File Count**: 100 files per commit\n- **Max Patch Size**: 51200 bytes (50 KB) total per push (max: 100 KB)\n" GH_AW_MEMORY_DESCRIPTION: ' Historical daily Copilot token usage snapshots' GH_AW_MEMORY_DIR: '/tmp/gh-aw/repo-memory/default/' GH_AW_MEMORY_TARGET_REPO: ' of the current repository' @@ -315,6 +318,7 @@ jobs: model: ${{ needs.activation.outputs.model }} output: ${{ steps.collect_output.outputs.output }} output_types: ${{ steps.collect_output.outputs.output_types }} + setup-trace-id: ${{ steps.setup.outputs.trace-id }} steps: - name: Checkout actions folder uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 @@ -324,9 +328,12 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} + trace-id: ${{ needs.activation.outputs.setup-trace-id }} - name: Set runtime paths id: set-runtime-paths run: | @@ -482,12 +489,12 @@ jobs: mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_819e53f76fde48af_EOF' - {"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[copilot-token-audit] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":10240}]},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}} - GH_AW_SAFE_OUTPUTS_CONFIG_819e53f76fde48af_EOF + cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_b6b826edcb8b04b7_EOF' + {"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[copilot-token-audit] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":51200}]},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}} + GH_AW_SAFE_OUTPUTS_CONFIG_b6b826edcb8b04b7_EOF - name: Write Safe Outputs Tools run: | - cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_288b8994e1fd8d09_EOF' + cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_6958f4e62971e574_EOF' { "description_suffixes": { "create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[copilot-token-audit] \". Discussions will be created in category \"audits\".", @@ -496,8 +503,8 @@ jobs: "repo_params": {}, "dynamic_tools": [] } - GH_AW_SAFE_OUTPUTS_TOOLS_META_288b8994e1fd8d09_EOF - cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_8fca0007804a33a6_EOF' + GH_AW_SAFE_OUTPUTS_TOOLS_META_6958f4e62971e574_EOF + cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_7a53351007f7d205_EOF' { "create_discussion": { "defaultMax": 1, @@ -592,7 +599,7 @@ jobs: } } } - GH_AW_SAFE_OUTPUTS_VALIDATION_8fca0007804a33a6_EOF + GH_AW_SAFE_OUTPUTS_VALIDATION_7a53351007f7d205_EOF node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs - name: Generate Safe Outputs MCP Server Config id: safe-outputs-config @@ -666,7 +673,7 @@ jobs: export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12' mkdir -p /home/runner/.copilot - cat << GH_AW_MCP_CONFIG_d7bab00102f5cd4c_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh + cat << GH_AW_MCP_CONFIG_c8b290cf6d2bafa7_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh { "mcpServers": { "agenticworkflows": { @@ -726,7 +733,7 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_d7bab00102f5cd4c_EOF + GH_AW_MCP_CONFIG_c8b290cf6d2bafa7_EOF - name: Download activation artifact uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: @@ -982,9 +989,12 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} + trace-id: ${{ needs.activation.outputs.setup-trace-id }} - name: Download agent output artifact id: download-agent-output continue-on-error: true @@ -1065,7 +1075,9 @@ jobs: await main(); detection: - needs: agent + needs: + - activation + - agent if: > always() && needs.agent.result != 'skipped' && (needs.agent.outputs.output_types != '' || needs.agent.outputs.has_patch == 'true') runs-on: ubuntu-latest @@ -1084,9 +1096,12 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} + trace-id: ${{ needs.activation.outputs.setup-trace-id }} - name: Download agent output artifact id: download-agent-output continue-on-error: true @@ -1220,6 +1235,7 @@ jobs: push_repo_memory: needs: + - activation - agent - detection if: > @@ -1244,9 +1260,12 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} + trace-id: ${{ needs.activation.outputs.setup-trace-id }} - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: @@ -1284,7 +1303,7 @@ jobs: BRANCH_NAME: memory/token-audit MAX_FILE_SIZE: 102400 MAX_FILE_COUNT: 100 - MAX_PATCH_SIZE: 10240 + MAX_PATCH_SIZE: 51200 ALLOWED_EXTENSIONS: '[]' FILE_GLOB_FILTER: "memory/token-audit/*.json memory/token-audit/*.jsonl memory/token-audit/*.csv memory/token-audit/*.md" with: @@ -1305,6 +1324,7 @@ jobs: safe_outputs: needs: + - activation - agent - detection if: (!cancelled()) && needs.agent.result != 'skipped' && needs.detection.result == 'success' @@ -1338,9 +1358,12 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} + trace-id: ${{ needs.activation.outputs.setup-trace-id }} - name: Download agent output artifact id: download-agent-output continue-on-error: true @@ -1390,6 +1413,7 @@ jobs: update_cache_memory: needs: + - activation - agent - detection if: > @@ -1409,9 +1433,12 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} + trace-id: ${{ needs.activation.outputs.setup-trace-id }} - name: Download cache-memory artifact (default) id: download_cache_default uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 @@ -1436,7 +1463,9 @@ jobs: path: /tmp/gh-aw/cache-memory upload_assets: - needs: agent + needs: + - activation + - agent if: (!cancelled()) && needs.agent.result != 'skipped' && contains(needs.agent.outputs.output_types, 'upload_asset') runs-on: ubuntu-slim permissions: @@ -1454,9 +1483,12 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} + trace-id: ${{ needs.activation.outputs.setup-trace-id }} - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: diff --git a/.github/workflows/copilot-token-audit.md b/.github/workflows/copilot-token-audit.md index 87879fb8c95..bf31bc3232a 100644 --- a/.github/workflows/copilot-token-audit.md +++ b/.github/workflows/copilot-token-audit.md @@ -54,6 +54,7 @@ imports: with: branch-name: "memory/token-audit" description: "Historical daily Copilot token usage snapshots" + max-patch-size: 51200 - copilot-setup-steps.yml - uses: shared/mcp/gh-aw.md - shared/reporting.md diff --git a/.github/workflows/copilot-token-optimizer.lock.yml b/.github/workflows/copilot-token-optimizer.lock.yml index a7275965377..19d48acb675 100644 --- a/.github/workflows/copilot-token-optimizer.lock.yml +++ b/.github/workflows/copilot-token-optimizer.lock.yml @@ -1,4 +1,4 @@ -# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"06712682038683db00cb66786c6820d8b0bb91f869d3cca73c92ea49252cf8a8","strict":true,"agent_id":"copilot"} +# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"86a159c3ff0374493fa651d638eab96762e4dad20a9b47e1cd175c3d768437be","strict":true,"agent_id":"copilot"} # ___ _ _ # / _ \ | | (_) # | |_| | __ _ ___ _ __ | |_ _ ___ @@ -74,6 +74,7 @@ jobs: comment_repo: "" lockdown_check_failed: ${{ steps.generate_aw_info.outputs.lockdown_check_failed == 'true' }} model: ${{ steps.generate_aw_info.outputs.model }} + setup-trace-id: ${{ steps.setup.outputs.trace-id }} steps: - name: Checkout actions folder uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 @@ -83,9 +84,11 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} - name: Generate agentic run info id: generate_aw_info env: @@ -149,16 +152,16 @@ jobs: run: | bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh { - cat << 'GH_AW_PROMPT_e3e1cde7e000c1b9_EOF' + cat << 'GH_AW_PROMPT_822a6d37b217ea93_EOF' - GH_AW_PROMPT_e3e1cde7e000c1b9_EOF + GH_AW_PROMPT_822a6d37b217ea93_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md" cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md" cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md" cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md" cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md" - cat << 'GH_AW_PROMPT_e3e1cde7e000c1b9_EOF' + cat << 'GH_AW_PROMPT_822a6d37b217ea93_EOF' Tools: create_issue, missing_tool, missing_data, noop @@ -190,14 +193,14 @@ jobs: {{/if}} - GH_AW_PROMPT_e3e1cde7e000c1b9_EOF + GH_AW_PROMPT_822a6d37b217ea93_EOF cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md" - cat << 'GH_AW_PROMPT_e3e1cde7e000c1b9_EOF' + cat << 'GH_AW_PROMPT_822a6d37b217ea93_EOF' {{#runtime-import .github/workflows/shared/mcp/gh-aw.md}} {{#runtime-import .github/workflows/shared/reporting.md}} {{#runtime-import .github/workflows/copilot-token-optimizer.md}} - GH_AW_PROMPT_e3e1cde7e000c1b9_EOF + GH_AW_PROMPT_822a6d37b217ea93_EOF } > "$GH_AW_PROMPT" - name: Interpolate variables and render templates uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8 @@ -222,7 +225,7 @@ jobs: GH_AW_GITHUB_RUN_ID: ${{ github.run_id }} GH_AW_GITHUB_WORKSPACE: ${{ github.workspace }} GH_AW_MEMORY_BRANCH_NAME: 'memory/token-audit' - GH_AW_MEMORY_CONSTRAINTS: "\n\n**Constraints:**\n- **Allowed Files**: Only files matching patterns: memory/token-audit/*.json, memory/token-audit/*.jsonl, memory/token-audit/*.csv, memory/token-audit/*.md\n- **Max File Size**: 102400 bytes (0.10 MB) per file\n- **Max File Count**: 100 files per commit\n- **Max Patch Size**: 10240 bytes (10 KB) total per push (max: 100 KB)\n" + GH_AW_MEMORY_CONSTRAINTS: "\n\n**Constraints:**\n- **Allowed Files**: Only files matching patterns: memory/token-audit/*.json, memory/token-audit/*.jsonl, memory/token-audit/*.csv, memory/token-audit/*.md\n- **Max File Size**: 102400 bytes (0.10 MB) per file\n- **Max File Count**: 100 files per commit\n- **Max Patch Size**: 51200 bytes (50 KB) total per push (max: 100 KB)\n" GH_AW_MEMORY_DESCRIPTION: ' Historical daily Copilot token usage snapshots (shared with copilot-token-audit)' GH_AW_MEMORY_DIR: '/tmp/gh-aw/repo-memory/default/' GH_AW_MEMORY_TARGET_REPO: ' of the current repository' @@ -300,6 +303,7 @@ jobs: model: ${{ needs.activation.outputs.model }} output: ${{ steps.collect_output.outputs.output }} output_types: ${{ steps.collect_output.outputs.output_types }} + setup-trace-id: ${{ steps.setup.outputs.trace-id }} steps: - name: Checkout actions folder uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 @@ -309,9 +313,12 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} + trace-id: ${{ needs.activation.outputs.setup-trace-id }} - name: Set runtime paths id: set-runtime-paths run: | @@ -422,12 +429,12 @@ jobs: mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/safeoutputs mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs - cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_0b9c3402c3c6c886_EOF' - {"create_issue":{"expires":168,"max":1,"title_prefix":"[copilot-token-optimizer] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":10240}]}} - GH_AW_SAFE_OUTPUTS_CONFIG_0b9c3402c3c6c886_EOF + cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_0b64c8e56368c0ae_EOF' + {"create_issue":{"expires":168,"max":1,"title_prefix":"[copilot-token-optimizer] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":51200}]}} + GH_AW_SAFE_OUTPUTS_CONFIG_0b64c8e56368c0ae_EOF - name: Write Safe Outputs Tools run: | - cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_db1a7d6ab27e8b37_EOF' + cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_fa1fbe008d87589d_EOF' { "description_suffixes": { "create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[copilot-token-optimizer] \"." @@ -435,8 +442,8 @@ jobs: "repo_params": {}, "dynamic_tools": [] } - GH_AW_SAFE_OUTPUTS_TOOLS_META_db1a7d6ab27e8b37_EOF - cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4df0ddf7739ba873_EOF' + GH_AW_SAFE_OUTPUTS_TOOLS_META_fa1fbe008d87589d_EOF + cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_3faae8610bd35d4c_EOF' { "create_issue": { "defaultMax": 1, @@ -529,7 +536,7 @@ jobs: } } } - GH_AW_SAFE_OUTPUTS_VALIDATION_4df0ddf7739ba873_EOF + GH_AW_SAFE_OUTPUTS_VALIDATION_3faae8610bd35d4c_EOF node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs - name: Generate Safe Outputs MCP Server Config id: safe-outputs-config @@ -600,7 +607,7 @@ jobs: export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12' mkdir -p /home/runner/.copilot - cat << GH_AW_MCP_CONFIG_f360b5b664aa2241_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh + cat << GH_AW_MCP_CONFIG_f021b11b7f2e027d_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh { "mcpServers": { "agenticworkflows": { @@ -660,7 +667,7 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_f360b5b664aa2241_EOF + GH_AW_MCP_CONFIG_f021b11b7f2e027d_EOF - name: Download activation artifact uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: @@ -890,9 +897,12 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} + trace-id: ${{ needs.activation.outputs.setup-trace-id }} - name: Download agent output artifact id: download-agent-output continue-on-error: true @@ -971,7 +981,9 @@ jobs: await main(); detection: - needs: agent + needs: + - activation + - agent if: > always() && needs.agent.result != 'skipped' && (needs.agent.outputs.output_types != '' || needs.agent.outputs.has_patch == 'true') runs-on: ubuntu-latest @@ -990,9 +1002,12 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} + trace-id: ${{ needs.activation.outputs.setup-trace-id }} - name: Download agent output artifact id: download-agent-output continue-on-error: true @@ -1126,6 +1141,7 @@ jobs: push_repo_memory: needs: + - activation - agent - detection if: > @@ -1150,9 +1166,12 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} + trace-id: ${{ needs.activation.outputs.setup-trace-id }} - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: @@ -1190,7 +1209,7 @@ jobs: BRANCH_NAME: memory/token-audit MAX_FILE_SIZE: 102400 MAX_FILE_COUNT: 100 - MAX_PATCH_SIZE: 10240 + MAX_PATCH_SIZE: 51200 ALLOWED_EXTENSIONS: '[]' FILE_GLOB_FILTER: "memory/token-audit/*.json memory/token-audit/*.jsonl memory/token-audit/*.csv memory/token-audit/*.md" with: @@ -1211,6 +1230,7 @@ jobs: safe_outputs: needs: + - activation - agent - detection if: (!cancelled()) && needs.agent.result != 'skipped' && needs.detection.result == 'success' @@ -1245,9 +1265,12 @@ jobs: actions persist-credentials: false - name: Setup Scripts + id: setup uses: ./actions/setup with: destination: ${{ runner.temp }}/gh-aw/actions + job-name: ${{ github.job }} + trace-id: ${{ needs.activation.outputs.setup-trace-id }} - name: Download agent output artifact id: download-agent-output continue-on-error: true diff --git a/.github/workflows/copilot-token-optimizer.md b/.github/workflows/copilot-token-optimizer.md index 9a72240caae..01d1b99f08e 100644 --- a/.github/workflows/copilot-token-optimizer.md +++ b/.github/workflows/copilot-token-optimizer.md @@ -28,6 +28,7 @@ imports: with: branch-name: "memory/token-audit" description: "Historical daily Copilot token usage snapshots (shared with copilot-token-audit)" + max-patch-size: 51200 - copilot-setup-steps.yml - uses: shared/mcp/gh-aw.md - shared/reporting.md diff --git a/.github/workflows/shared/repo-memory-standard.md b/.github/workflows/shared/repo-memory-standard.md index 3869456ed7c..db3ba3ad010 100644 --- a/.github/workflows/shared/repo-memory-standard.md +++ b/.github/workflows/shared/repo-memory-standard.md @@ -22,6 +22,10 @@ import-schema: type: integer default: 102400 description: "Max file size in bytes (default: 100KB)" + max-patch-size: + type: integer + default: 10240 + description: "Max total patch size in bytes per push (default: 10KB, max: 100KB)" tools: repo-memory: @@ -33,4 +37,5 @@ tools: - "${{ github.aw.import-inputs.branch-name }}/*.csv" - "${{ github.aw.import-inputs.branch-name }}/*.md" max-file-size: ${{ github.aw.import-inputs.max-file-size }} + max-patch-size: ${{ github.aw.import-inputs.max-patch-size }} --- From 65bd83598ef6caefac512a7b313f17fa65b48bb9 Mon Sep 17 00:00:00 2001 From: Landon Cox Date: Sat, 4 Apr 2026 16:05:08 -0700 Subject: [PATCH 3/3] Update .github/workflows/copilot-token-optimizer.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/copilot-token-optimizer.md | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/copilot-token-optimizer.md b/.github/workflows/copilot-token-optimizer.md index 01d1b99f08e..bb3d6c75acf 100644 --- a/.github/workflows/copilot-token-optimizer.md +++ b/.github/workflows/copilot-token-optimizer.md @@ -21,6 +21,7 @@ safe-outputs: create-issue: expires: 7d title-prefix: "[copilot-token-optimizer] " + close-older-issues: true max: 1 timeout-minutes: 30 imports: