From 48e3d5dee60e2dd2c58edfa16ef5a3854bb5c5c0 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 5 Apr 2026 00:45:58 +0000
Subject: [PATCH 1/2] refactor: extract otlp config into
shared/observability-otlp.md, import in 30% of workflows
Agent-Logs-Url: https://github.com/github/gh-aw/sessions/db3f5fda-2876-4792-b534-bad8c1213323
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
.../daily-architecture-diagram.lock.yml | 36 +++++-----
.../workflows/daily-architecture-diagram.md | 1 +
.../daily-assign-issue-to-user.lock.yml | 35 +++++----
.../workflows/daily-assign-issue-to-user.md | 2 +
.github/workflows/daily-choice-test.lock.yml | 37 +++++-----
.github/workflows/daily-choice-test.md | 2 +
.../workflows/daily-cli-performance.lock.yml | 48 +++++++------
.github/workflows/daily-cli-performance.md | 1 +
.../workflows/daily-cli-tools-tester.lock.yml | 32 +++++----
.github/workflows/daily-cli-tools-tester.md | 1 +
.github/workflows/daily-code-metrics.lock.yml | 32 +++++----
.github/workflows/daily-code-metrics.md | 1 +
.../daily-community-attribution.lock.yml | 36 +++++-----
.../workflows/daily-community-attribution.md | 1 +
.../workflows/daily-compiler-quality.lock.yml | 32 +++++----
.github/workflows/daily-compiler-quality.md | 1 +
.github/workflows/daily-doc-healer.lock.yml | 36 +++++-----
.github/workflows/daily-doc-healer.md | 1 +
.github/workflows/daily-doc-updater.lock.yml | 36 +++++-----
.github/workflows/daily-doc-updater.md | 1 +
.github/workflows/daily-fact.lock.yml | 39 +++++-----
.github/workflows/daily-fact.md | 2 +
.github/workflows/daily-file-diet.lock.yml | 32 +++++----
.github/workflows/daily-file-diet.md | 1 +
.../workflows/daily-firewall-report.lock.yml | 32 +++++----
.github/workflows/daily-firewall-report.md | 1 +
.../workflows/daily-function-namer.lock.yml | 32 +++++----
.github/workflows/daily-function-namer.md | 1 +
.../daily-integrity-analysis.lock.yml | 32 +++++----
.github/workflows/daily-integrity-analysis.md | 1 +
.../workflows/daily-issues-report.lock.yml | 36 +++++-----
.github/workflows/daily-issues-report.md | 1 +
.../daily-malicious-code-scan.lock.yml | 32 +++++----
.../workflows/daily-malicious-code-scan.md | 1 +
.../daily-mcp-concurrency-analysis.lock.yml | 32 +++++----
.../daily-mcp-concurrency-analysis.md | 1 +
.../daily-multi-device-docs-tester.lock.yml | 32 +++++----
.../daily-multi-device-docs-tester.md | 1 +
.github/workflows/daily-news.lock.yml | 32 +++++----
.github/workflows/daily-news.md | 1 +
.../daily-observability-report.lock.yml | 36 +++++-----
.../workflows/daily-observability-report.md | 1 +
.../daily-performance-summary.lock.yml | 52 +++++++-------
.../workflows/daily-performance-summary.md | 1 +
.github/workflows/daily-regulatory.lock.yml | 52 +++++++-------
.github/workflows/daily-regulatory.md | 1 +
.../daily-rendering-scripts-verifier.lock.yml | 36 +++++-----
.../daily-rendering-scripts-verifier.md | 1 +
.../workflows/daily-repo-chronicle.lock.yml | 32 +++++----
.github/workflows/daily-repo-chronicle.md | 1 +
.../daily-safe-output-integrator.lock.yml | 36 +++++-----
.../workflows/daily-safe-output-integrator.md | 1 +
.../daily-safe-output-optimizer.lock.yml | 32 +++++----
.../workflows/daily-safe-output-optimizer.md | 1 +
.../daily-safe-outputs-conformance.lock.yml | 32 +++++----
.../daily-safe-outputs-conformance.md | 1 +
.../workflows/daily-secrets-analysis.lock.yml | 32 +++++----
.github/workflows/daily-secrets-analysis.md | 1 +
.../daily-security-red-team.lock.yml | 32 +++++----
.github/workflows/daily-security-red-team.md | 1 +
.github/workflows/daily-semgrep-scan.lock.yml | 32 +++++----
.github/workflows/daily-semgrep-scan.md | 1 +
.../daily-syntax-error-quality.lock.yml | 32 +++++----
.../workflows/daily-syntax-error-quality.md | 1 +
.../daily-team-evolution-insights.lock.yml | 32 +++++----
.../daily-team-evolution-insights.md | 1 +
.github/workflows/daily-team-status.lock.yml | 32 +++++----
.github/workflows/daily-team-status.md | 1 +
.../daily-testify-uber-super-expert.lock.yml | 32 +++++----
.../daily-testify-uber-super-expert.md | 1 +
.../workflows/daily-workflow-updater.lock.yml | 39 +++++-----
.github/workflows/daily-workflow-updater.md | 2 +
.../workflows/shared/observability-otlp.md | 6 ++
.../workflows/smoke-agent-all-merged.lock.yml | 39 +++++-----
.github/workflows/smoke-agent-all-merged.md | 2 +
.../workflows/smoke-agent-all-none.lock.yml | 39 +++++-----
.github/workflows/smoke-agent-all-none.md | 2 +
.../smoke-agent-public-approved.lock.yml | 36 +++++-----
.../workflows/smoke-agent-public-approved.md | 1 +
.../smoke-agent-public-none.lock.yml | 39 +++++-----
.github/workflows/smoke-agent-public-none.md | 2 +
.../smoke-agent-scoped-approved.lock.yml | 36 +++++-----
.../workflows/smoke-agent-scoped-approved.md | 1 +
.../workflows/smoke-call-workflow.lock.yml | 39 +++++-----
.github/workflows/smoke-call-workflow.md | 2 +
.github/workflows/smoke-claude.lock.yml | 72 ++++++++++---------
.github/workflows/smoke-claude.md | 1 +
.github/workflows/smoke-codex.lock.yml | 48 +++++++------
.github/workflows/smoke-codex.md | 1 +
.github/workflows/smoke-copilot-arm.lock.yml | 63 ++++++++--------
.github/workflows/smoke-copilot-arm.md | 5 +-
.github/workflows/smoke-copilot.lock.yml | 63 ++++++++--------
.github/workflows/smoke-copilot.md | 5 +-
.../smoke-create-cross-repo-pr.lock.yml | 39 +++++-----
.../workflows/smoke-create-cross-repo-pr.md | 2 +
.github/workflows/smoke-gemini.lock.yml | 44 ++++++------
.github/workflows/smoke-gemini.md | 1 +
.github/workflows/smoke-multi-pr.lock.yml | 39 +++++-----
.github/workflows/smoke-multi-pr.md | 2 +
.github/workflows/smoke-project.lock.yml | 39 +++++-----
.github/workflows/smoke-project.md | 2 +
.../workflows/smoke-service-ports.lock.yml | 35 +++++----
.github/workflows/smoke-service-ports.md | 2 +
.github/workflows/smoke-temporary-id.lock.yml | 35 +++++----
.github/workflows/smoke-temporary-id.md | 2 +
.github/workflows/smoke-test-tools.lock.yml | 35 +++++----
.github/workflows/smoke-test-tools.md | 2 +
.../smoke-update-cross-repo-pr.lock.yml | 39 +++++-----
.../workflows/smoke-update-cross-repo-pr.md | 2 +
109 files changed, 1165 insertions(+), 959 deletions(-)
create mode 100644 .github/workflows/shared/observability-otlp.md
diff --git a/.github/workflows/daily-architecture-diagram.lock.yml b/.github/workflows/daily-architecture-diagram.lock.yml
index 60702db183d..ed1093b1e8e 100644
--- a/.github/workflows/daily-architecture-diagram.lock.yml
+++ b/.github/workflows/daily-architecture-diagram.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"db8377f8aaa3807c3407119f90efcf4de03dcbc550843b2d5c91bec1902f0545","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"b21152b2a2cb33c9790687b63215f21ba3e8b655a6e6a50e096e01a0ab4d8171","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -25,6 +25,7 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -148,20 +149,20 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_f5a79467418a74fe_EOF'
+ cat << 'GH_AW_PROMPT_45a1bb3d1353a64f_EOF'
- GH_AW_PROMPT_f5a79467418a74fe_EOF
+ GH_AW_PROMPT_45a1bb3d1353a64f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_f5a79467418a74fe_EOF'
+ cat << 'GH_AW_PROMPT_45a1bb3d1353a64f_EOF'
Tools: create_issue, create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_f5a79467418a74fe_EOF
+ GH_AW_PROMPT_45a1bb3d1353a64f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_f5a79467418a74fe_EOF'
+ cat << 'GH_AW_PROMPT_45a1bb3d1353a64f_EOF'
The following GitHub context information is available for this workflow:
@@ -191,13 +192,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_f5a79467418a74fe_EOF
+ GH_AW_PROMPT_45a1bb3d1353a64f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_f5a79467418a74fe_EOF'
+ cat << 'GH_AW_PROMPT_45a1bb3d1353a64f_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-architecture-diagram.md}}
- GH_AW_PROMPT_f5a79467418a74fe_EOF
+ GH_AW_PROMPT_45a1bb3d1353a64f_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -389,12 +391,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_b119ae0bb0e43725_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_d5c7ebfdb7e5326f_EOF'
{"create_issue":{"close_older_issues":true,"expires":168,"labels":["architecture","diagram"],"max":1,"title_prefix":"🏗️ Architecture Diagram:"},"create_pull_request":{"expires":168,"labels":["architecture","diagram","documentation"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"title_prefix":"[architecture] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_b119ae0bb0e43725_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_d5c7ebfdb7e5326f_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_fa01ddb7dd60dbc4_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_6b297bfe9c1f496a_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"🏗️ Architecture Diagram:\". Labels [\"architecture\" \"diagram\"] will be automatically added.",
@@ -403,8 +405,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_fa01ddb7dd60dbc4_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_6d22048e0c74e8bf_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_6b297bfe9c1f496a_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_132ea249639c116b_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -533,7 +535,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_6d22048e0c74e8bf_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_132ea249639c116b_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -603,7 +605,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_ada8a355f17974cb_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_a4149b39b32b7149_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -644,7 +646,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_ada8a355f17974cb_EOF
+ GH_AW_MCP_CONFIG_a4149b39b32b7149_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-architecture-diagram.md b/.github/workflows/daily-architecture-diagram.md
index 23e019a19f6..ea3852469f3 100644
--- a/.github/workflows/daily-architecture-diagram.md
+++ b/.github/workflows/daily-architecture-diagram.md
@@ -32,6 +32,7 @@ safe-outputs:
imports:
- shared/reporting.md
+ - shared/observability-otlp.md
timeout-minutes: 20
strict: true
diff --git a/.github/workflows/daily-assign-issue-to-user.lock.yml b/.github/workflows/daily-assign-issue-to-user.lock.yml
index d0373d48816..2977c2f9771 100644
--- a/.github/workflows/daily-assign-issue-to-user.lock.yml
+++ b/.github/workflows/daily-assign-issue-to-user.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"43fc2ec5935f4044529bec2ad354af59f9e74913f3c5b920c0df10ab206b96c9","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"b8837697959ccef3a9e25c836ac34b77f03c06abead767b2801fd07edcffce71","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -22,6 +22,10 @@
# For more information: https://github.github.com/gh-aw/introduction/overview/
#
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
# - GH_AW_GITHUB_TOKEN
@@ -140,14 +144,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_dbf305741da243a8_EOF'
+ cat << 'GH_AW_PROMPT_2850dcddd1890fd7_EOF'
- GH_AW_PROMPT_dbf305741da243a8_EOF
+ GH_AW_PROMPT_2850dcddd1890fd7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_dbf305741da243a8_EOF'
+ cat << 'GH_AW_PROMPT_2850dcddd1890fd7_EOF'
Tools: add_comment, assign_to_user, missing_tool, missing_data, noop
@@ -179,12 +183,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_dbf305741da243a8_EOF
+ GH_AW_PROMPT_2850dcddd1890fd7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_dbf305741da243a8_EOF'
+ cat << 'GH_AW_PROMPT_2850dcddd1890fd7_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-assign-issue-to-user.md}}
- GH_AW_PROMPT_dbf305741da243a8_EOF
+ GH_AW_PROMPT_2850dcddd1890fd7_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -355,12 +360,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_feb65de79cf1d8b4_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_d6279d5e54ad9842_EOF'
{"add_comment":{"max":1,"target":"*"},"assign_to_user":{"max":1,"target":"*"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_feb65de79cf1d8b4_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_d6279d5e54ad9842_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_170e011b2924712d_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_6033bb7c094f1b0d_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added. Target: *."
@@ -368,8 +373,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_170e011b2924712d_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4d9eb58491f04bfb_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_6033bb7c094f1b0d_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_aff976ce84e3aa7b_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -469,7 +474,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_4d9eb58491f04bfb_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_aff976ce84e3aa7b_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -539,7 +544,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_905ec6d74bd3cef6_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_21e1e5016b1ad7cd_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -580,7 +585,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_905ec6d74bd3cef6_EOF
+ GH_AW_MCP_CONFIG_21e1e5016b1ad7cd_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-assign-issue-to-user.md b/.github/workflows/daily-assign-issue-to-user.md
index d4fe816bd96..0817786febb 100644
--- a/.github/workflows/daily-assign-issue-to-user.md
+++ b/.github/workflows/daily-assign-issue-to-user.md
@@ -19,6 +19,8 @@ safe-outputs:
target: "*"
features:
copilot-requests: true
+imports:
+ - shared/observability-otlp.md
---
{{#runtime-import? .github/shared-instructions.md}}
diff --git a/.github/workflows/daily-choice-test.lock.yml b/.github/workflows/daily-choice-test.lock.yml
index a4b75175fd2..c5e614e7448 100644
--- a/.github/workflows/daily-choice-test.lock.yml
+++ b/.github/workflows/daily-choice-test.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"7107b3d0b634a0772bdf5228815dcfd34346bce34cc31c7e5076464c5e29070c","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"ea995e6fa82049e5d0bfad33162e648f8be979169957dcfc48618ee616d16acd","strict":true,"agent_id":"claude"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Daily test workflow using Claude with custom safe-output job containing choice inputs
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - ANTHROPIC_API_KEY
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -149,14 +153,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_ffc773a1efacacbf_EOF'
+ cat << 'GH_AW_PROMPT_8b11cb9f58eda6e4_EOF'
- GH_AW_PROMPT_ffc773a1efacacbf_EOF
+ GH_AW_PROMPT_8b11cb9f58eda6e4_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_ffc773a1efacacbf_EOF'
+ cat << 'GH_AW_PROMPT_8b11cb9f58eda6e4_EOF'
Tools: missing_tool, missing_data, noop, test_environment
@@ -188,12 +192,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_ffc773a1efacacbf_EOF
+ GH_AW_PROMPT_8b11cb9f58eda6e4_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_ffc773a1efacacbf_EOF'
+ cat << 'GH_AW_PROMPT_8b11cb9f58eda6e4_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-choice-test.md}}
- GH_AW_PROMPT_ffc773a1efacacbf_EOF
+ GH_AW_PROMPT_8b11cb9f58eda6e4_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -365,12 +370,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_ef23d87c2c9dc24d_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_bbecc17c2ecf89d9_EOF'
{"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"test_environment":{"description":"A test job with choice input","inputs":{"environment":{"default":null,"description":"Target environment","options":["staging","production"],"required":true,"type":"choice"},"test_type":{"default":null,"description":"Type of test to run","options":["smoke","integration","e2e"],"required":true,"type":"choice"}},"output":"Environment test completed successfully"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_ef23d87c2c9dc24d_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_bbecc17c2ecf89d9_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_bb6e2addda7e500b_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_8cf29ac578fb9d14_EOF'
{
"description_suffixes": {},
"repo_params": {},
@@ -408,8 +413,8 @@ jobs:
}
]
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_bb6e2addda7e500b_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_9cf7d9c7f22db33b_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_8cf29ac578fb9d14_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_cb00c477ef2e5597_EOF'
{
"missing_data": {
"defaultMax": 20,
@@ -469,7 +474,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_9cf7d9c7f22db33b_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_cb00c477ef2e5597_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -538,7 +543,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_9df20f616181b904_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_20071b9515771a06_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -578,7 +583,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_9df20f616181b904_EOF
+ GH_AW_MCP_CONFIG_20071b9515771a06_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -1207,7 +1212,7 @@ jobs:
find "${RUNNER_TEMP}/gh-aw/safe-jobs/" -type f -print
echo "GH_AW_AGENT_OUTPUT=${RUNNER_TEMP}/gh-aw/safe-jobs/agent_output.json" >> "$GITHUB_OUTPUT"
- name: Display test configuration
- run: |-
+ run: |
if [ -f "$GH_AW_AGENT_OUTPUT" ]; then
ENVIRONMENT=$(cat "$GH_AW_AGENT_OUTPUT" | jq -r '.items[] | select(.type == "test_environment") | .environment')
TEST_TYPE=$(cat "$GH_AW_AGENT_OUTPUT" | jq -r '.items[] | select(.type == "test_environment") | .test_type')
diff --git a/.github/workflows/daily-choice-test.md b/.github/workflows/daily-choice-test.md
index 0a681f7101b..75bfb1397e8 100644
--- a/.github/workflows/daily-choice-test.md
+++ b/.github/workflows/daily-choice-test.md
@@ -56,6 +56,8 @@ safe-outputs:
else
echo "No agent output found"
fi
+imports:
+ - shared/observability-otlp.md
---
# Daily Choice Type Test
diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml
index f6c364bfceb..f6d52b29ec6 100644
--- a/.github/workflows/daily-cli-performance.lock.yml
+++ b/.github/workflows/daily-cli-performance.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"3feebaa45781ef8c51d8580de0df4919ec85f5cea1fa63fc089455cf1668de3e","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"88addf6502946372009eabdf56e15db571b0b416f1ade467db04f166ae10e5c4","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/go-make.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -176,15 +177,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_bfce10023b275325_EOF'
+ cat << 'GH_AW_PROMPT_09c672e8257d531d_EOF'
- GH_AW_PROMPT_bfce10023b275325_EOF
+ GH_AW_PROMPT_09c672e8257d531d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_bfce10023b275325_EOF'
+ cat << 'GH_AW_PROMPT_09c672e8257d531d_EOF'
Tools: add_comment(max:5), create_issue(max:3), missing_tool, missing_data, noop
@@ -216,14 +217,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_bfce10023b275325_EOF
+ GH_AW_PROMPT_09c672e8257d531d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_bfce10023b275325_EOF'
+ cat << 'GH_AW_PROMPT_09c672e8257d531d_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/go-make.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-cli-performance.md}}
- GH_AW_PROMPT_bfce10023b275325_EOF
+ GH_AW_PROMPT_09c672e8257d531d_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -423,12 +425,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_90b27d864ebbd39b_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_938d2a7dd0591b34_EOF'
{"add_comment":{"max":5},"create_issue":{"expires":48,"group":true,"labels":["performance","automation","cookie"],"max":3,"title_prefix":"[performance] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":131072,"max_patch_size":10240}]}}
- GH_AW_SAFE_OUTPUTS_CONFIG_90b27d864ebbd39b_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_938d2a7dd0591b34_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_5e7e889fc695153c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_9fa1841949bcb39f_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 5 comment(s) can be added.",
@@ -437,8 +439,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_5e7e889fc695153c_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_a066f40a5c88e97a_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_9fa1841949bcb39f_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_cea036f8602ea8ef_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -549,7 +551,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_a066f40a5c88e97a_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_cea036f8602ea8ef_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -594,7 +596,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_127c234fd3ecab7e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_06b300c4de30a3d1_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -638,8 +640,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_127c234fd3ecab7e_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_0ff33e81002d32da_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_06b300c4de30a3d1_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_93c23907d9963e36_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -653,12 +655,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_0ff33e81002d32da_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_93c23907d9963e36_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_fa6abc790b8f40aa_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_1a3be8175c2bb02c_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: go
# Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -669,9 +671,9 @@ jobs:
go $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GO_fa6abc790b8f40aa_EOF
+ GH_AW_MCP_SCRIPTS_SH_GO_1a3be8175c2bb02c_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh << 'GH_AW_MCP_SCRIPTS_SH_MAKE_b85d925b6a2b8063_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh << 'GH_AW_MCP_SCRIPTS_SH_MAKE_b6fccd62d7e14f10_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: make
# Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -681,7 +683,7 @@ jobs:
echo "make $INPUT_ARGS"
make $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_MAKE_b85d925b6a2b8063_EOF
+ GH_AW_MCP_SCRIPTS_SH_MAKE_b6fccd62d7e14f10_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh
- name: Generate MCP Scripts Server Config
@@ -746,7 +748,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_be21b238233abce6_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_a961720d0dd2f093_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -801,7 +803,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_be21b238233abce6_EOF
+ GH_AW_MCP_CONFIG_a961720d0dd2f093_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-cli-performance.md b/.github/workflows/daily-cli-performance.md
index 35b74e82373..dc36bc2da6e 100644
--- a/.github/workflows/daily-cli-performance.md
+++ b/.github/workflows/daily-cli-performance.md
@@ -56,6 +56,7 @@ strict: true
imports:
- shared/reporting.md
- shared/go-make.md
+ - shared/observability-otlp.md
features:
copilot-requests: true
if: needs.pre_activation.outputs.has_changes == 'true' || github.event_name == 'workflow_dispatch'
diff --git a/.github/workflows/daily-cli-tools-tester.lock.yml b/.github/workflows/daily-cli-tools-tester.lock.yml
index 4b35bf2177d..e488d9d4c1b 100644
--- a/.github/workflows/daily-cli-tools-tester.lock.yml
+++ b/.github/workflows/daily-cli-tools-tester.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"b9a8666bdce8efad76dc16f0410edce4380322e346d19a697bcb9a2695b93e26","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"95fa78ac1f6600b89aa4380965c5deb05def45cbd07a9c6396b4f2baee9627ec","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -25,6 +25,7 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -155,15 +156,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_d40892c06a6ae629_EOF'
+ cat << 'GH_AW_PROMPT_959b5304d02547e8_EOF'
- GH_AW_PROMPT_d40892c06a6ae629_EOF
+ GH_AW_PROMPT_959b5304d02547e8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_d40892c06a6ae629_EOF'
+ cat << 'GH_AW_PROMPT_959b5304d02547e8_EOF'
Tools: create_issue, missing_tool, missing_data, noop
@@ -195,13 +196,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_d40892c06a6ae629_EOF
+ GH_AW_PROMPT_959b5304d02547e8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_d40892c06a6ae629_EOF'
+ cat << 'GH_AW_PROMPT_959b5304d02547e8_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-cli-tools-tester.md}}
- GH_AW_PROMPT_d40892c06a6ae629_EOF
+ GH_AW_PROMPT_959b5304d02547e8_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -428,12 +430,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_6a878820420aaaa5_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_0ddf6e9a533f1582_EOF'
{"create_issue":{"expires":168,"labels":["testing","automation","cli-tools"],"max":1,"title_prefix":"[cli-tools-test] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_6a878820420aaaa5_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_0ddf6e9a533f1582_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_ea9d1f61360dc1c6_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_110bd748a83c131b_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[cli-tools-test] \". Labels [\"testing\" \"automation\" \"cli-tools\"] will be automatically added."
@@ -441,8 +443,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_ea9d1f61360dc1c6_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_15098dd1aad5f77f_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_110bd748a83c131b_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_0ca6b969b55eeec6_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -535,7 +537,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_15098dd1aad5f77f_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_0ca6b969b55eeec6_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -606,7 +608,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_f87695436f43f2f4_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_927e77f791f44cae_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -666,7 +668,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_f87695436f43f2f4_EOF
+ GH_AW_MCP_CONFIG_927e77f791f44cae_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-cli-tools-tester.md b/.github/workflows/daily-cli-tools-tester.md
index 99e6900e055..7723def3227 100644
--- a/.github/workflows/daily-cli-tools-tester.md
+++ b/.github/workflows/daily-cli-tools-tester.md
@@ -23,6 +23,7 @@ timeout-minutes: 60
strict: true
imports:
- shared/reporting.md
+ - shared/observability-otlp.md
---
# Daily CLI Tools Exploratory Tester
diff --git a/.github/workflows/daily-code-metrics.lock.yml b/.github/workflows/daily-code-metrics.lock.yml
index dac4f0d837e..419e746a267 100644
--- a/.github/workflows/daily-code-metrics.lock.yml
+++ b/.github/workflows/daily-code-metrics.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"384636c532c28dc936a721a7008bae578186429dc1e0db8e123a1be0d560e64f","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"fe7b2c9509e4a0b1d3b0e4779f4fc34d6f5c69c392a658b819b138f6341536a0","strict":true,"agent_id":"claude"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/daily-audit-discussion.md
+# - shared/observability-otlp.md
# - shared/python-dataviz.md
# - shared/reporting.md
# - shared/trends.md
@@ -160,16 +161,16 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_f06d1e5238fecaae_EOF'
+ cat << 'GH_AW_PROMPT_912e06b9630d7ed4_EOF'
- GH_AW_PROMPT_f06d1e5238fecaae_EOF
+ GH_AW_PROMPT_912e06b9630d7ed4_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_f06d1e5238fecaae_EOF'
+ cat << 'GH_AW_PROMPT_912e06b9630d7ed4_EOF'
Tools: create_discussion, upload_asset, missing_tool, missing_data, noop
@@ -203,15 +204,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_f06d1e5238fecaae_EOF
+ GH_AW_PROMPT_912e06b9630d7ed4_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_f06d1e5238fecaae_EOF'
+ cat << 'GH_AW_PROMPT_912e06b9630d7ed4_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/python-dataviz.md}}
{{#runtime-import .github/workflows/shared/trends.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-code-metrics.md}}
- GH_AW_PROMPT_f06d1e5238fecaae_EOF
+ GH_AW_PROMPT_912e06b9630d7ed4_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -453,12 +455,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_bd0a68b5cf00b89f_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_e15fd991b667d244_EOF'
{"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[daily-code-metrics] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":51200}]},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_bd0a68b5cf00b89f_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_e15fd991b667d244_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_c2dfb42b3d7ae25b_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_8e5bc45d31604251_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[daily-code-metrics] \". Discussions will be created in category \"audits\".",
@@ -467,8 +469,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_c2dfb42b3d7ae25b_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_5bbc430921c304d4_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_8e5bc45d31604251_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_f6938a0722737e92_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -563,7 +565,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_5bbc430921c304d4_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_f6938a0722737e92_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -635,7 +637,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_ac39fbd4537408b6_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_df3577e76cb8dacb_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -675,7 +677,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_ac39fbd4537408b6_EOF
+ GH_AW_MCP_CONFIG_df3577e76cb8dacb_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-code-metrics.md b/.github/workflows/daily-code-metrics.md
index b254aa3b414..69f1f00f10b 100644
--- a/.github/workflows/daily-code-metrics.md
+++ b/.github/workflows/daily-code-metrics.md
@@ -26,6 +26,7 @@ imports:
- shared/reporting.md
- shared/python-dataviz.md
- shared/trends.md
+ - shared/observability-otlp.md
---
{{#runtime-import? .github/shared-instructions.md}}
diff --git a/.github/workflows/daily-community-attribution.lock.yml b/.github/workflows/daily-community-attribution.lock.yml
index a96f161c2d3..3af7ded9ad9 100644
--- a/.github/workflows/daily-community-attribution.lock.yml
+++ b/.github/workflows/daily-community-attribution.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"2e37f734fc14d80c9ec89e70f43f99924d7475aaedc34b4b35478b9b2e25dce9","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"d8410a2acd1463842c4bee4697418ffda12f92bdc759581c5f2eaac251b2c077","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/community-attribution.md
+# - shared/observability-otlp.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -153,20 +154,20 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_3a6544334ea882c2_EOF'
+ cat << 'GH_AW_PROMPT_fc0f770f20780023_EOF'
- GH_AW_PROMPT_3a6544334ea882c2_EOF
+ GH_AW_PROMPT_fc0f770f20780023_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_3a6544334ea882c2_EOF'
+ cat << 'GH_AW_PROMPT_fc0f770f20780023_EOF'
Tools: create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_3a6544334ea882c2_EOF
+ GH_AW_PROMPT_fc0f770f20780023_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_3a6544334ea882c2_EOF'
+ cat << 'GH_AW_PROMPT_fc0f770f20780023_EOF'
The following GitHub context information is available for this workflow:
@@ -196,13 +197,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_3a6544334ea882c2_EOF
+ GH_AW_PROMPT_fc0f770f20780023_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_3a6544334ea882c2_EOF'
+ cat << 'GH_AW_PROMPT_fc0f770f20780023_EOF'
{{#runtime-import .github/workflows/shared/community-attribution.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-community-attribution.md}}
- GH_AW_PROMPT_3a6544334ea882c2_EOF
+ GH_AW_PROMPT_fc0f770f20780023_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -405,12 +407,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_3693301442e8eab7_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_85c7e908e123b8ba_EOF'
{"create_pull_request":{"draft":true,"expires":24,"labels":["community","automation"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"title_prefix":"[community] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":10240,"max_patch_size":10240}]}}
- GH_AW_SAFE_OUTPUTS_CONFIG_3693301442e8eab7_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_85c7e908e123b8ba_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_db2eb087a107b002_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_35b99f4844c19c8f_EOF'
{
"description_suffixes": {
"create_pull_request": " CONSTRAINTS: Maximum 1 pull request(s) can be created. Title will be prefixed with \"[community] \". Labels [\"community\" \"automation\"] will be automatically added. PRs will be created as drafts."
@@ -418,8 +420,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_db2eb087a107b002_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_d4e855ac397405a5_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_35b99f4844c19c8f_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_3104d49e716b2a87_EOF'
{
"create_pull_request": {
"defaultMax": 1,
@@ -515,7 +517,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_d4e855ac397405a5_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_3104d49e716b2a87_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -585,7 +587,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_929cc945f361fa8d_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_37d1a9be8610cbbc_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -626,7 +628,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_929cc945f361fa8d_EOF
+ GH_AW_MCP_CONFIG_37d1a9be8610cbbc_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-community-attribution.md b/.github/workflows/daily-community-attribution.md
index 74c6ed8b146..a1348191e81 100644
--- a/.github/workflows/daily-community-attribution.md
+++ b/.github/workflows/daily-community-attribution.md
@@ -46,6 +46,7 @@ safe-outputs:
imports:
- shared/community-attribution.md
+ - shared/observability-otlp.md
steps:
- name: Fetch PR data for attribution index
diff --git a/.github/workflows/daily-compiler-quality.lock.yml b/.github/workflows/daily-compiler-quality.lock.yml
index 07ec5dbfc4e..9c36d3f6070 100644
--- a/.github/workflows/daily-compiler-quality.lock.yml
+++ b/.github/workflows/daily-compiler-quality.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"f1013f9cd39ab9898ff4026d0550b9c3ee5fb9c3135f7deeeb9b14a412579e8a","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"07df264f3ff60e79b2664e791a5a2f09c63287cd9993bbf89150da5fffa1ae39","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -28,6 +28,7 @@
# - shared/daily-audit-discussion.md
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
+# - shared/observability-otlp.md
# - shared/reporting.md
# - shared/go-source-analysis.md
#
@@ -151,15 +152,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_713fc4d5e6f40f0f_EOF'
+ cat << 'GH_AW_PROMPT_0f471fc3749d4cd7_EOF'
- GH_AW_PROMPT_713fc4d5e6f40f0f_EOF
+ GH_AW_PROMPT_0f471fc3749d4cd7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_713fc4d5e6f40f0f_EOF'
+ cat << 'GH_AW_PROMPT_0f471fc3749d4cd7_EOF'
Tools: create_discussion, missing_tool, missing_data, noop
@@ -191,9 +192,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_713fc4d5e6f40f0f_EOF
+ GH_AW_PROMPT_0f471fc3749d4cd7_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_713fc4d5e6f40f0f_EOF'
+ cat << 'GH_AW_PROMPT_0f471fc3749d4cd7_EOF'
## Serena Code Analysis
@@ -227,10 +228,11 @@ jobs:
{{#runtime-import .github/workflows/shared/go-source-analysis.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-compiler-quality.md}}
- GH_AW_PROMPT_713fc4d5e6f40f0f_EOF
+ GH_AW_PROMPT_0f471fc3749d4cd7_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -424,12 +426,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_ba374878793b3dc1_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_8969f874acbfc9d9_EOF'
{"create_discussion":{"category":"audits","close_older_discussions":true,"expires":24,"fallback_to_issue":true,"max":1,"title_prefix":"[daily-compiler-quality] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_ba374878793b3dc1_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_8969f874acbfc9d9_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_3a3474a27bf75ff5_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_38af51b271b5dce8_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[daily-compiler-quality] \". Discussions will be created in category \"audits\"."
@@ -437,8 +439,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_3a3474a27bf75ff5_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_efbc24470b6ce457_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_38af51b271b5dce8_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4c1912c4dbd13cbd_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -524,7 +526,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_efbc24470b6ce457_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_4c1912c4dbd13cbd_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -594,7 +596,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_8679f4bc190a1edd_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_75dda8740deb651f_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -664,7 +666,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_8679f4bc190a1edd_EOF
+ GH_AW_MCP_CONFIG_75dda8740deb651f_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-compiler-quality.md b/.github/workflows/daily-compiler-quality.md
index 34894b9f321..459c6005095 100644
--- a/.github/workflows/daily-compiler-quality.md
+++ b/.github/workflows/daily-compiler-quality.md
@@ -16,6 +16,7 @@ imports:
title-prefix: "[daily-compiler-quality] "
expires: 1d
- shared/go-source-analysis.md
+ - shared/observability-otlp.md
tools:
github:
toolsets:
diff --git a/.github/workflows/daily-doc-healer.lock.yml b/.github/workflows/daily-doc-healer.lock.yml
index f64604de324..e534fb5b0f4 100644
--- a/.github/workflows/daily-doc-healer.lock.yml
+++ b/.github/workflows/daily-doc-healer.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"21c1d84ca395bb35e23c479bfddfd547a485a544aeac3e0360a35f232fc0558c","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"98b871682d51c92f5ffbd598dbd9ae807c9c43d108156f71dad5d543374c79b2","strict":true,"agent_id":"claude"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -25,6 +25,7 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/observability-otlp.md
# - shared/qmd.md
# - shared/reporting.md
#
@@ -159,21 +160,21 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_1ab69342d96baba9_EOF'
+ cat << 'GH_AW_PROMPT_95c967626800a7dd_EOF'
- GH_AW_PROMPT_1ab69342d96baba9_EOF
+ GH_AW_PROMPT_95c967626800a7dd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/qmd_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_1ab69342d96baba9_EOF'
+ cat << 'GH_AW_PROMPT_95c967626800a7dd_EOF'
Tools: create_issue, create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_1ab69342d96baba9_EOF
+ GH_AW_PROMPT_95c967626800a7dd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_1ab69342d96baba9_EOF'
+ cat << 'GH_AW_PROMPT_95c967626800a7dd_EOF'
The following GitHub context information is available for this workflow:
@@ -203,9 +204,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_1ab69342d96baba9_EOF
+ GH_AW_PROMPT_95c967626800a7dd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_1ab69342d96baba9_EOF'
+ cat << 'GH_AW_PROMPT_95c967626800a7dd_EOF'
Use the `search` tool to find relevant documentation and content with a natural language request — it queries a local vector database built from the configured collections.
@@ -224,8 +225,9 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-doc-healer.md}}
- GH_AW_PROMPT_1ab69342d96baba9_EOF
+ GH_AW_PROMPT_95c967626800a7dd_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -431,12 +433,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_32a6c560debc7157_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_18cde289993762a9_EOF'
{"create_issue":{"assignees":["copilot"],"expires":72,"labels":["documentation","automation"],"max":1,"title_prefix":"[doc-healer] "},"create_pull_request":{"expires":72,"labels":["documentation","automation"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"title_prefix":"[docs] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_32a6c560debc7157_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_18cde289993762a9_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_eb7a2460b43524d7_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_6fcbcba866f53206_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[doc-healer] \". Labels [\"documentation\" \"automation\"] will be automatically added. Assignees [\"copilot\"] will be automatically assigned.",
@@ -445,8 +447,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_eb7a2460b43524d7_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_60a2ab9836ac2897_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_6fcbcba866f53206_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_5de102351d52b4c4_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -575,7 +577,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_60a2ab9836ac2897_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_5de102351d52b4c4_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -678,7 +680,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_9095aa0893fa6ab9_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_b1c1506c743c5a83_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -729,7 +731,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_9095aa0893fa6ab9_EOF
+ GH_AW_MCP_CONFIG_b1c1506c743c5a83_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-doc-healer.md b/.github/workflows/daily-doc-healer.md
index 426ef4908a9..726bd06cf67 100644
--- a/.github/workflows/daily-doc-healer.md
+++ b/.github/workflows/daily-doc-healer.md
@@ -61,6 +61,7 @@ imports:
- ".git/**"
- "node_modules/**"
context: "gh-aw project documentation, agent definitions, and workflow authoring instructions"
+ - shared/observability-otlp.md
---
{{#runtime-import? .github/shared-instructions.md}}
diff --git a/.github/workflows/daily-doc-updater.lock.yml b/.github/workflows/daily-doc-updater.lock.yml
index 5abfd6ca4b5..39b4d9580b9 100644
--- a/.github/workflows/daily-doc-updater.lock.yml
+++ b/.github/workflows/daily-doc-updater.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"a1465d78a4e7a8e46cce85e9bd2a709b7ef2b3284fcc4d8053b65930f3ce53ba","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"b5d18f082023f045ff5cb2166720dea837a8535604cb8209e52144dd1c1bc4b5","strict":true,"agent_id":"claude"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/github-guard-policy.md
+# - shared/observability-otlp.md
# - shared/qmd.md
#
# Secrets used:
@@ -158,21 +159,21 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_f28225f88d7db532_EOF'
+ cat << 'GH_AW_PROMPT_12e6c0fe9ac0c288_EOF'
- GH_AW_PROMPT_f28225f88d7db532_EOF
+ GH_AW_PROMPT_12e6c0fe9ac0c288_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/qmd_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_f28225f88d7db532_EOF'
+ cat << 'GH_AW_PROMPT_12e6c0fe9ac0c288_EOF'
Tools: create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_f28225f88d7db532_EOF
+ GH_AW_PROMPT_12e6c0fe9ac0c288_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_f28225f88d7db532_EOF'
+ cat << 'GH_AW_PROMPT_12e6c0fe9ac0c288_EOF'
The following GitHub context information is available for this workflow:
@@ -202,9 +203,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_f28225f88d7db532_EOF
+ GH_AW_PROMPT_12e6c0fe9ac0c288_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_f28225f88d7db532_EOF'
+ cat << 'GH_AW_PROMPT_12e6c0fe9ac0c288_EOF'
Use the `search` tool to find relevant documentation and content with a natural language request — it queries a local vector database built from the configured collections.
@@ -223,8 +224,9 @@ jobs:
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-doc-updater.md}}
- GH_AW_PROMPT_f28225f88d7db532_EOF
+ GH_AW_PROMPT_12e6c0fe9ac0c288_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -428,12 +430,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_41022dccbe586db9_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_a2748724b1c64402_EOF'
{"create_pull_request":{"auto_merge":true,"draft":false,"expires":24,"labels":["documentation","automation"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"reviewers":["copilot"],"title_prefix":"[docs] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_41022dccbe586db9_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_a2748724b1c64402_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_eec41f0c533d2037_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_b347db81b8a4a7df_EOF'
{
"description_suffixes": {
"create_pull_request": " CONSTRAINTS: Maximum 1 pull request(s) can be created. Title will be prefixed with \"[docs] \". Labels [\"documentation\" \"automation\"] will be automatically added. Reviewers [\"copilot\"] will be assigned."
@@ -441,8 +443,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_eec41f0c533d2037_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_eaf84f773e8da997_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_b347db81b8a4a7df_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_a07626dfaa602047_EOF'
{
"create_pull_request": {
"defaultMax": 1,
@@ -538,7 +540,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_eaf84f773e8da997_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_a07626dfaa602047_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -639,7 +641,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_eec8b6fe34c3336b_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_6db8770d2fa533f4_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -693,7 +695,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_eec8b6fe34c3336b_EOF
+ GH_AW_MCP_CONFIG_6db8770d2fa533f4_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-doc-updater.md b/.github/workflows/daily-doc-updater.md
index 61f5d1cf35d..13acaa8fe71 100644
--- a/.github/workflows/daily-doc-updater.md
+++ b/.github/workflows/daily-doc-updater.md
@@ -60,6 +60,7 @@ imports:
- ".git/**"
- "node_modules/**"
context: "gh-aw project documentation, agent definitions, and workflow authoring instructions"
+ - shared/observability-otlp.md
---
diff --git a/.github/workflows/daily-fact.lock.yml b/.github/workflows/daily-fact.lock.yml
index 0e34054a38c..66e6bfeac5e 100644
--- a/.github/workflows/daily-fact.lock.yml
+++ b/.github/workflows/daily-fact.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"584de13c02a8664dce1ea494ba45df600775ca47ce22e85195b0ed7949d5a2fd","strict":true,"agent_id":"codex","agent_model":"gpt-5.1-codex-mini"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"f30e2e8af65bbdca1d696a63d2d0fd8c58c5af55f900c07ebf15ad33abd07a2a","strict":true,"agent_id":"codex","agent_model":"gpt-5.1-codex-mini"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Posts a daily poetic verse about the gh-aw project to a discussion thread
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# inlined-imports: true
#
# Secrets used:
@@ -153,14 +157,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_cc8e2378d6df2347_EOF'
+ cat << 'GH_AW_PROMPT_337b05bbd721387f_EOF'
- GH_AW_PROMPT_cc8e2378d6df2347_EOF
+ GH_AW_PROMPT_337b05bbd721387f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_cc8e2378d6df2347_EOF'
+ cat << 'GH_AW_PROMPT_337b05bbd721387f_EOF'
Tools: add_comment, missing_tool, missing_data, noop
@@ -192,10 +196,11 @@ jobs:
{{/if}}
- GH_AW_PROMPT_cc8e2378d6df2347_EOF
+ GH_AW_PROMPT_337b05bbd721387f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_cc8e2378d6df2347_EOF'
+ cat << 'GH_AW_PROMPT_337b05bbd721387f_EOF'
+
{{#runtime-import? .github/shared-instructions.md}}
# Daily Fact About gh-aw
@@ -264,7 +269,7 @@ jobs:
{"noop": {"message": "No action needed: [brief explanation of what was analyzed and why]"}}
```
- GH_AW_PROMPT_cc8e2378d6df2347_EOF
+ GH_AW_PROMPT_337b05bbd721387f_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -439,12 +444,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_3dff72f3a4d05dee_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_74c27d721041c8e1_EOF'
{"add_comment":{"max":1,"target":"4750"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_3dff72f3a4d05dee_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_74c27d721041c8e1_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_ff4081c16e09a1af_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_7b543877d9902e5c_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added. Target: 4750."
@@ -452,8 +457,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_ff4081c16e09a1af_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_990d1527819733e1_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_7b543877d9902e5c_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_aa5491eb57d7f7b6_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -531,7 +536,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_990d1527819733e1_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_aa5491eb57d7f7b6_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -600,7 +605,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_baecbbeef522d057_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_4364ac61d8efeb74_EOF
[history]
persistence = "none"
@@ -627,10 +632,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_baecbbeef522d057_EOF
+ GH_AW_MCP_CONFIG_4364ac61d8efeb74_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_baecbbeef522d057_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_4364ac61d8efeb74_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -670,7 +675,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_baecbbeef522d057_EOF
+ GH_AW_MCP_CONFIG_4364ac61d8efeb74_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-fact.md b/.github/workflows/daily-fact.md
index 6659b41826a..284e56daf73 100644
--- a/.github/workflows/daily-fact.md
+++ b/.github/workflows/daily-fact.md
@@ -35,6 +35,8 @@ safe-outputs:
run-started: "📜 Hark! The muse awakens — [{workflow_name}]({run_url}) begins its verse upon this {event_type}..."
run-success: "✨ Lo! [{workflow_name}]({run_url}) hath woven its tale to completion, like a sonnet finding its final rhyme. 🌟"
run-failure: "🌧️ Alas! [{workflow_name}]({run_url}) {status}, its quill fallen mid-verse. The poem remains unfinished..."
+imports:
+ - shared/observability-otlp.md
---
{{#runtime-import? .github/shared-instructions.md}}
diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml
index 96054bb1876..0aa24ebc80d 100644
--- a/.github/workflows/daily-file-diet.lock.yml
+++ b/.github/workflows/daily-file-diet.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"4b1029f0d52420428bfbf594363bf7f5dfc74f064f37b716c6df07a88fe9d2a8","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"a853c3c3f23a871170c1b64ff3616146c84293975cb868feecd07ae1bf99793c","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -28,6 +28,7 @@
# - shared/activation-app.md
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
+# - shared/observability-otlp.md
# - shared/reporting.md
# - shared/go-source-analysis.md
# - shared/safe-output-app.md
@@ -154,14 +155,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_0e8cbfee3224bdf0_EOF'
+ cat << 'GH_AW_PROMPT_74ebd7103d137dfd_EOF'
- GH_AW_PROMPT_0e8cbfee3224bdf0_EOF
+ GH_AW_PROMPT_74ebd7103d137dfd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_0e8cbfee3224bdf0_EOF'
+ cat << 'GH_AW_PROMPT_74ebd7103d137dfd_EOF'
Tools: create_issue, missing_tool, missing_data, noop
@@ -193,9 +194,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_0e8cbfee3224bdf0_EOF
+ GH_AW_PROMPT_74ebd7103d137dfd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_0e8cbfee3224bdf0_EOF'
+ cat << 'GH_AW_PROMPT_74ebd7103d137dfd_EOF'
## Serena Code Analysis
@@ -231,10 +232,11 @@ jobs:
{{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/go-source-analysis.md}}
{{#runtime-import .github/workflows/shared/safe-output-app.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-file-diet.md}}
- GH_AW_PROMPT_0e8cbfee3224bdf0_EOF
+ GH_AW_PROMPT_74ebd7103d137dfd_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -409,12 +411,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_eb4def2b4fcab3f9_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_c909f763a9b0a9a5_EOF'
{"create_issue":{"expires":48,"labels":["refactoring","code-health","automated-analysis","cookie"],"max":1,"title_prefix":"[file-diet] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_eb4def2b4fcab3f9_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_c909f763a9b0a9a5_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_86874fc1dcac7ed5_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_e3fce21a2531f694_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[file-diet] \". Labels [\"refactoring\" \"code-health\" \"automated-analysis\" \"cookie\"] will be automatically added."
@@ -422,8 +424,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_86874fc1dcac7ed5_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4f4467459368c6cb_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_e3fce21a2531f694_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_e18a6ddbf82b2162_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -516,7 +518,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_4f4467459368c6cb_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_e18a6ddbf82b2162_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -586,7 +588,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_1fb97ead37ab5212_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_03df051bf8d251bc_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -656,7 +658,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_1fb97ead37ab5212_EOF
+ GH_AW_MCP_CONFIG_03df051bf8d251bc_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-file-diet.md b/.github/workflows/daily-file-diet.md
index e1e77ee7df1..16ac249d31b 100644
--- a/.github/workflows/daily-file-diet.md
+++ b/.github/workflows/daily-file-diet.md
@@ -19,6 +19,7 @@ imports:
- shared/activation-app.md
- shared/go-source-analysis.md
- shared/safe-output-app.md
+ - shared/observability-otlp.md
safe-outputs:
create-issue:
diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml
index 3fca43d3651..80f4861642f 100644
--- a/.github/workflows/daily-firewall-report.lock.yml
+++ b/.github/workflows/daily-firewall-report.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"fbf8811b0003d92828ee4d707868f5709839c7d3b6a7bdb1013586afde9a23a0","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"a05a545069bfaa7f5ef536c120ea9d44ab928420e30c926830ca890463a28991","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/daily-audit-discussion.md
+# - shared/observability-otlp.md
# - shared/reporting.md
# - shared/trending-charts-simple.md
#
@@ -160,16 +161,16 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_9e39f0eb14a01e2f_EOF'
+ cat << 'GH_AW_PROMPT_dc33ad2732bb88e4_EOF'
- GH_AW_PROMPT_9e39f0eb14a01e2f_EOF
+ GH_AW_PROMPT_dc33ad2732bb88e4_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_9e39f0eb14a01e2f_EOF'
+ cat << 'GH_AW_PROMPT_dc33ad2732bb88e4_EOF'
Tools: create_discussion, upload_asset, missing_tool, missing_data, noop
@@ -203,14 +204,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_9e39f0eb14a01e2f_EOF
+ GH_AW_PROMPT_dc33ad2732bb88e4_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_9e39f0eb14a01e2f_EOF'
+ cat << 'GH_AW_PROMPT_dc33ad2732bb88e4_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/trending-charts-simple.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-firewall-report.md}}
- GH_AW_PROMPT_9e39f0eb14a01e2f_EOF
+ GH_AW_PROMPT_dc33ad2732bb88e4_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -483,12 +485,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_93524ecb776331ad_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_6f7cacac34b0bc6c_EOF'
{"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[daily-firewall-report] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_93524ecb776331ad_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_6f7cacac34b0bc6c_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_c7b077401c30b078_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_0ff2bbb2cf50d546_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[daily-firewall-report] \". Discussions will be created in category \"audits\".",
@@ -497,8 +499,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_c7b077401c30b078_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_1f14a4ed542c1664_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_0ff2bbb2cf50d546_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_df035a99dde3a023_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -593,7 +595,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_1f14a4ed542c1664_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_df035a99dde3a023_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -667,7 +669,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_b63e8ed128cf6d89_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_27fc485b9177dd4e_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -727,7 +729,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_b63e8ed128cf6d89_EOF
+ GH_AW_MCP_CONFIG_27fc485b9177dd4e_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-firewall-report.md b/.github/workflows/daily-firewall-report.md
index 3e0a804e575..91b16f6d154 100644
--- a/.github/workflows/daily-firewall-report.md
+++ b/.github/workflows/daily-firewall-report.md
@@ -33,6 +33,7 @@ imports:
title-prefix: "[daily-firewall-report] "
- shared/reporting.md
- shared/trending-charts-simple.md
+ - shared/observability-otlp.md
---
{{#runtime-import? .github/shared-instructions.md}}
diff --git a/.github/workflows/daily-function-namer.lock.yml b/.github/workflows/daily-function-namer.lock.yml
index a812674247e..d6bf089b5fb 100644
--- a/.github/workflows/daily-function-namer.lock.yml
+++ b/.github/workflows/daily-function-namer.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"c2f9e23d46f1dfde09d59a77b02f81f89fdb07589210ae0f4944539ad2998f3b","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"e794fc73524932edc2c34e2dc4f908fe6bf3cd373d985d08a5739d2b39bc6372","strict":true,"agent_id":"claude"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -27,6 +27,7 @@
# Imports:
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -157,15 +158,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_8ee9a0c5161129dc_EOF'
+ cat << 'GH_AW_PROMPT_bbaf0a41abe69941_EOF'
- GH_AW_PROMPT_8ee9a0c5161129dc_EOF
+ GH_AW_PROMPT_bbaf0a41abe69941_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_8ee9a0c5161129dc_EOF'
+ cat << 'GH_AW_PROMPT_bbaf0a41abe69941_EOF'
Tools: create_issue, missing_tool, missing_data, noop
@@ -197,9 +198,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_8ee9a0c5161129dc_EOF
+ GH_AW_PROMPT_bbaf0a41abe69941_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_8ee9a0c5161129dc_EOF'
+ cat << 'GH_AW_PROMPT_bbaf0a41abe69941_EOF'
## Serena Code Analysis
@@ -234,8 +235,9 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-function-namer.md}}
- GH_AW_PROMPT_8ee9a0c5161129dc_EOF
+ GH_AW_PROMPT_bbaf0a41abe69941_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -431,12 +433,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_374b4471f5b5ec16_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_b78f75d0195a967a_EOF'
{"create_issue":{"close_older_issues":true,"expires":168,"labels":["refactoring","code-quality","automated-analysis","cookie"],"max":1,"title_prefix":"[function-namer] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_374b4471f5b5ec16_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_b78f75d0195a967a_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_dd8f5fd5bbeca978_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_118e5c958cae477f_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[function-namer] \". Labels [\"refactoring\" \"code-quality\" \"automated-analysis\" \"cookie\"] will be automatically added."
@@ -444,8 +446,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_dd8f5fd5bbeca978_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_01058166c31e3c93_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_118e5c958cae477f_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_2f299e9b04905680_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -538,7 +540,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_01058166c31e3c93_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_2f299e9b04905680_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -607,7 +609,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_5419bcbc3315f546_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_8c2d9b448c03b00c_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -673,7 +675,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_5419bcbc3315f546_EOF
+ GH_AW_MCP_CONFIG_8c2d9b448c03b00c_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-function-namer.md b/.github/workflows/daily-function-namer.md
index d8aea4b3e1b..1fa7995b6e3 100644
--- a/.github/workflows/daily-function-namer.md
+++ b/.github/workflows/daily-function-namer.md
@@ -17,6 +17,7 @@ engine: claude
imports:
- shared/reporting.md
- shared/mcp/serena-go.md
+ - shared/observability-otlp.md
safe-outputs:
create-issue:
diff --git a/.github/workflows/daily-integrity-analysis.lock.yml b/.github/workflows/daily-integrity-analysis.lock.yml
index 901b7fe728f..bbf9d70d799 100644
--- a/.github/workflows/daily-integrity-analysis.lock.yml
+++ b/.github/workflows/daily-integrity-analysis.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"742c1f18b689e7085927e3d4920da0eaebaf97af592e3a6664b4046543694adb","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"456b6592c38d14120e7233536c45a931ee7b22bb5df3603ad26a402ee2b82d14","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/daily-audit-discussion.md
+# - shared/observability-otlp.md
# - shared/python-dataviz.md
# - shared/reporting.md
#
@@ -160,16 +161,16 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_16ee1e8441be5194_EOF'
+ cat << 'GH_AW_PROMPT_8485ecb7248b7ccd_EOF'
- GH_AW_PROMPT_16ee1e8441be5194_EOF
+ GH_AW_PROMPT_8485ecb7248b7ccd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_16ee1e8441be5194_EOF'
+ cat << 'GH_AW_PROMPT_8485ecb7248b7ccd_EOF'
Tools: create_discussion, upload_asset, missing_tool, missing_data, noop
@@ -203,14 +204,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_16ee1e8441be5194_EOF
+ GH_AW_PROMPT_8485ecb7248b7ccd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_16ee1e8441be5194_EOF'
+ cat << 'GH_AW_PROMPT_8485ecb7248b7ccd_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/python-dataviz.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-integrity-analysis.md}}
- GH_AW_PROMPT_16ee1e8441be5194_EOF
+ GH_AW_PROMPT_8485ecb7248b7ccd_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -500,12 +502,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_957be5efcca6e31a_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_69ca74bab4b4d0b8_EOF'
{"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[integrity] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_957be5efcca6e31a_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_69ca74bab4b4d0b8_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_c7b098070178dca8_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_af64f523394d95b4_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[integrity] \". Discussions will be created in category \"audits\".",
@@ -514,8 +516,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_c7b098070178dca8_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_578fcb347771a5ba_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_af64f523394d95b4_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_fa3ebeb52ab7a31b_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -610,7 +612,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_578fcb347771a5ba_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_fa3ebeb52ab7a31b_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -684,7 +686,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_a90c815e7f132927_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_4eff278a31b81ea9_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -744,7 +746,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_a90c815e7f132927_EOF
+ GH_AW_MCP_CONFIG_4eff278a31b81ea9_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-integrity-analysis.md b/.github/workflows/daily-integrity-analysis.md
index c3789028e7e..c6ab6e92393 100644
--- a/.github/workflows/daily-integrity-analysis.md
+++ b/.github/workflows/daily-integrity-analysis.md
@@ -56,6 +56,7 @@ imports:
title-prefix: "[integrity] "
- shared/reporting.md
- shared/python-dataviz.md
+ - shared/observability-otlp.md
---
{{#runtime-import? .github/shared-instructions.md}}
diff --git a/.github/workflows/daily-issues-report.lock.yml b/.github/workflows/daily-issues-report.lock.yml
index f3ab0bc4a3e..a8c11e16283 100644
--- a/.github/workflows/daily-issues-report.lock.yml
+++ b/.github/workflows/daily-issues-report.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"f5e6694456d81c80a192dc0d6719e7e43f4a0a3efb0ad9480463540377dbffc2","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"8516231a314b640ab862c93e2c6dcc35fa1fb117c2a6d0e94e1b8e503a567df1","strict":true,"agent_id":"codex"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -29,6 +29,7 @@
# - shared/github-guard-policy.md
# - shared/issues-data-fetch.md
# - shared/jqschema.md
+# - shared/observability-otlp.md
# - shared/python-dataviz.md
# - shared/python-nlp.md
# - shared/reporting.md
@@ -168,15 +169,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_fc576ddab4a08ad0_EOF'
+ cat << 'GH_AW_PROMPT_125b285c5e74b3a4_EOF'
- GH_AW_PROMPT_fc576ddab4a08ad0_EOF
+ GH_AW_PROMPT_125b285c5e74b3a4_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_fc576ddab4a08ad0_EOF'
+ cat << 'GH_AW_PROMPT_125b285c5e74b3a4_EOF'
Tools: create_discussion, upload_asset, missing_tool, missing_data, noop
@@ -210,9 +211,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_fc576ddab4a08ad0_EOF
+ GH_AW_PROMPT_125b285c5e74b3a4_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_fc576ddab4a08ad0_EOF'
+ cat << 'GH_AW_PROMPT_125b285c5e74b3a4_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
{{#runtime-import .github/workflows/shared/jqschema.md}}
@@ -221,8 +222,9 @@ jobs:
{{#runtime-import .github/workflows/shared/python-nlp.md}}
{{#runtime-import .github/workflows/shared/trends.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-issues-report.md}}
- GH_AW_PROMPT_fc576ddab4a08ad0_EOF
+ GH_AW_PROMPT_125b285c5e74b3a4_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -473,12 +475,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_91a9c2cdfee83056_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_eb30e32167e70790_EOF'
{"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[daily issues] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_91a9c2cdfee83056_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_eb30e32167e70790_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_5e263bd82b33fa26_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_c85df6d4658271b9_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[daily issues] \". Discussions will be created in category \"audits\".",
@@ -487,8 +489,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_5e263bd82b33fa26_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_a2c7016dc777b42f_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_c85df6d4658271b9_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_fcc4d61addc00693_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -583,7 +585,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_a2c7016dc777b42f_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_fcc4d61addc00693_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -653,7 +655,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_f438ec608a786c0f_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_24e9f6beb9953a06_EOF
[history]
persistence = "none"
@@ -680,10 +682,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_f438ec608a786c0f_EOF
+ GH_AW_MCP_CONFIG_24e9f6beb9953a06_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_f438ec608a786c0f_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_24e9f6beb9953a06_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -726,7 +728,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_f438ec608a786c0f_EOF
+ GH_AW_MCP_CONFIG_24e9f6beb9953a06_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-issues-report.md b/.github/workflows/daily-issues-report.md
index ff065c045e4..053fdc0b1af 100644
--- a/.github/workflows/daily-issues-report.md
+++ b/.github/workflows/daily-issues-report.md
@@ -27,6 +27,7 @@ imports:
- shared/python-nlp.md
- shared/trends.md
- shared/reporting.md
+ - shared/observability-otlp.md
---
{{#runtime-import? .github/shared-instructions.md}}
diff --git a/.github/workflows/daily-malicious-code-scan.lock.yml b/.github/workflows/daily-malicious-code-scan.lock.yml
index 3b09230543c..a642c8c544c 100644
--- a/.github/workflows/daily-malicious-code-scan.lock.yml
+++ b/.github/workflows/daily-malicious-code-scan.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"56700867131a6ee6860f7cbb916c96782b4c656bfe5342b4be473da1c3eb0c82","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"99bf3c2b742a1d014a04ec5091af42a1fb844a51172f0f6cb47a9cbec63d509d","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -25,6 +25,7 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -146,14 +147,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_c4c19270fbfbd2c3_EOF'
+ cat << 'GH_AW_PROMPT_8d80ae598b020447_EOF'
- GH_AW_PROMPT_c4c19270fbfbd2c3_EOF
+ GH_AW_PROMPT_8d80ae598b020447_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_c4c19270fbfbd2c3_EOF'
+ cat << 'GH_AW_PROMPT_8d80ae598b020447_EOF'
Tools: create_code_scanning_alert, missing_tool, missing_data, noop
@@ -185,13 +186,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_c4c19270fbfbd2c3_EOF
+ GH_AW_PROMPT_8d80ae598b020447_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_c4c19270fbfbd2c3_EOF'
+ cat << 'GH_AW_PROMPT_8d80ae598b020447_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-malicious-code-scan.md}}
- GH_AW_PROMPT_c4c19270fbfbd2c3_EOF
+ GH_AW_PROMPT_8d80ae598b020447_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -363,19 +365,19 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_3f57fd66abd8fcb1_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_668dc61dba670b02_EOF'
{"create_code_scanning_alert":{"driver":"Malicious Code Scanner"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_3f57fd66abd8fcb1_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_668dc61dba670b02_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_e539d8210e1c0e03_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_9e11ff9f9fa60c3e_EOF'
{
"description_suffixes": {},
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_e539d8210e1c0e03_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_80424a126fcc96a7_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_9e11ff9f9fa60c3e_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_92f7b7883637c48c_EOF'
{
"create_code_scanning_alert": {
"defaultMax": 40,
@@ -476,7 +478,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_80424a126fcc96a7_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_92f7b7883637c48c_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -546,7 +548,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_83683437db802e24_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_ee8fe0a7e100f5e3_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -587,7 +589,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_83683437db802e24_EOF
+ GH_AW_MCP_CONFIG_ee8fe0a7e100f5e3_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-malicious-code-scan.md b/.github/workflows/daily-malicious-code-scan.md
index cc96c77a62c..5e536e6f0d7 100644
--- a/.github/workflows/daily-malicious-code-scan.md
+++ b/.github/workflows/daily-malicious-code-scan.md
@@ -21,6 +21,7 @@ timeout-minutes: 15
strict: true
imports:
- shared/reporting.md
+ - shared/observability-otlp.md
features:
copilot-requests: true
---
diff --git a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
index c927a20f7c3..ff73ccb5bdc 100644
--- a/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
+++ b/.github/workflows/daily-mcp-concurrency-analysis.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"d51b8d96d9850921797379025c171ffa822c629cf8ba79ce11a02b7f334b5706","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"443e99278b63394f838898d7fb51c4d770ca682c4e465fe7812f0a58ef73e0db","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/mcp/serena.md
+# - shared/observability-otlp.md
# - shared/reporting.md
# - shared/safe-output-app.md
#
@@ -150,15 +151,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_49fea30c11e64d47_EOF'
+ cat << 'GH_AW_PROMPT_91d4f7702897584d_EOF'
- GH_AW_PROMPT_49fea30c11e64d47_EOF
+ GH_AW_PROMPT_91d4f7702897584d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_49fea30c11e64d47_EOF'
+ cat << 'GH_AW_PROMPT_91d4f7702897584d_EOF'
Tools: create_issue(max:5), create_agent_session(max:3), missing_tool, missing_data, noop
@@ -190,9 +191,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_49fea30c11e64d47_EOF
+ GH_AW_PROMPT_91d4f7702897584d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_49fea30c11e64d47_EOF'
+ cat << 'GH_AW_PROMPT_91d4f7702897584d_EOF'
## Serena Code Analysis
@@ -227,8 +228,9 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/safe-output-app.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-mcp-concurrency-analysis.md}}
- GH_AW_PROMPT_49fea30c11e64d47_EOF
+ GH_AW_PROMPT_91d4f7702897584d_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -422,12 +424,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_b7d0da6171c7c1de_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_8e6491195d70a59b_EOF'
{"create_agent_session":{"max":3},"create_issue":{"expires":168,"labels":["bug","concurrency","thread-safety","automated-analysis","cookie"],"max":5,"title_prefix":"[concurrency] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_b7d0da6171c7c1de_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_8e6491195d70a59b_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_920a8d2ff9ce85d1_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_8cfba96bf054739e_EOF'
{
"description_suffixes": {
"create_agent_session": " CONSTRAINTS: Maximum 3 agent task(s) can be created.",
@@ -436,8 +438,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_920a8d2ff9ce85d1_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_811f1f82aa7ebce6_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_8cfba96bf054739e_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_078705a8dd5fd190_EOF'
{
"create_agent_session": {
"defaultMax": 1,
@@ -545,7 +547,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_811f1f82aa7ebce6_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_078705a8dd5fd190_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -615,7 +617,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_0491dbbd83e23c4f_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_a20a9c9856769c80_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -685,7 +687,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_0491dbbd83e23c4f_EOF
+ GH_AW_MCP_CONFIG_a20a9c9856769c80_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-mcp-concurrency-analysis.md b/.github/workflows/daily-mcp-concurrency-analysis.md
index bb2493ccd83..9597f00541f 100644
--- a/.github/workflows/daily-mcp-concurrency-analysis.md
+++ b/.github/workflows/daily-mcp-concurrency-analysis.md
@@ -20,6 +20,7 @@ imports:
- uses: shared/mcp/serena.md
with:
languages: ["go", "typescript"]
+ - shared/observability-otlp.md
safe-outputs:
create-issue:
diff --git a/.github/workflows/daily-multi-device-docs-tester.lock.yml b/.github/workflows/daily-multi-device-docs-tester.lock.yml
index fb59da5c998..42a127a917e 100644
--- a/.github/workflows/daily-multi-device-docs-tester.lock.yml
+++ b/.github/workflows/daily-multi-device-docs-tester.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"781c6a76f8e391ab449b872481a401a030ffa0beceb30f1d12587bf1eddda910","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"d2577c6b4aaa777637a8b1214b6e764108c8813f32e154bd59c50c2b9a305b9e","strict":true,"agent_id":"claude"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/docs-server-lifecycle.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -159,15 +160,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_ab78045f0217b928_EOF'
+ cat << 'GH_AW_PROMPT_670d714d818f5af2_EOF'
- GH_AW_PROMPT_ab78045f0217b928_EOF
+ GH_AW_PROMPT_670d714d818f5af2_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/playwright_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_ab78045f0217b928_EOF'
+ cat << 'GH_AW_PROMPT_670d714d818f5af2_EOF'
Tools: create_issue, upload_asset, missing_tool, missing_data, noop
@@ -201,14 +202,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_ab78045f0217b928_EOF
+ GH_AW_PROMPT_670d714d818f5af2_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_ab78045f0217b928_EOF'
+ cat << 'GH_AW_PROMPT_670d714d818f5af2_EOF'
{{#runtime-import .github/workflows/shared/docs-server-lifecycle.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-multi-device-docs-tester.md}}
- GH_AW_PROMPT_ab78045f0217b928_EOF
+ GH_AW_PROMPT_670d714d818f5af2_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -392,12 +394,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_eabf1335442cc61b_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_732bcf318c5a65f2_EOF'
{"create_issue":{"expires":48,"labels":["cookie"],"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_eabf1335442cc61b_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_732bcf318c5a65f2_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_378197b245a05434_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_0f37582222f2d721_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Labels [\"cookie\"] will be automatically added.",
@@ -406,8 +408,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_378197b245a05434_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_5a25d38a6a40888b_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_0f37582222f2d721_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_6e412cdd36a50115_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -509,7 +511,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_5a25d38a6a40888b_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_6e412cdd36a50115_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -582,7 +584,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_dee616c5c06308f2_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_af715ca74493b00b_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -646,7 +648,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_dee616c5c06308f2_EOF
+ GH_AW_MCP_CONFIG_af715ca74493b00b_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-multi-device-docs-tester.md b/.github/workflows/daily-multi-device-docs-tester.md
index ceb2c4aafda..33b72091bed 100644
--- a/.github/workflows/daily-multi-device-docs-tester.md
+++ b/.github/workflows/daily-multi-device-docs-tester.md
@@ -50,6 +50,7 @@ network:
imports:
- shared/docs-server-lifecycle.md
- shared/reporting.md
+ - shared/observability-otlp.md
---
{{#runtime-import? .github/shared-instructions.md}}
diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml
index 358f123c253..b840d662f4e 100644
--- a/.github/workflows/daily-news.lock.yml
+++ b/.github/workflows/daily-news.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"227a3b0acca6202fe3c70cb3e1760b501776141421e142e9967ca71069bcfffe","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"e5a5b641150892d124f84174486a550043df6ceeae82c6f35889b284e7b1e716","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -27,6 +27,7 @@
# Imports:
# - shared/jqschema.md
# - shared/mcp/tavily.md
+# - shared/observability-otlp.md
# - shared/python-dataviz.md
# - shared/repo-memory-standard.md
# - shared/reporting.md
@@ -155,16 +156,16 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_4015f2fb1f511793_EOF'
+ cat << 'GH_AW_PROMPT_11a67f259f9ceffc_EOF'
- GH_AW_PROMPT_4015f2fb1f511793_EOF
+ GH_AW_PROMPT_11a67f259f9ceffc_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_4015f2fb1f511793_EOF'
+ cat << 'GH_AW_PROMPT_11a67f259f9ceffc_EOF'
Tools: create_discussion, upload_asset, missing_tool, missing_data, noop
@@ -198,17 +199,18 @@ jobs:
{{/if}}
- GH_AW_PROMPT_4015f2fb1f511793_EOF
+ GH_AW_PROMPT_11a67f259f9ceffc_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_4015f2fb1f511793_EOF'
+ cat << 'GH_AW_PROMPT_11a67f259f9ceffc_EOF'
{{#runtime-import .github/workflows/shared/mcp/tavily.md}}
{{#runtime-import .github/workflows/shared/jqschema.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/trends.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/shared/python-dataviz.md}}
{{#runtime-import .github/workflows/daily-news.md}}
- GH_AW_PROMPT_4015f2fb1f511793_EOF
+ GH_AW_PROMPT_11a67f259f9ceffc_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -522,12 +524,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_9a8839309d80f8f0_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_2c5b2a75c38cc1f4_EOF'
{"create_discussion":{"category":"daily-news","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":102400,"max_patch_size":10240}]},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_9a8839309d80f8f0_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_2c5b2a75c38cc1f4_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_c2aba505e80a5aac_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_8a7183a0a6378afb_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Discussions will be created in category \"daily-news\".",
@@ -536,8 +538,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_c2aba505e80a5aac_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_bc62dfc4249d6c41_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_8a7183a0a6378afb_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_2a859c1989427e00_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -632,7 +634,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_bc62dfc4249d6c41_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_2a859c1989427e00_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -706,7 +708,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e TAVILY_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_588e060a816eb616_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_46d8067c05e9e47a_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -767,7 +769,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_588e060a816eb616_EOF
+ GH_AW_MCP_CONFIG_46d8067c05e9e47a_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-news.md b/.github/workflows/daily-news.md
index e8a57494329..d747ae8129b 100644
--- a/.github/workflows/daily-news.md
+++ b/.github/workflows/daily-news.md
@@ -284,6 +284,7 @@ imports:
- shared/jqschema.md
- shared/reporting.md
- shared/trends.md
+ - shared/observability-otlp.md
features:
copilot-requests: true
---
diff --git a/.github/workflows/daily-observability-report.lock.yml b/.github/workflows/daily-observability-report.lock.yml
index 284faea13a5..39eef8b3e5a 100644
--- a/.github/workflows/daily-observability-report.lock.yml
+++ b/.github/workflows/daily-observability-report.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"ea41afa4b696c3c5cc10c82b34fc5f00eb694954b3a13f0c7d9faba77d06a8b9","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"6dbc0303a21fefaaf6858ce70a602bbe327bad8cf6dcbbb59bb04ea3012bee14","strict":true,"agent_id":"codex"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/daily-audit-discussion.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -162,15 +163,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_9918efb4f0293c21_EOF'
+ cat << 'GH_AW_PROMPT_b92f962ae162340f_EOF'
- GH_AW_PROMPT_9918efb4f0293c21_EOF
+ GH_AW_PROMPT_b92f962ae162340f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_9918efb4f0293c21_EOF'
+ cat << 'GH_AW_PROMPT_b92f962ae162340f_EOF'
Tools: create_discussion, missing_tool, missing_data, noop
@@ -202,13 +203,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_9918efb4f0293c21_EOF
+ GH_AW_PROMPT_b92f962ae162340f_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_9918efb4f0293c21_EOF'
+ cat << 'GH_AW_PROMPT_b92f962ae162340f_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-observability-report.md}}
- GH_AW_PROMPT_9918efb4f0293c21_EOF
+ GH_AW_PROMPT_b92f962ae162340f_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -440,12 +442,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_c1ff0665465351f3_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_fa3a9806c6cd1602_EOF'
{"create_discussion":{"category":"audits","close_older_discussions":true,"expires":24,"fallback_to_issue":true,"max":1,"title_prefix":"[observability] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_c1ff0665465351f3_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_fa3a9806c6cd1602_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_582a27438ee5bc4c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_ab1b52830265fb0a_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[observability] \". Discussions will be created in category \"audits\"."
@@ -453,8 +455,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_582a27438ee5bc4c_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_09356caaf82a0478_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_ab1b52830265fb0a_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4e890b05b2534ead_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -540,7 +542,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_09356caaf82a0478_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_4e890b05b2534ead_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -610,7 +612,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_3af8d89e5baa648f_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_eb7f5ffb386284ec_EOF
[history]
persistence = "none"
@@ -647,10 +649,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_3af8d89e5baa648f_EOF
+ GH_AW_MCP_CONFIG_eb7f5ffb386284ec_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_3af8d89e5baa648f_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_eb7f5ffb386284ec_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -708,7 +710,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_3af8d89e5baa648f_EOF
+ GH_AW_MCP_CONFIG_eb7f5ffb386284ec_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-observability-report.md b/.github/workflows/daily-observability-report.md
index ce2e3a193eb..b1fad0d1e13 100644
--- a/.github/workflows/daily-observability-report.md
+++ b/.github/workflows/daily-observability-report.md
@@ -21,6 +21,7 @@ imports:
title-prefix: "[observability] "
expires: 1d
- shared/reporting.md
+ - shared/observability-otlp.md
---
{{#runtime-import? .github/shared-instructions.md}}
diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml
index c947a081c3f..44d10b11fe7 100644
--- a/.github/workflows/daily-performance-summary.lock.yml
+++ b/.github/workflows/daily-performance-summary.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"a621794eec4ea444a2232ea160e2f62f02cddd353c45e083ca83a7d2aa62d4ed","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"dab4404a56f9457a90a60a43c9dcc2c8dc713aaf7b665b10545cbc979104bf45","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -27,6 +27,7 @@
# Imports:
# - shared/daily-audit-discussion.md
# - shared/github-queries-mcp-script.md
+# - shared/observability-otlp.md
# - shared/reporting.md
# - shared/trending-charts-simple.md
#
@@ -158,15 +159,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_6af87f0d91a2ac2a_EOF'
+ cat << 'GH_AW_PROMPT_5b05e4c7406199b2_EOF'
- GH_AW_PROMPT_6af87f0d91a2ac2a_EOF
+ GH_AW_PROMPT_5b05e4c7406199b2_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_6af87f0d91a2ac2a_EOF'
+ cat << 'GH_AW_PROMPT_5b05e4c7406199b2_EOF'
Tools: create_discussion, upload_asset, missing_tool, missing_data, noop
@@ -200,15 +201,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_6af87f0d91a2ac2a_EOF
+ GH_AW_PROMPT_5b05e4c7406199b2_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_6af87f0d91a2ac2a_EOF'
+ cat << 'GH_AW_PROMPT_5b05e4c7406199b2_EOF'
{{#runtime-import .github/workflows/shared/github-queries-mcp-script.md}}
{{#runtime-import .github/workflows/shared/trending-charts-simple.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-performance-summary.md}}
- GH_AW_PROMPT_6af87f0d91a2ac2a_EOF
+ GH_AW_PROMPT_5b05e4c7406199b2_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -428,12 +430,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_57e5e7099fb07f41_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_14c8919bc7f7ffd0_EOF'
{"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[daily performance] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_57e5e7099fb07f41_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_14c8919bc7f7ffd0_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_31dc5cae102e00a4_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_a1b662526485f785_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[daily performance] \". Discussions will be created in category \"audits\".",
@@ -442,8 +444,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_31dc5cae102e00a4_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_448a82e2da6c1a75_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_a1b662526485f785_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_e985e4fe3c201e39_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -538,7 +540,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_448a82e2da6c1a75_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_e985e4fe3c201e39_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -583,7 +585,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_53d0ff822d645d78_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_27c89a4e7bb71937_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -677,8 +679,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_53d0ff822d645d78_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_77fa012545de5d9d_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_27c89a4e7bb71937_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_b6c1a29ccb77cf9d_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -692,12 +694,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_77fa012545de5d9d_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_b6c1a29ccb77cf9d_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_2a3b866b5b422095_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_e556a7482a45cf49_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -832,9 +834,9 @@ jobs:
EOF
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_2a3b866b5b422095_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_e556a7482a45cf49_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_4660ab3170de19fe_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_1ff7a6306e63ec25_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -913,9 +915,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_4660ab3170de19fe_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_1ff7a6306e63ec25_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_b5c022aedeae4827_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_8d2b2abcea78dfac_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1000,7 +1002,7 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_b5c022aedeae4827_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_8d2b2abcea78dfac_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh
- name: Generate MCP Scripts Server Config
@@ -1070,7 +1072,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_d1eb31902b227a1b_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_774ed74319e648f5_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -1125,7 +1127,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_d1eb31902b227a1b_EOF
+ GH_AW_MCP_CONFIG_774ed74319e648f5_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-performance-summary.md b/.github/workflows/daily-performance-summary.md
index 802e283e27e..cb92d7d2687 100644
--- a/.github/workflows/daily-performance-summary.md
+++ b/.github/workflows/daily-performance-summary.md
@@ -25,6 +25,7 @@ imports:
- shared/github-queries-mcp-script.md
- shared/trending-charts-simple.md
- shared/reporting.md
+ - shared/observability-otlp.md
---
{{#runtime-import? .github/shared-instructions.md}}
diff --git a/.github/workflows/daily-regulatory.lock.yml b/.github/workflows/daily-regulatory.lock.yml
index 887c6b04b67..3d9c83e16d7 100644
--- a/.github/workflows/daily-regulatory.lock.yml
+++ b/.github/workflows/daily-regulatory.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"91ca236109ec8ec97462f8dfe7c174b40a308597b624242a73ba33dac2920336","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"404faf333dea58c0580ea8f2138d28d97575e347c489f6324975cb73af3d2773","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -27,6 +27,7 @@
# Imports:
# - shared/daily-audit-discussion.md
# - shared/github-queries-mcp-script.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -154,14 +155,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_a3046424045ded49_EOF'
+ cat << 'GH_AW_PROMPT_e64dfe0e7f6a5dab_EOF'
- GH_AW_PROMPT_a3046424045ded49_EOF
+ GH_AW_PROMPT_e64dfe0e7f6a5dab_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_a3046424045ded49_EOF'
+ cat << 'GH_AW_PROMPT_e64dfe0e7f6a5dab_EOF'
Tools: create_discussion, missing_tool, missing_data, noop
@@ -193,14 +194,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_a3046424045ded49_EOF
+ GH_AW_PROMPT_e64dfe0e7f6a5dab_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_a3046424045ded49_EOF'
+ cat << 'GH_AW_PROMPT_e64dfe0e7f6a5dab_EOF'
{{#runtime-import .github/workflows/shared/github-queries-mcp-script.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-regulatory.md}}
- GH_AW_PROMPT_a3046424045ded49_EOF
+ GH_AW_PROMPT_e64dfe0e7f6a5dab_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -374,12 +376,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_58fd394c103b496a_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_fae3346f1fa99c6d_EOF'
{"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[daily regulatory] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_58fd394c103b496a_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_fae3346f1fa99c6d_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_048e15a3fa3ead1a_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_30c5ccd91ee807c4_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[daily regulatory] \". Discussions will be created in category \"audits\"."
@@ -387,8 +389,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_048e15a3fa3ead1a_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_2f95d84c184309be_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_30c5ccd91ee807c4_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4f857a10bc4ccc58_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -474,7 +476,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_2f95d84c184309be_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_4f857a10bc4ccc58_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -519,7 +521,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_329eb8710ea467bc_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_6a740196e20fcf86_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -613,8 +615,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_329eb8710ea467bc_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_2d030430dd89511e_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_6a740196e20fcf86_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_e8a923a1f948e2bb_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -628,12 +630,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_2d030430dd89511e_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_e8a923a1f948e2bb_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_b29271a65eb1688b_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_bd3de02d3c712c90_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -768,9 +770,9 @@ jobs:
EOF
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_b29271a65eb1688b_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_bd3de02d3c712c90_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_7682ba0b7e4187d2_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_88358fece644cf9e_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -849,9 +851,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_7682ba0b7e4187d2_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_88358fece644cf9e_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_070b29724a01d400_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_ae4124d66cdcc242_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -936,7 +938,7 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_070b29724a01d400_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_ae4124d66cdcc242_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh
- name: Generate MCP Scripts Server Config
@@ -1003,7 +1005,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_39191bed09b411d6_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_f90e41e7831b7941_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -1058,7 +1060,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_39191bed09b411d6_EOF
+ GH_AW_MCP_CONFIG_f90e41e7831b7941_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-regulatory.md b/.github/workflows/daily-regulatory.md
index ddcfed84ece..f7c225ea64d 100644
--- a/.github/workflows/daily-regulatory.md
+++ b/.github/workflows/daily-regulatory.md
@@ -24,6 +24,7 @@ imports:
title-prefix: "[daily regulatory] "
- shared/github-queries-mcp-script.md
- shared/reporting.md
+ - shared/observability-otlp.md
---
{{#runtime-import? .github/shared-instructions.md}}
diff --git a/.github/workflows/daily-rendering-scripts-verifier.lock.yml b/.github/workflows/daily-rendering-scripts-verifier.lock.yml
index 1b1e7e71dc2..1166c7ac8a3 100644
--- a/.github/workflows/daily-rendering-scripts-verifier.lock.yml
+++ b/.github/workflows/daily-rendering-scripts-verifier.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"e83213cb560f5219f2e59efc98dffe9b3dbee56b617882e1948b04ba4a2f5690","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"f5cabce20f980a3560973a0d362fbd67a2c7a4b79e28e90113f6993122b6c55c","strict":true,"agent_id":"claude"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/activation-app.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -164,21 +165,21 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_526dda5557e006b5_EOF'
+ cat << 'GH_AW_PROMPT_9a59c9d553bcfb53_EOF'
- GH_AW_PROMPT_526dda5557e006b5_EOF
+ GH_AW_PROMPT_9a59c9d553bcfb53_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_526dda5557e006b5_EOF'
+ cat << 'GH_AW_PROMPT_9a59c9d553bcfb53_EOF'
Tools: create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_526dda5557e006b5_EOF
+ GH_AW_PROMPT_9a59c9d553bcfb53_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_526dda5557e006b5_EOF'
+ cat << 'GH_AW_PROMPT_9a59c9d553bcfb53_EOF'
The following GitHub context information is available for this workflow:
@@ -208,14 +209,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_526dda5557e006b5_EOF
+ GH_AW_PROMPT_9a59c9d553bcfb53_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_526dda5557e006b5_EOF'
+ cat << 'GH_AW_PROMPT_9a59c9d553bcfb53_EOF'
{{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-rendering-scripts-verifier.md}}
- GH_AW_PROMPT_526dda5557e006b5_EOF
+ GH_AW_PROMPT_9a59c9d553bcfb53_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -467,12 +469,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_a3cb3e04d3179752_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_6c83a6cd7e223800_EOF'
{"create_pull_request":{"expires":72,"labels":["rendering","javascript","automated-fix"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"reviewers":["copilot"],"title_prefix":"[rendering-scripts] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_a3cb3e04d3179752_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_6c83a6cd7e223800_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_9bc7633ab1dc624d_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_529db7ba629c5ad8_EOF'
{
"description_suffixes": {
"create_pull_request": " CONSTRAINTS: Maximum 1 pull request(s) can be created. Title will be prefixed with \"[rendering-scripts] \". Labels [\"rendering\" \"javascript\" \"automated-fix\"] will be automatically added. Reviewers [\"copilot\"] will be assigned."
@@ -480,8 +482,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_9bc7633ab1dc624d_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_fa899dda4501d478_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_529db7ba629c5ad8_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_f3caa4a2ff4166a7_EOF'
{
"create_pull_request": {
"defaultMax": 1,
@@ -577,7 +579,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_fa899dda4501d478_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_f3caa4a2ff4166a7_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -647,7 +649,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_0d1f10a17b7edb5f_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_85d06abb6d6eb447_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -705,7 +707,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_0d1f10a17b7edb5f_EOF
+ GH_AW_MCP_CONFIG_85d06abb6d6eb447_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-rendering-scripts-verifier.md b/.github/workflows/daily-rendering-scripts-verifier.md
index 66da4700700..e2ff5b02ed4 100644
--- a/.github/workflows/daily-rendering-scripts-verifier.md
+++ b/.github/workflows/daily-rendering-scripts-verifier.md
@@ -47,6 +47,7 @@ timeout-minutes: 30
imports:
- shared/activation-app.md
- shared/reporting.md
+ - shared/observability-otlp.md
---
# Daily Rendering Scripts Verifier
diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml
index feb4f7493da..33e2601cf0a 100644
--- a/.github/workflows/daily-repo-chronicle.lock.yml
+++ b/.github/workflows/daily-repo-chronicle.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"7a4cb9e21443c71747cd86a5fb431f6b20a9cb3196faabd9512daaff8691e9c7","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"f9ee8487bf0d663497861fc5eed8fa3489a91997b768364e277317c6566fed62","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -25,6 +25,7 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/observability-otlp.md
# - shared/python-dataviz.md
# - shared/reporting.md
# - shared/trends.md
@@ -150,15 +151,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_d2761a38a82f28a8_EOF'
+ cat << 'GH_AW_PROMPT_1e6a53c665277548_EOF'
- GH_AW_PROMPT_d2761a38a82f28a8_EOF
+ GH_AW_PROMPT_1e6a53c665277548_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_d2761a38a82f28a8_EOF'
+ cat << 'GH_AW_PROMPT_1e6a53c665277548_EOF'
Tools: create_discussion, upload_asset, missing_tool, missing_data, noop
@@ -192,15 +193,16 @@ jobs:
{{/if}}
- GH_AW_PROMPT_d2761a38a82f28a8_EOF
+ GH_AW_PROMPT_1e6a53c665277548_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_d2761a38a82f28a8_EOF'
+ cat << 'GH_AW_PROMPT_1e6a53c665277548_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/trends.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/shared/python-dataviz.md}}
{{#runtime-import .github/workflows/daily-repo-chronicle.md}}
- GH_AW_PROMPT_d2761a38a82f28a8_EOF
+ GH_AW_PROMPT_1e6a53c665277548_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -421,12 +423,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_6519cf5d129bd3d3_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_7c0255a00d75f76e_EOF'
{"create_discussion":{"category":"announcements","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"📰 "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"upload_asset":{"allowed-exts":[".png",".jpg",".jpeg"],"branch":"assets/${{ github.workflow }}","max-size":10240}}
- GH_AW_SAFE_OUTPUTS_CONFIG_6519cf5d129bd3d3_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_7c0255a00d75f76e_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_98afed21fb93b2de_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_8e7d1b8b1d7cb9a1_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"📰 \". Discussions will be created in category \"announcements\".",
@@ -435,8 +437,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_98afed21fb93b2de_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_03207de36e5fa32c_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_8e7d1b8b1d7cb9a1_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_d62c679065522ced_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -531,7 +533,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_03207de36e5fa32c_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_d62c679065522ced_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -604,7 +606,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_ac24495438e56c9e_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_4816ef464bc6f7a9_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -645,7 +647,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_ac24495438e56c9e_EOF
+ GH_AW_MCP_CONFIG_4816ef464bc6f7a9_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-repo-chronicle.md b/.github/workflows/daily-repo-chronicle.md
index 9011c911ded..a5342a2e144 100644
--- a/.github/workflows/daily-repo-chronicle.md
+++ b/.github/workflows/daily-repo-chronicle.md
@@ -39,6 +39,7 @@ safe-outputs:
imports:
- shared/reporting.md
- shared/trends.md
+ - shared/observability-otlp.md
features:
copilot-requests: true
---
diff --git a/.github/workflows/daily-safe-output-integrator.lock.yml b/.github/workflows/daily-safe-output-integrator.lock.yml
index 2fddd361bf9..51e478de403 100644
--- a/.github/workflows/daily-safe-output-integrator.lock.yml
+++ b/.github/workflows/daily-safe-output-integrator.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"e660fcd7bf3e697c17a0b2bf6e56096e9a2f2d931146e9e0291031fba72bf841","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"08e167ca90652a29f4e7139b7523f1f0c9f08cf80e647551878530b5b6849300","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -25,6 +25,7 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -146,19 +147,19 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_de84013d0b3384a0_EOF'
+ cat << 'GH_AW_PROMPT_bb6479b6d3099a86_EOF'
- GH_AW_PROMPT_de84013d0b3384a0_EOF
+ GH_AW_PROMPT_bb6479b6d3099a86_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_de84013d0b3384a0_EOF'
+ cat << 'GH_AW_PROMPT_bb6479b6d3099a86_EOF'
Tools: create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_de84013d0b3384a0_EOF
+ GH_AW_PROMPT_bb6479b6d3099a86_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_de84013d0b3384a0_EOF'
+ cat << 'GH_AW_PROMPT_bb6479b6d3099a86_EOF'
The following GitHub context information is available for this workflow:
@@ -188,13 +189,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_de84013d0b3384a0_EOF
+ GH_AW_PROMPT_bb6479b6d3099a86_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_de84013d0b3384a0_EOF'
+ cat << 'GH_AW_PROMPT_bb6479b6d3099a86_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-safe-output-integrator.md}}
- GH_AW_PROMPT_de84013d0b3384a0_EOF
+ GH_AW_PROMPT_bb6479b6d3099a86_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -367,12 +369,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_67b895e1a43c63ca_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_39cbc96e6913a3cf_EOF'
{"create_pull_request":{"draft":false,"expires":72,"labels":["safe-outputs","testing","automation"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"title_prefix":"[safe-output-integrator] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_67b895e1a43c63ca_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_39cbc96e6913a3cf_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_3d53137d84b48ec1_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_62bba9c03037abe1_EOF'
{
"description_suffixes": {
"create_pull_request": " CONSTRAINTS: Maximum 1 pull request(s) can be created. Title will be prefixed with \"[safe-output-integrator] \". Labels [\"safe-outputs\" \"testing\" \"automation\"] will be automatically added."
@@ -380,8 +382,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_3d53137d84b48ec1_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_26b1c8bedd9bdd76_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_62bba9c03037abe1_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_63e9a9f02408876e_EOF'
{
"create_pull_request": {
"defaultMax": 1,
@@ -477,7 +479,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_26b1c8bedd9bdd76_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_63e9a9f02408876e_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -547,7 +549,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_904546420bba2ac6_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_f8467d766042b7c1_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -588,7 +590,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_904546420bba2ac6_EOF
+ GH_AW_MCP_CONFIG_f8467d766042b7c1_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-safe-output-integrator.md b/.github/workflows/daily-safe-output-integrator.md
index c6e9ce9a3f9..094caff2cb0 100644
--- a/.github/workflows/daily-safe-output-integrator.md
+++ b/.github/workflows/daily-safe-output-integrator.md
@@ -44,6 +44,7 @@ timeout-minutes: 20
imports:
- shared/reporting.md
+ - shared/observability-otlp.md
features:
copilot-requests: true
diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml
index 9468bd8752b..5ab423722bd 100644
--- a/.github/workflows/daily-safe-output-optimizer.lock.yml
+++ b/.github/workflows/daily-safe-output-optimizer.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"bc15e125f7a0917d9dfbff47345821409216d8fe1f9c1bd55a3a19c2b285ca69","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"6223b54672ea58a836fa9ed9dd01f8b4096242e9a8a226852c5b2ed701a64afb","strict":true,"agent_id":"claude"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -28,6 +28,7 @@
# - shared/activation-app.md
# - shared/aw-logs-24h-fetch.md
# - shared/jqschema.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -165,16 +166,16 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_3eaddc06a6eaf30b_EOF'
+ cat << 'GH_AW_PROMPT_8e3fc43c72da1991_EOF'
- GH_AW_PROMPT_3eaddc06a6eaf30b_EOF
+ GH_AW_PROMPT_8e3fc43c72da1991_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_3eaddc06a6eaf30b_EOF'
+ cat << 'GH_AW_PROMPT_8e3fc43c72da1991_EOF'
Tools: create_issue, missing_tool, missing_data, noop
@@ -206,16 +207,17 @@ jobs:
{{/if}}
- GH_AW_PROMPT_3eaddc06a6eaf30b_EOF
+ GH_AW_PROMPT_8e3fc43c72da1991_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_3eaddc06a6eaf30b_EOF'
+ cat << 'GH_AW_PROMPT_8e3fc43c72da1991_EOF'
{{#runtime-import .github/workflows/shared/aw-logs-24h-fetch.md}}
{{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/jqschema.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-safe-output-optimizer.md}}
- GH_AW_PROMPT_3eaddc06a6eaf30b_EOF
+ GH_AW_PROMPT_8e3fc43c72da1991_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -473,12 +475,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_c435036ebc100641_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_5d9f5ed8aec4bf8f_EOF'
{"create_issue":{"expires":48,"labels":["bug","safe-outputs","tool-improvement","automated-analysis","cookie"],"max":1,"title_prefix":"[safeoutputs] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_c435036ebc100641_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_5d9f5ed8aec4bf8f_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_dab7b846e2d13ab4_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_4613f812d4b39b18_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[safeoutputs] \". Labels [\"bug\" \"safe-outputs\" \"tool-improvement\" \"automated-analysis\" \"cookie\"] will be automatically added."
@@ -486,8 +488,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_dab7b846e2d13ab4_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_f17c6106ff2807c4_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_4613f812d4b39b18_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_941eb0046a573e11_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -580,7 +582,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_f17c6106ff2807c4_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_941eb0046a573e11_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -650,7 +652,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_f1008ce58891551c_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_ebf5d7a8a97ed4b0_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -708,7 +710,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_f1008ce58891551c_EOF
+ GH_AW_MCP_CONFIG_ebf5d7a8a97ed4b0_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-safe-output-optimizer.md b/.github/workflows/daily-safe-output-optimizer.md
index 42136e506b0..8cefbc5ab6c 100644
--- a/.github/workflows/daily-safe-output-optimizer.md
+++ b/.github/workflows/daily-safe-output-optimizer.md
@@ -28,6 +28,7 @@ imports:
- shared/activation-app.md
- shared/jqschema.md
- shared/reporting.md
+ - shared/observability-otlp.md
---
# Safe Output Tool Optimizer
diff --git a/.github/workflows/daily-safe-outputs-conformance.lock.yml b/.github/workflows/daily-safe-outputs-conformance.lock.yml
index 6a2697876ba..7c9637b1f7d 100644
--- a/.github/workflows/daily-safe-outputs-conformance.lock.yml
+++ b/.github/workflows/daily-safe-outputs-conformance.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"21aed5a790b18a69e43b11e8b77c34a541af72fe195f21731240765cc3554c83","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"749d6ba072cc58f77c11c4c62b9a955fd7642a3cdf11286abdde0c9d3ea67218","strict":true,"agent_id":"claude"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -25,6 +25,7 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -153,14 +154,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_c069bb792896c379_EOF'
+ cat << 'GH_AW_PROMPT_d9ad8372c043560d_EOF'
- GH_AW_PROMPT_c069bb792896c379_EOF
+ GH_AW_PROMPT_d9ad8372c043560d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_c069bb792896c379_EOF'
+ cat << 'GH_AW_PROMPT_d9ad8372c043560d_EOF'
Tools: create_issue(max:10), missing_tool, missing_data, noop
@@ -192,13 +193,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_c069bb792896c379_EOF
+ GH_AW_PROMPT_d9ad8372c043560d_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_c069bb792896c379_EOF'
+ cat << 'GH_AW_PROMPT_d9ad8372c043560d_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-safe-outputs-conformance.md}}
- GH_AW_PROMPT_c069bb792896c379_EOF
+ GH_AW_PROMPT_d9ad8372c043560d_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -371,12 +373,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_2b2d5b0e4ecf20c5_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_fad159bd689bfc0c_EOF'
{"create_issue":{"close_older_issues":true,"expires":24,"labels":["safe-outputs","conformance","automated"],"max":10,"title_prefix":"[Safe Outputs Conformance] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_2b2d5b0e4ecf20c5_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_fad159bd689bfc0c_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_b7925f5906987bd3_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_261fee3e4e3c2fbb_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 10 issue(s) can be created. Title will be prefixed with \"[Safe Outputs Conformance] \". Labels [\"safe-outputs\" \"conformance\" \"automated\"] will be automatically added."
@@ -384,8 +386,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_b7925f5906987bd3_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_3b8062ffb13b15c7_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_261fee3e4e3c2fbb_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_eba60835f28acdb0_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -478,7 +480,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_3b8062ffb13b15c7_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_eba60835f28acdb0_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -547,7 +549,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_ed0c97f560af7ab9_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_0824983d31f8ee71_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -587,7 +589,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_ed0c97f560af7ab9_EOF
+ GH_AW_MCP_CONFIG_0824983d31f8ee71_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-safe-outputs-conformance.md b/.github/workflows/daily-safe-outputs-conformance.md
index 446552d09f0..b6b89917521 100644
--- a/.github/workflows/daily-safe-outputs-conformance.md
+++ b/.github/workflows/daily-safe-outputs-conformance.md
@@ -23,6 +23,7 @@ safe-outputs:
timeout-minutes: 20
imports:
- shared/reporting.md
+ - shared/observability-otlp.md
---
# Daily Safe Outputs Conformance Checker
diff --git a/.github/workflows/daily-secrets-analysis.lock.yml b/.github/workflows/daily-secrets-analysis.lock.yml
index df26bd049e2..897385dd717 100644
--- a/.github/workflows/daily-secrets-analysis.lock.yml
+++ b/.github/workflows/daily-secrets-analysis.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"7aebadaac11daf98f64b879188cde14055833b2307475117db148aad38bf4bd3","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"72e1d0cd291b3e93720c1ad9821e35e72edc3fba2843098e184493463dd11fe1","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/daily-audit-discussion.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -146,14 +147,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_2453b46ee120bf84_EOF'
+ cat << 'GH_AW_PROMPT_87d8c689dc4bb2c1_EOF'
- GH_AW_PROMPT_2453b46ee120bf84_EOF
+ GH_AW_PROMPT_87d8c689dc4bb2c1_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_2453b46ee120bf84_EOF'
+ cat << 'GH_AW_PROMPT_87d8c689dc4bb2c1_EOF'
Tools: create_discussion, missing_tool, missing_data, noop
@@ -185,13 +186,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_2453b46ee120bf84_EOF
+ GH_AW_PROMPT_87d8c689dc4bb2c1_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_2453b46ee120bf84_EOF'
+ cat << 'GH_AW_PROMPT_87d8c689dc4bb2c1_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-secrets-analysis.md}}
- GH_AW_PROMPT_2453b46ee120bf84_EOF
+ GH_AW_PROMPT_87d8c689dc4bb2c1_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -365,12 +367,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_7d16d52e5dd2414c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_2ea5ffd27bc5b6c6_EOF'
{"create_discussion":{"category":"audits","close_older_discussions":true,"expires":72,"fallback_to_issue":true,"max":1,"title_prefix":"[daily secrets] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_7d16d52e5dd2414c_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_2ea5ffd27bc5b6c6_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_deb5590209c9ad7e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_5264e183b3c4cd8b_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[daily secrets] \". Discussions will be created in category \"audits\"."
@@ -378,8 +380,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_deb5590209c9ad7e_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_12c9b8c4c6e0e5ab_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_5264e183b3c4cd8b_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4afd30c402c69c45_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -465,7 +467,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_12c9b8c4c6e0e5ab_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_4afd30c402c69c45_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -535,7 +537,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_b987c38bcb160a34_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_e2a7f6db8ddbbdcb_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -576,7 +578,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_b987c38bcb160a34_EOF
+ GH_AW_MCP_CONFIG_e2a7f6db8ddbbdcb_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-secrets-analysis.md b/.github/workflows/daily-secrets-analysis.md
index b43ff7c02bb..964d57b0ba9 100644
--- a/.github/workflows/daily-secrets-analysis.md
+++ b/.github/workflows/daily-secrets-analysis.md
@@ -21,6 +21,7 @@ imports:
with:
title-prefix: "[daily secrets] "
- shared/reporting.md
+ - shared/observability-otlp.md
features:
copilot-requests: true
---
diff --git a/.github/workflows/daily-security-red-team.lock.yml b/.github/workflows/daily-security-red-team.lock.yml
index 74f188525c3..6d05097abad 100644
--- a/.github/workflows/daily-security-red-team.lock.yml
+++ b/.github/workflows/daily-security-red-team.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"faae0c6b8934d1bddba33b3806bb7a6af5f34053fc5d210772b64dbf26c2baa0","strict":true,"agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"87251f5881eb7fdb58ffb6272f689651f7482818ea5a18e2c74afdd8c7b23eed","strict":true,"agent_id":"claude"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -25,6 +25,7 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -154,14 +155,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_1f62c90084524662_EOF'
+ cat << 'GH_AW_PROMPT_35deb2bba078eb48_EOF'
- GH_AW_PROMPT_1f62c90084524662_EOF
+ GH_AW_PROMPT_35deb2bba078eb48_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_1f62c90084524662_EOF'
+ cat << 'GH_AW_PROMPT_35deb2bba078eb48_EOF'
Tools: create_issue(max:5), missing_tool, missing_data, noop
@@ -193,13 +194,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_1f62c90084524662_EOF
+ GH_AW_PROMPT_35deb2bba078eb48_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_1f62c90084524662_EOF'
+ cat << 'GH_AW_PROMPT_35deb2bba078eb48_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-security-red-team.md}}
- GH_AW_PROMPT_1f62c90084524662_EOF
+ GH_AW_PROMPT_35deb2bba078eb48_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -375,12 +377,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_2b5777a73bf48fe7_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_069f8fff8c060cef_EOF'
{"create_issue":{"labels":["security","red-team"],"max":5,"title_prefix":"🚨 [SECURITY]"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_2b5777a73bf48fe7_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_069f8fff8c060cef_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_b65e0a0dbaae3976_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_aabc56ce6dbbd204_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 5 issue(s) can be created. Title will be prefixed with \"🚨 [SECURITY]\". Labels [\"security\" \"red-team\"] will be automatically added."
@@ -388,8 +390,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_b65e0a0dbaae3976_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_573672e1d07ef13b_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_aabc56ce6dbbd204_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_bb5f9cd90e49f125_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -482,7 +484,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_573672e1d07ef13b_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_bb5f9cd90e49f125_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -551,7 +553,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_1d39cb685714b3c4_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_b8c57948efc3d62f_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -591,7 +593,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_1d39cb685714b3c4_EOF
+ GH_AW_MCP_CONFIG_b8c57948efc3d62f_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-security-red-team.md b/.github/workflows/daily-security-red-team.md
index 23a6edcf744..44469240056 100644
--- a/.github/workflows/daily-security-red-team.md
+++ b/.github/workflows/daily-security-red-team.md
@@ -22,6 +22,7 @@ safe-outputs:
timeout-minutes: 60
imports:
- shared/reporting.md
+ - shared/observability-otlp.md
---
# Daily Security Red Team Agent
diff --git a/.github/workflows/daily-semgrep-scan.lock.yml b/.github/workflows/daily-semgrep-scan.lock.yml
index 1a7b6131b20..19d14f5e973 100644
--- a/.github/workflows/daily-semgrep-scan.lock.yml
+++ b/.github/workflows/daily-semgrep-scan.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"7a5a221735702a7991fbde05fac553787d4cfc4450c09c4962ab14031c99a869","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"382d6fe3b41415b5cae993c2cc5b6ffb80c2e51b44a1c615efc69bf6dcd5ad7b","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/mcp/semgrep.md
+# - shared/observability-otlp.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -153,14 +154,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_aa01c2ddd1b8dc63_EOF'
+ cat << 'GH_AW_PROMPT_32e04e4234604bc5_EOF'
- GH_AW_PROMPT_aa01c2ddd1b8dc63_EOF
+ GH_AW_PROMPT_32e04e4234604bc5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_aa01c2ddd1b8dc63_EOF'
+ cat << 'GH_AW_PROMPT_32e04e4234604bc5_EOF'
Tools: create_code_scanning_alert, missing_tool, missing_data, noop
@@ -192,13 +193,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_aa01c2ddd1b8dc63_EOF
+ GH_AW_PROMPT_32e04e4234604bc5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_aa01c2ddd1b8dc63_EOF'
+ cat << 'GH_AW_PROMPT_32e04e4234604bc5_EOF'
{{#runtime-import .github/workflows/shared/mcp/semgrep.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-semgrep-scan.md}}
- GH_AW_PROMPT_aa01c2ddd1b8dc63_EOF
+ GH_AW_PROMPT_32e04e4234604bc5_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -369,19 +371,19 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_ee348d72a02913fe_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_4538ee8e5f9bedcb_EOF'
{"create_code_scanning_alert":{"driver":"Semgrep Security Scanner"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_ee348d72a02913fe_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_4538ee8e5f9bedcb_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_f1b9323d40d62a6d_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_a91e05e3042af688_EOF'
{
"description_suffixes": {},
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_f1b9323d40d62a6d_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_b1e0ebbd8fd89174_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_a91e05e3042af688_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_29c42c8afa19a9ca_EOF'
{
"create_code_scanning_alert": {
"defaultMax": 40,
@@ -482,7 +484,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_b1e0ebbd8fd89174_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_29c42c8afa19a9ca_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -552,7 +554,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_1b17b4ed5633b171_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_f7d6b4adf1210b9f_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -613,7 +615,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_1b17b4ed5633b171_EOF
+ GH_AW_MCP_CONFIG_f7d6b4adf1210b9f_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-semgrep-scan.md b/.github/workflows/daily-semgrep-scan.md
index 77e25383190..e862aaf43e7 100644
--- a/.github/workflows/daily-semgrep-scan.md
+++ b/.github/workflows/daily-semgrep-scan.md
@@ -3,6 +3,7 @@ description: Daily Semgrep security scan for SQL injection and other vulnerabili
name: Daily Semgrep Scan
imports:
- shared/mcp/semgrep.md
+ - shared/observability-otlp.md
on:
schedule: daily
workflow_dispatch:
diff --git a/.github/workflows/daily-syntax-error-quality.lock.yml b/.github/workflows/daily-syntax-error-quality.lock.yml
index 831aaf9a2ec..83099366950 100644
--- a/.github/workflows/daily-syntax-error-quality.lock.yml
+++ b/.github/workflows/daily-syntax-error-quality.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"474cbbcb1215a205651a5382f361c8c135e886ef171fdac0a000ddfa405f51c9","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"0c93874c181cdd6df0a5cc4b6fbd95ce143efbc10cdc39240ce0b3d29ea81c8c","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -25,6 +25,7 @@
#
# Resolved workflow manifest:
# Imports:
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -145,14 +146,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_d2c6ca204f616938_EOF'
+ cat << 'GH_AW_PROMPT_b38712c0f975a468_EOF'
- GH_AW_PROMPT_d2c6ca204f616938_EOF
+ GH_AW_PROMPT_b38712c0f975a468_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_d2c6ca204f616938_EOF'
+ cat << 'GH_AW_PROMPT_b38712c0f975a468_EOF'
Tools: create_issue, missing_tool, missing_data, noop
@@ -184,13 +185,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_d2c6ca204f616938_EOF
+ GH_AW_PROMPT_b38712c0f975a468_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_d2c6ca204f616938_EOF'
+ cat << 'GH_AW_PROMPT_b38712c0f975a468_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-syntax-error-quality.md}}
- GH_AW_PROMPT_d2c6ca204f616938_EOF
+ GH_AW_PROMPT_b38712c0f975a468_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -374,12 +376,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_c8a7fecb4eb398bb_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_2262b3ec70380289_EOF'
{"create_issue":{"close_older_issues":true,"expires":72,"labels":["dx","error-messages","automated-analysis"],"max":1,"title_prefix":"[syntax-error-quality] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_c8a7fecb4eb398bb_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_2262b3ec70380289_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_6ac716c7b9859829_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_7c10021a79a42566_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[syntax-error-quality] \". Labels [\"dx\" \"error-messages\" \"automated-analysis\"] will be automatically added."
@@ -387,8 +389,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_6ac716c7b9859829_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_fecfe109563c4de0_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_7c10021a79a42566_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4419fb2c45470c65_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -481,7 +483,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_fecfe109563c4de0_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_4419fb2c45470c65_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -551,7 +553,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_427d7ff0f3021689_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_61f60ed6eb4fe33f_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -592,7 +594,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_427d7ff0f3021689_EOF
+ GH_AW_MCP_CONFIG_61f60ed6eb4fe33f_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-syntax-error-quality.md b/.github/workflows/daily-syntax-error-quality.md
index 117a381984a..077258623da 100644
--- a/.github/workflows/daily-syntax-error-quality.md
+++ b/.github/workflows/daily-syntax-error-quality.md
@@ -43,6 +43,7 @@ steps:
gh aw --version
imports:
- shared/reporting.md
+ - shared/observability-otlp.md
features:
copilot-requests: true
---
diff --git a/.github/workflows/daily-team-evolution-insights.lock.yml b/.github/workflows/daily-team-evolution-insights.lock.yml
index ea2de4832b9..b5a7ef4fa14 100644
--- a/.github/workflows/daily-team-evolution-insights.lock.yml
+++ b/.github/workflows/daily-team-evolution-insights.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"734b6d85297a01c4f98081febc8ebe6d367376d1aa3bb81fd77abe9992693e7c","agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"da910f3d3a817c351430afabd8b191bea52753486df47a775d569b2c46e7931c","agent_id":"claude"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/daily-audit-discussion.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -154,14 +155,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_a6fbd195dab01726_EOF'
+ cat << 'GH_AW_PROMPT_75da7efc5f89431c_EOF'
- GH_AW_PROMPT_a6fbd195dab01726_EOF
+ GH_AW_PROMPT_75da7efc5f89431c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_a6fbd195dab01726_EOF'
+ cat << 'GH_AW_PROMPT_75da7efc5f89431c_EOF'
Tools: create_discussion, missing_tool, missing_data, noop
@@ -193,13 +194,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_a6fbd195dab01726_EOF
+ GH_AW_PROMPT_75da7efc5f89431c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_a6fbd195dab01726_EOF'
+ cat << 'GH_AW_PROMPT_75da7efc5f89431c_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-team-evolution-insights.md}}
- GH_AW_PROMPT_a6fbd195dab01726_EOF
+ GH_AW_PROMPT_75da7efc5f89431c_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -375,12 +377,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_8483f5b7b5488a37_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_f3596835a10808e0_EOF'
{"create_discussion":{"category":"audits","close_older_discussions":true,"expires":24,"fallback_to_issue":true,"max":1,"title_prefix":"[daily-team-evolution] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_8483f5b7b5488a37_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_f3596835a10808e0_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_376264d107fa2eaf_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_9ba730c079e718a8_EOF'
{
"description_suffixes": {
"create_discussion": " CONSTRAINTS: Maximum 1 discussion(s) can be created. Title will be prefixed with \"[daily-team-evolution] \". Discussions will be created in category \"audits\"."
@@ -388,8 +390,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_376264d107fa2eaf_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_f3594d92ef5e5045_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_9ba730c079e718a8_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_441510e9a5f64ec4_EOF'
{
"create_discussion": {
"defaultMax": 1,
@@ -475,7 +477,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_f3594d92ef5e5045_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_441510e9a5f64ec4_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -544,7 +546,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_9c5bdf2d6f07f6fd_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_2023789f918f9ed7_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -584,7 +586,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_9c5bdf2d6f07f6fd_EOF
+ GH_AW_MCP_CONFIG_2023789f918f9ed7_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-team-evolution-insights.md b/.github/workflows/daily-team-evolution-insights.md
index dfc138802d7..2246ecef8e7 100644
--- a/.github/workflows/daily-team-evolution-insights.md
+++ b/.github/workflows/daily-team-evolution-insights.md
@@ -29,6 +29,7 @@ imports:
title-prefix: "[daily-team-evolution] "
expires: 1d
- shared/reporting.md
+ - shared/observability-otlp.md
---
# Daily Team Evolution Insights
diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml
index 4414c9dfedd..a34e0f02fe3 100644
--- a/.github/workflows/daily-team-status.lock.yml
+++ b/.github/workflows/daily-team-status.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"5afa47f119a84ede8ca7bdd2ee1ad40e6e38520a56ae93dd6756366bc5bdcc47","stop_time":"2026-02-09 04:24:39","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"8beac603739b2f4844a217e8ec20a0ef515690daa29fa80355745d7e909b6c9c","stop_time":"2026-02-09 04:24:39","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -32,6 +32,7 @@
# Resolved workflow manifest:
# Imports:
# - githubnext/agentics/workflows/shared/reporting.md@d3422bf940923ef1d43db5559652b8e1e71869f3
+# - shared/observability-otlp.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
@@ -162,14 +163,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_eb53b4a60de30d7c_EOF'
+ cat << 'GH_AW_PROMPT_7600ffad014f33f0_EOF'
- GH_AW_PROMPT_eb53b4a60de30d7c_EOF
+ GH_AW_PROMPT_7600ffad014f33f0_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_eb53b4a60de30d7c_EOF'
+ cat << 'GH_AW_PROMPT_7600ffad014f33f0_EOF'
Tools: create_issue, missing_tool, missing_data, noop
@@ -201,13 +202,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_eb53b4a60de30d7c_EOF
+ GH_AW_PROMPT_7600ffad014f33f0_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_eb53b4a60de30d7c_EOF'
+ cat << 'GH_AW_PROMPT_7600ffad014f33f0_EOF'
{{#runtime-import .github/aw/imports/githubnext/agentics/d3422bf940923ef1d43db5559652b8e1e71869f3/workflows_shared_reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-team-status.md}}
- GH_AW_PROMPT_eb53b4a60de30d7c_EOF
+ GH_AW_PROMPT_7600ffad014f33f0_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -379,12 +381,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_27992e50bcf1748c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_0a1b67d0dcb3eeae_EOF'
{"create_issue":{"expires":24,"labels":["automation","daily-report"],"max":1,"title_prefix":"[team-status] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_27992e50bcf1748c_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_0a1b67d0dcb3eeae_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_9559d667edd5837f_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_507d45d9b5882d28_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[team-status] \". Labels [\"automation\" \"daily-report\"] will be automatically added."
@@ -392,8 +394,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_9559d667edd5837f_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_c0f472d215c77189_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_507d45d9b5882d28_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_569b87638b585126_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -486,7 +488,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_c0f472d215c77189_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_569b87638b585126_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -556,7 +558,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_a8ae48bfebeab6ac_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_c2b5ebdefd3018e1_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -597,7 +599,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_a8ae48bfebeab6ac_EOF
+ GH_AW_MCP_CONFIG_c2b5ebdefd3018e1_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-team-status.md b/.github/workflows/daily-team-status.md
index 031e5476e58..5746ca7b596 100644
--- a/.github/workflows/daily-team-status.md
+++ b/.github/workflows/daily-team-status.md
@@ -14,6 +14,7 @@ tracker-id: daily-team-status
network: defaults
imports:
- githubnext/agentics/workflows/shared/reporting.md@d3422bf940923ef1d43db5559652b8e1e71869f3
+ - shared/observability-otlp.md
safe-outputs:
create-issue:
expires: 1d
diff --git a/.github/workflows/daily-testify-uber-super-expert.lock.yml b/.github/workflows/daily-testify-uber-super-expert.lock.yml
index 6dc309dc162..f28e8f6c2f2 100644
--- a/.github/workflows/daily-testify-uber-super-expert.lock.yml
+++ b/.github/workflows/daily-testify-uber-super-expert.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"b0077a1af615ea44f936a06eeb0d4bf4a42b9202eddeed2d44bc9e90470f7317","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"01bac1624abf68f3bdd6b58efd2421054bae82b01215998d5b29cd005cd05465","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -28,6 +28,7 @@
# - shared/activation-app.md
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
+# - shared/observability-otlp.md
# - shared/reporting.md
# - shared/go-source-analysis.md
# - shared/safe-output-app.md
@@ -155,15 +156,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_43108a0ed1d54002_EOF'
+ cat << 'GH_AW_PROMPT_3778bafd3ba6d12c_EOF'
- GH_AW_PROMPT_43108a0ed1d54002_EOF
+ GH_AW_PROMPT_3778bafd3ba6d12c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_43108a0ed1d54002_EOF'
+ cat << 'GH_AW_PROMPT_3778bafd3ba6d12c_EOF'
Tools: create_issue, missing_tool, missing_data, noop
@@ -195,9 +196,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_43108a0ed1d54002_EOF
+ GH_AW_PROMPT_3778bafd3ba6d12c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_43108a0ed1d54002_EOF'
+ cat << 'GH_AW_PROMPT_3778bafd3ba6d12c_EOF'
## Serena Code Analysis
@@ -233,10 +234,11 @@ jobs:
{{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/go-source-analysis.md}}
{{#runtime-import .github/workflows/shared/safe-output-app.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-testify-uber-super-expert.md}}
- GH_AW_PROMPT_43108a0ed1d54002_EOF
+ GH_AW_PROMPT_3778bafd3ba6d12c_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -433,12 +435,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_7b4a7b7dcde16f95_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_8ac18e845c394e0a_EOF'
{"create_issue":{"expires":48,"labels":["testing","code-quality","automated-analysis","cookie"],"max":1,"title_prefix":"[testify-expert] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":51200,"max_patch_size":10240}]}}
- GH_AW_SAFE_OUTPUTS_CONFIG_7b4a7b7dcde16f95_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_8ac18e845c394e0a_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_8f5af484a4273ba0_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_c6505faa3bd9aac7_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[testify-expert] \". Labels [\"testing\" \"code-quality\" \"automated-analysis\" \"cookie\"] will be automatically added."
@@ -446,8 +448,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_8f5af484a4273ba0_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_84c87c675714baae_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_c6505faa3bd9aac7_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_fa6714a4caf2503f_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -540,7 +542,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_84c87c675714baae_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_fa6714a4caf2503f_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -610,7 +612,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_9801a019b807be10_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_b145d00a79daab1b_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -680,7 +682,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_9801a019b807be10_EOF
+ GH_AW_MCP_CONFIG_b145d00a79daab1b_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-testify-uber-super-expert.md b/.github/workflows/daily-testify-uber-super-expert.md
index 0253e3220a4..bc970eb3a9f 100644
--- a/.github/workflows/daily-testify-uber-super-expert.md
+++ b/.github/workflows/daily-testify-uber-super-expert.md
@@ -18,6 +18,7 @@ imports:
- shared/activation-app.md
- shared/go-source-analysis.md
- shared/safe-output-app.md
+ - shared/observability-otlp.md
safe-outputs:
create-issue:
diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml
index addedd108c8..1276036e0a6 100644
--- a/.github/workflows/daily-workflow-updater.lock.yml
+++ b/.github/workflows/daily-workflow-updater.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"26f8e046e4f296368ce5e51b93ce99a0de7757fa1aa378fe826430c2f1951ba9","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"fc193f695cade53bc26256f6fa97846dafdfb8bbfed5279b9d23ffc77eb0e592","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Automatically updates GitHub Actions versions and creates a PR if changes are detected
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - GH_AW_CI_TRIGGER_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -142,19 +146,19 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_ca1bb6eca19a6937_EOF'
+ cat << 'GH_AW_PROMPT_29d432809e64d72a_EOF'
- GH_AW_PROMPT_ca1bb6eca19a6937_EOF
+ GH_AW_PROMPT_29d432809e64d72a_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_ca1bb6eca19a6937_EOF'
+ cat << 'GH_AW_PROMPT_29d432809e64d72a_EOF'
Tools: create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_ca1bb6eca19a6937_EOF
+ GH_AW_PROMPT_29d432809e64d72a_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_ca1bb6eca19a6937_EOF'
+ cat << 'GH_AW_PROMPT_29d432809e64d72a_EOF'
The following GitHub context information is available for this workflow:
@@ -184,12 +188,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_ca1bb6eca19a6937_EOF
+ GH_AW_PROMPT_29d432809e64d72a_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_ca1bb6eca19a6937_EOF'
+ cat << 'GH_AW_PROMPT_29d432809e64d72a_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-workflow-updater.md}}
- GH_AW_PROMPT_ca1bb6eca19a6937_EOF
+ GH_AW_PROMPT_29d432809e64d72a_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -360,12 +365,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_625850fc0c4046ed_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_119743a259fbfb28_EOF'
{"create_pull_request":{"draft":false,"expires":24,"labels":["dependencies","automation"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_files_policy":"allowed","protected_path_prefixes":[".github/",".agents/"],"title_prefix":"[actions] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_625850fc0c4046ed_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_119743a259fbfb28_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_406c93c6d8931f2c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_18911a7424f763e4_EOF'
{
"description_suffixes": {
"create_pull_request": " CONSTRAINTS: Maximum 1 pull request(s) can be created. Title will be prefixed with \"[actions] \". Labels [\"dependencies\" \"automation\"] will be automatically added."
@@ -373,8 +378,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_406c93c6d8931f2c_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_a7ab542e7f9f88f9_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_18911a7424f763e4_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_2ff2ad7cf1fc1f7c_EOF'
{
"create_pull_request": {
"defaultMax": 1,
@@ -470,7 +475,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_a7ab542e7f9f88f9_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_2ff2ad7cf1fc1f7c_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -540,7 +545,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_ded3d43bff6f4a01_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_40eeeaa28e22470c_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -581,7 +586,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_ded3d43bff6f4a01_EOF
+ GH_AW_MCP_CONFIG_40eeeaa28e22470c_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-workflow-updater.md b/.github/workflows/daily-workflow-updater.md
index 282e140adcb..7fab2267123 100644
--- a/.github/workflows/daily-workflow-updater.md
+++ b/.github/workflows/daily-workflow-updater.md
@@ -39,6 +39,8 @@ timeout-minutes: 15
features:
copilot-requests: true
+imports:
+ - shared/observability-otlp.md
---
{{#runtime-import? .github/shared-instructions.md}}
diff --git a/.github/workflows/shared/observability-otlp.md b/.github/workflows/shared/observability-otlp.md
new file mode 100644
index 00000000000..86e849a6ec8
--- /dev/null
+++ b/.github/workflows/shared/observability-otlp.md
@@ -0,0 +1,6 @@
+---
+observability:
+ otlp:
+ endpoint: ${{ secrets.GH_AW_OTEL_ENDPOINT }}
+ headers: ${{ secrets.GH_AW_OTEL_HEADERS }}
+---
diff --git a/.github/workflows/smoke-agent-all-merged.lock.yml b/.github/workflows/smoke-agent-all-merged.lock.yml
index 1db03e85293..e806e84a031 100644
--- a/.github/workflows/smoke-agent-all-merged.lock.yml
+++ b/.github/workflows/smoke-agent-all-merged.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"28a3205ca5937eaa3979f9843ccef5b436f262207f3a7a8e0d2590b579720ad9","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"68a653e411557f5161e0dd9c26655e748cb24d06efca5bb08898d8916f43d503","strict":true,"agent_id":"codex"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Guard policy smoke test: repos=all, min-integrity=merged (most restrictive)
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - CODEX_API_KEY
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -188,14 +192,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_05f6cad1c72ecacb_EOF'
+ cat << 'GH_AW_PROMPT_bdb6468b5cd800e5_EOF'
- GH_AW_PROMPT_05f6cad1c72ecacb_EOF
+ GH_AW_PROMPT_bdb6468b5cd800e5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_05f6cad1c72ecacb_EOF'
+ cat << 'GH_AW_PROMPT_bdb6468b5cd800e5_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
@@ -227,12 +231,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_05f6cad1c72ecacb_EOF
+ GH_AW_PROMPT_bdb6468b5cd800e5_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_05f6cad1c72ecacb_EOF'
+ cat << 'GH_AW_PROMPT_bdb6468b5cd800e5_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-all-merged.md}}
- GH_AW_PROMPT_05f6cad1c72ecacb_EOF
+ GH_AW_PROMPT_bdb6468b5cd800e5_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -402,12 +407,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_54452afc01b90a0c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_3e8e15af7d1695de_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_54452afc01b90a0c_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_3e8e15af7d1695de_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_220179beb7ac4af8_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_cbb45f009cd76926_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added."
@@ -415,8 +420,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_220179beb7ac4af8_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_b8708d91b44d7c68_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_cbb45f009cd76926_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_a4f6a6780aa911dd_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -494,7 +499,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_b8708d91b44d7c68_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_a4f6a6780aa911dd_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -561,7 +566,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_73cdc9322ab8c7cb_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_c9cd6c10f02af88d_EOF
[history]
persistence = "none"
@@ -588,10 +593,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_73cdc9322ab8c7cb_EOF
+ GH_AW_MCP_CONFIG_c9cd6c10f02af88d_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_73cdc9322ab8c7cb_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_c9cd6c10f02af88d_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -634,7 +639,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_73cdc9322ab8c7cb_EOF
+ GH_AW_MCP_CONFIG_c9cd6c10f02af88d_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-agent-all-merged.md b/.github/workflows/smoke-agent-all-merged.md
index ea1cfe828cf..813bc6d3660 100644
--- a/.github/workflows/smoke-agent-all-merged.md
+++ b/.github/workflows/smoke-agent-all-merged.md
@@ -33,6 +33,8 @@ safe-outputs:
run-success: "✅ [{workflow_name}]({run_url}) completed guard policy test."
run-failure: "❌ [{workflow_name}]({run_url}) {status}. Check the logs for details."
timeout-minutes: 10
+imports:
+ - shared/observability-otlp.md
---
# Guard Policy Smoke Test: all/merged (most restrictive)
diff --git a/.github/workflows/smoke-agent-all-none.lock.yml b/.github/workflows/smoke-agent-all-none.lock.yml
index 3d4ec8468d2..a149d46ee21 100644
--- a/.github/workflows/smoke-agent-all-none.lock.yml
+++ b/.github/workflows/smoke-agent-all-none.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"4ee3422cd032cf86fd88a03ecb796d53077b7ad886244140fe7f79e60b9ed431","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"ff6dc0e19a0bc88d9a26dd5582e2eea675a6fdfdd89f5bc499e1e0386786675b","strict":true,"agent_id":"codex"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Guard policy smoke test: repos=all, min-integrity=none (most permissive)
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - CODEX_API_KEY
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -188,14 +192,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_203c66ad3678ef5f_EOF'
+ cat << 'GH_AW_PROMPT_83c5a8510b5ecdcd_EOF'
- GH_AW_PROMPT_203c66ad3678ef5f_EOF
+ GH_AW_PROMPT_83c5a8510b5ecdcd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_203c66ad3678ef5f_EOF'
+ cat << 'GH_AW_PROMPT_83c5a8510b5ecdcd_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
@@ -227,12 +231,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_203c66ad3678ef5f_EOF
+ GH_AW_PROMPT_83c5a8510b5ecdcd_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_203c66ad3678ef5f_EOF'
+ cat << 'GH_AW_PROMPT_83c5a8510b5ecdcd_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-all-none.md}}
- GH_AW_PROMPT_203c66ad3678ef5f_EOF
+ GH_AW_PROMPT_83c5a8510b5ecdcd_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -402,12 +407,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_21a3619f9b391044_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_3dbbc6881ca63f25_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_21a3619f9b391044_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_3dbbc6881ca63f25_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_1eaae5c350da663a_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_d0d61659b60f44fd_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added."
@@ -415,8 +420,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_1eaae5c350da663a_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_2efa8b1bc76041ea_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_d0d61659b60f44fd_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_7599b16f5c09c408_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -494,7 +499,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_2efa8b1bc76041ea_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_7599b16f5c09c408_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -561,7 +566,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_be500cd34233bd55_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_c5e81a5b8d1ce108_EOF
[history]
persistence = "none"
@@ -588,10 +593,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_be500cd34233bd55_EOF
+ GH_AW_MCP_CONFIG_c5e81a5b8d1ce108_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_be500cd34233bd55_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_c5e81a5b8d1ce108_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -634,7 +639,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_be500cd34233bd55_EOF
+ GH_AW_MCP_CONFIG_c5e81a5b8d1ce108_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-agent-all-none.md b/.github/workflows/smoke-agent-all-none.md
index 1e190053a49..f71051df4ff 100644
--- a/.github/workflows/smoke-agent-all-none.md
+++ b/.github/workflows/smoke-agent-all-none.md
@@ -33,6 +33,8 @@ safe-outputs:
run-success: "✅ [{workflow_name}]({run_url}) completed guard policy test."
run-failure: "❌ [{workflow_name}]({run_url}) {status}. Check the logs for details."
timeout-minutes: 10
+imports:
+ - shared/observability-otlp.md
---
# Guard Policy Smoke Test: all/none (most permissive)
diff --git a/.github/workflows/smoke-agent-public-approved.lock.yml b/.github/workflows/smoke-agent-public-approved.lock.yml
index 1143796a77e..560dcf5d038 100644
--- a/.github/workflows/smoke-agent-public-approved.lock.yml
+++ b/.github/workflows/smoke-agent-public-approved.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"03f57f526bbf2d1c4a903c7ae1486b10b1c447e2497b1cf9f29a1df44d20a148","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"76f6fd6abe0a6358ca46fa2f3f6cce1df77c2ec03324eca523472b666ab52b19","strict":true,"agent_id":"codex"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/github-guard-policy.md
+# - shared/observability-otlp.md
#
# Secrets used:
# - CODEX_API_KEY
@@ -193,14 +194,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_d9e867a7d35dc4d3_EOF'
+ cat << 'GH_AW_PROMPT_47f814bd657c49eb_EOF'
- GH_AW_PROMPT_d9e867a7d35dc4d3_EOF
+ GH_AW_PROMPT_47f814bd657c49eb_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_d9e867a7d35dc4d3_EOF'
+ cat << 'GH_AW_PROMPT_47f814bd657c49eb_EOF'
Tools: add_comment(max:2), assign_to_agent, missing_tool, missing_data, noop
@@ -232,13 +233,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_d9e867a7d35dc4d3_EOF
+ GH_AW_PROMPT_47f814bd657c49eb_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_d9e867a7d35dc4d3_EOF'
+ cat << 'GH_AW_PROMPT_47f814bd657c49eb_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-public-approved.md}}
- GH_AW_PROMPT_d9e867a7d35dc4d3_EOF
+ GH_AW_PROMPT_47f814bd657c49eb_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -409,12 +411,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_1ff3a84cf3917125_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_82e288eb3f8370db_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"assign_to_agent":{"allowed":["copilot"],"custom-agent":"agentic-workflows","max":1,"target":"*"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_1ff3a84cf3917125_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_82e288eb3f8370db_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_8eefa362020b61ea_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_dc8d0a7f6ffe70a2_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -423,8 +425,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_8eefa362020b61ea_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_0a1f8a1a07adb6bc_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_dc8d0a7f6ffe70a2_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_eeca6143b0f63097_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -527,7 +529,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_0a1f8a1a07adb6bc_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_eeca6143b0f63097_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -594,7 +596,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_aed1dcf0af46bd24_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_a1219d052485fe22_EOF
[history]
persistence = "none"
@@ -621,10 +623,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_aed1dcf0af46bd24_EOF
+ GH_AW_MCP_CONFIG_a1219d052485fe22_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_aed1dcf0af46bd24_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_a1219d052485fe22_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -667,7 +669,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_aed1dcf0af46bd24_EOF
+ GH_AW_MCP_CONFIG_a1219d052485fe22_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-agent-public-approved.md b/.github/workflows/smoke-agent-public-approved.md
index ecb3f3f3b91..dd3a09ceb99 100644
--- a/.github/workflows/smoke-agent-public-approved.md
+++ b/.github/workflows/smoke-agent-public-approved.md
@@ -15,6 +15,7 @@ engine: codex
strict: true
imports:
- shared/github-guard-policy.md
+ - shared/observability-otlp.md
tools:
github:
mode: local
diff --git a/.github/workflows/smoke-agent-public-none.lock.yml b/.github/workflows/smoke-agent-public-none.lock.yml
index 14ccbd33b24..d0e683b0d5e 100644
--- a/.github/workflows/smoke-agent-public-none.lock.yml
+++ b/.github/workflows/smoke-agent-public-none.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"8b3c4bd5d28d37f7752e49946b99ce14c4fbca6e298f31ffa240c185161fb21f","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"1f23d36476da3c1cb780331f889a1a3ffe3dc2cde0b9e775f788db788c06ee36","strict":true,"agent_id":"codex"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Guard policy smoke test: repos=public, min-integrity=none
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - CODEX_API_KEY
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -188,14 +192,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_e2e30a17d661cd80_EOF'
+ cat << 'GH_AW_PROMPT_883c1fc4638e63d8_EOF'
- GH_AW_PROMPT_e2e30a17d661cd80_EOF
+ GH_AW_PROMPT_883c1fc4638e63d8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_e2e30a17d661cd80_EOF'
+ cat << 'GH_AW_PROMPT_883c1fc4638e63d8_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
@@ -227,12 +231,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_e2e30a17d661cd80_EOF
+ GH_AW_PROMPT_883c1fc4638e63d8_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_e2e30a17d661cd80_EOF'
+ cat << 'GH_AW_PROMPT_883c1fc4638e63d8_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-public-none.md}}
- GH_AW_PROMPT_e2e30a17d661cd80_EOF
+ GH_AW_PROMPT_883c1fc4638e63d8_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -402,12 +407,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_0299b24caaafd831_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_0258130797d73844_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_0299b24caaafd831_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_0258130797d73844_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_486162e31879588b_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_cb4282fff67fcc0b_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added."
@@ -415,8 +420,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_486162e31879588b_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_0ca4065e3ca7ef4f_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_cb4282fff67fcc0b_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_3da2a046d041f01c_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -494,7 +499,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_0ca4065e3ca7ef4f_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_3da2a046d041f01c_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -561,7 +566,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_2561f0fd9f0b6818_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_e45f919f654539f3_EOF
[history]
persistence = "none"
@@ -588,10 +593,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_2561f0fd9f0b6818_EOF
+ GH_AW_MCP_CONFIG_e45f919f654539f3_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_2561f0fd9f0b6818_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_e45f919f654539f3_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -634,7 +639,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_2561f0fd9f0b6818_EOF
+ GH_AW_MCP_CONFIG_e45f919f654539f3_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-agent-public-none.md b/.github/workflows/smoke-agent-public-none.md
index 974211106e0..0d333729360 100644
--- a/.github/workflows/smoke-agent-public-none.md
+++ b/.github/workflows/smoke-agent-public-none.md
@@ -33,6 +33,8 @@ safe-outputs:
run-success: "✅ [{workflow_name}]({run_url}) completed guard policy test."
run-failure: "❌ [{workflow_name}]({run_url}) {status}. Check the logs for details."
timeout-minutes: 10
+imports:
+ - shared/observability-otlp.md
---
# Guard Policy Smoke Test: public/none
diff --git a/.github/workflows/smoke-agent-scoped-approved.lock.yml b/.github/workflows/smoke-agent-scoped-approved.lock.yml
index e5712926018..ccfaa0fe9a2 100644
--- a/.github/workflows/smoke-agent-scoped-approved.lock.yml
+++ b/.github/workflows/smoke-agent-scoped-approved.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"10ed0e0fdcd4337391e9ef5e8837e5d454495e50eaf16c16c63a7900a9a1d328","strict":true,"agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"70983888a80b69450d0a4b30eb093ad896d432bc46cdb4604cb23c4883ae6157","strict":true,"agent_id":"codex"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/github-guard-policy.md
+# - shared/observability-otlp.md
#
# Secrets used:
# - CODEX_API_KEY
@@ -192,14 +193,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_cfac7cbf583a09bf_EOF'
+ cat << 'GH_AW_PROMPT_2304065a0e2d3308_EOF'
- GH_AW_PROMPT_cfac7cbf583a09bf_EOF
+ GH_AW_PROMPT_2304065a0e2d3308_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_cfac7cbf583a09bf_EOF'
+ cat << 'GH_AW_PROMPT_2304065a0e2d3308_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
@@ -231,13 +232,14 @@ jobs:
{{/if}}
- GH_AW_PROMPT_cfac7cbf583a09bf_EOF
+ GH_AW_PROMPT_2304065a0e2d3308_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_cfac7cbf583a09bf_EOF'
+ cat << 'GH_AW_PROMPT_2304065a0e2d3308_EOF'
{{#runtime-import .github/workflows/shared/github-guard-policy.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-agent-scoped-approved.md}}
- GH_AW_PROMPT_cfac7cbf583a09bf_EOF
+ GH_AW_PROMPT_2304065a0e2d3308_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -408,12 +410,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_c0d00aa6086dbf74_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_9295ad763db5184c_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_c0d00aa6086dbf74_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_9295ad763db5184c_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_ead150a633b4d7bb_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_54aa6c994a8139d0_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added."
@@ -421,8 +423,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_ead150a633b4d7bb_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_a9b330d0f673f8da_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_54aa6c994a8139d0_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_06a7ff5e90cb0032_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -500,7 +502,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_a9b330d0f673f8da_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_06a7ff5e90cb0032_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -567,7 +569,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_eae6eef7ac15ae9a_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_89ae1706d7a05405_EOF
[history]
persistence = "none"
@@ -594,10 +596,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["private:github/gh-aw", "private:github"]
- GH_AW_MCP_CONFIG_eae6eef7ac15ae9a_EOF
+ GH_AW_MCP_CONFIG_89ae1706d7a05405_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_eae6eef7ac15ae9a_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_89ae1706d7a05405_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -644,7 +646,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_eae6eef7ac15ae9a_EOF
+ GH_AW_MCP_CONFIG_89ae1706d7a05405_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-agent-scoped-approved.md b/.github/workflows/smoke-agent-scoped-approved.md
index 922b73b74fd..08d4f4fe40d 100644
--- a/.github/workflows/smoke-agent-scoped-approved.md
+++ b/.github/workflows/smoke-agent-scoped-approved.md
@@ -15,6 +15,7 @@ engine: codex
strict: true
imports:
- shared/github-guard-policy.md
+ - shared/observability-otlp.md
tools:
github:
mode: local
diff --git a/.github/workflows/smoke-call-workflow.lock.yml b/.github/workflows/smoke-call-workflow.lock.yml
index e9f56a4f933..d98cfc4a302 100644
--- a/.github/workflows/smoke-call-workflow.lock.yml
+++ b/.github/workflows/smoke-call-workflow.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"61544e9548c9d83d99c2874329b16fde38e5eed99331c8de79e5eac9093ce3fa","strict":true,"agent_id":"codex","agent_model":"gpt-5.1-codex-mini"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"c756bd0c55c7bcc0fd9fbbde65f7cacbfbea7b64437453590ba196f42b63e791","strict":true,"agent_id":"codex","agent_model":"gpt-5.1-codex-mini"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Smoke test for the call-workflow safe output - orchestrator that calls a worker via workflow_call at compile-time fan-out
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - CODEX_API_KEY
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -171,14 +175,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_4750d80021bc7b98_EOF'
+ cat << 'GH_AW_PROMPT_7f6c1349af588f01_EOF'
- GH_AW_PROMPT_4750d80021bc7b98_EOF
+ GH_AW_PROMPT_7f6c1349af588f01_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_4750d80021bc7b98_EOF'
+ cat << 'GH_AW_PROMPT_7f6c1349af588f01_EOF'
Tools: call_workflow, missing_tool, missing_data, noop
@@ -210,12 +214,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_4750d80021bc7b98_EOF
+ GH_AW_PROMPT_7f6c1349af588f01_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_4750d80021bc7b98_EOF'
+ cat << 'GH_AW_PROMPT_7f6c1349af588f01_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-call-workflow.md}}
- GH_AW_PROMPT_4750d80021bc7b98_EOF
+ GH_AW_PROMPT_7f6c1349af588f01_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -386,12 +391,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_808834d03c01b330_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_7849a5ffbf6bb920_EOF'
{"call_workflow":{"max":1,"workflow_files":{"smoke-workflow-call":"./.github/workflows/smoke-workflow-call.lock.yml"},"workflows":["smoke-workflow-call"]},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_808834d03c01b330_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_7849a5ffbf6bb920_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_692319b7ad4c8386_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_51c0eba2a432d4dd_EOF'
{
"description_suffixes": {},
"repo_params": {},
@@ -418,8 +423,8 @@ jobs:
}
]
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_692319b7ad4c8386_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_c2d12ea64b7c52ee_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_51c0eba2a432d4dd_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_6c8c40b15f551838_EOF'
{
"missing_data": {
"defaultMax": 20,
@@ -479,7 +484,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_c2d12ea64b7c52ee_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_6c8c40b15f551838_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -548,7 +553,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_da60e4ff2622cb40_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_352dfb826ac44cd8_EOF
[history]
persistence = "none"
@@ -575,10 +580,10 @@ jobs:
[mcp_servers.safeoutputs."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_da60e4ff2622cb40_EOF
+ GH_AW_MCP_CONFIG_352dfb826ac44cd8_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_da60e4ff2622cb40_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_352dfb826ac44cd8_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -618,7 +623,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_da60e4ff2622cb40_EOF
+ GH_AW_MCP_CONFIG_352dfb826ac44cd8_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-call-workflow.md b/.github/workflows/smoke-call-workflow.md
index 3cb4fbf5003..111929d5f30 100644
--- a/.github/workflows/smoke-call-workflow.md
+++ b/.github/workflows/smoke-call-workflow.md
@@ -23,6 +23,8 @@ safe-outputs:
- smoke-workflow-call
max: 1
timeout-minutes: 20
+imports:
+ - shared/observability-otlp.md
---
# Smoke Test: Call Workflow Orchestrator
diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml
index 127a5c341d7..30ecd06738c 100644
--- a/.github/workflows/smoke-claude.lock.yml
+++ b/.github/workflows/smoke-claude.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"21ff673e699d808782479870bf351cdbf8f6b95415b21decc3c7721a95f0e281","agent_id":"claude"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"454f66031b0e6e619800359b2605b2f9531f48c3cc020512d732938216c4309e","agent_id":"claude"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -34,6 +34,7 @@
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
# - shared/mcp/tavily.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# inlined-imports: true
@@ -226,9 +227,9 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_4ec99b0fd270d235_EOF'
+ cat << 'GH_AW_PROMPT_39777273868c3412_EOF'
- GH_AW_PROMPT_4ec99b0fd270d235_EOF
+ GH_AW_PROMPT_39777273868c3412_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -236,12 +237,12 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_4ec99b0fd270d235_EOF'
+ cat << 'GH_AW_PROMPT_39777273868c3412_EOF'
Tools: add_comment(max:2), create_issue, close_pull_request, update_pull_request, create_pull_request_review_comment(max:5), submit_pull_request_review, resolve_pull_request_review_thread(max:5), add_labels, add_reviewer(max:2), push_to_pull_request_branch, create_code_scanning_alert, missing_tool, missing_data, noop, post_slack_message
- GH_AW_PROMPT_4ec99b0fd270d235_EOF
+ GH_AW_PROMPT_39777273868c3412_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_push_to_pr_branch.md"
- cat << 'GH_AW_PROMPT_4ec99b0fd270d235_EOF'
+ cat << 'GH_AW_PROMPT_39777273868c3412_EOF'
The following GitHub context information is available for this workflow:
@@ -271,9 +272,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_4ec99b0fd270d235_EOF
+ GH_AW_PROMPT_39777273868c3412_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_4ec99b0fd270d235_EOF'
+ cat << 'GH_AW_PROMPT_39777273868c3412_EOF'
@@ -545,6 +546,7 @@ jobs:
2. **Skip test files** — Never analyze files ending in `_test.go`
3. **Focus on `pkg/` directory** — Primary analysis area
4. **Use Serena for semantic analysis** — Leverage LSP capabilities for deeper insights
+
# Smoke Test: Claude Engine Validation.
**IMPORTANT: Keep all outputs extremely short and concise. Use single-line responses where possible. No verbose explanations.**
@@ -656,7 +658,7 @@ jobs:
{"noop": {"message": "No action needed: [brief explanation of what was analyzed and why]"}}
```
- GH_AW_PROMPT_4ec99b0fd270d235_EOF
+ GH_AW_PROMPT_39777273868c3412_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -933,12 +935,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_0e10b6117a7b2ef5_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_822c18ec8b80af29_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-claude"]},"add_reviewer":{"max":2,"target":"*"},"close_pull_request":{"max":1,"staged":true},"create_code_scanning_alert":{"driver":"Smoke Claude"},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-claude","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT","target":"*"},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"post_slack_message":{"description":"Post a message to a fictitious Slack channel (smoke test only — no real Slack integration)","inputs":{"channel":{"default":"#general","description":"Slack channel name to post to","required":false,"type":"string"},"message":{"description":"Message text to post","required":false,"type":"string"}}},"push_to_pull_request_branch":{"allowed_files":["smoke-test-files/smoke-claude-push-test.md"],"if_no_changes":"warn","max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"staged":true,"target":"*"},"resolve_pull_request_review_thread":{"max":5},"submit_pull_request_review":{"footer":"always","max":1},"update_pull_request":{"allow_body":true,"allow_title":true,"max":1,"target":"*"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_0e10b6117a7b2ef5_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_822c18ec8b80af29_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_0fcc6ff9d80b0fb9_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_1458605373c8cbb8_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -975,8 +977,8 @@ jobs:
}
]
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_0fcc6ff9d80b0fb9_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_b20132c1ca0f5de7_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_1458605373c8cbb8_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_7bbdfb9a8fd4ad65_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -1302,7 +1304,7 @@ jobs:
"customValidation": "requiresOneOf:title,body"
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_b20132c1ca0f5de7_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_7bbdfb9a8fd4ad65_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -1347,7 +1349,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_d6f51c172b30cd14_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_366e65d6f1dfcf37_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -1499,8 +1501,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_d6f51c172b30cd14_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_38ef6c81187f1145_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_366e65d6f1dfcf37_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_65373c4dd9fe570a_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -1514,12 +1516,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_38ef6c81187f1145_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_65373c4dd9fe570a_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_2c5983231b4f4fe3_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_d37845b69526d1d0_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: gh
# Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -1530,9 +1532,9 @@ jobs:
echo " token: ${GH_AW_GH_TOKEN:0:6}..."
GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GH_2c5983231b4f4fe3_EOF
+ GH_AW_MCP_SCRIPTS_SH_GH_d37845b69526d1d0_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_76877b18b2f4e52f_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_a79d5a9fbe1e0c21_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1667,9 +1669,9 @@ jobs:
EOF
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_76877b18b2f4e52f_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_a79d5a9fbe1e0c21_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_3fcdce0ca0eeef3e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_18f2b5dcd0ef96c6_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1748,9 +1750,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_3fcdce0ca0eeef3e_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_18f2b5dcd0ef96c6_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_b3f67904ec5beb3f_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_7d6eef638f3fda9d_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1835,9 +1837,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_b3f67904ec5beb3f_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_7d6eef638f3fda9d_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_4fce796bf6c344f8_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_541fb96b0068499d_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: go
# Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -1848,9 +1850,9 @@ jobs:
go $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GO_4fce796bf6c344f8_EOF
+ GH_AW_MCP_SCRIPTS_SH_GO_541fb96b0068499d_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh << 'GH_AW_MCP_SCRIPTS_SH_MAKE_d92303afa15e5799_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh << 'GH_AW_MCP_SCRIPTS_SH_MAKE_a02bb12c8bfaddb6_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: make
# Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -1860,7 +1862,7 @@ jobs:
echo "make $INPUT_ARGS"
make $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_MAKE_d92303afa15e5799_EOF
+ GH_AW_MCP_SCRIPTS_SH_MAKE_a02bb12c8bfaddb6_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh
- name: Generate MCP Scripts Server Config
@@ -1933,7 +1935,7 @@ jobs:
export GH_AW_ENGINE="claude"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -e GH_TOKEN -e TAVILY_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_82ac77150d4b9330_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_477312102d52bc19_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -2072,7 +2074,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_82ac77150d4b9330_EOF
+ GH_AW_MCP_CONFIG_477312102d52bc19_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
@@ -2839,7 +2841,7 @@ jobs:
echo "GH_HOST=${GH_HOST}" >> "$GITHUB_ENV"
- name: Setup Safe Outputs Custom Scripts
run: |
- cat > ${RUNNER_TEMP}/gh-aw/actions/safe_output_script_post_slack_message.cjs << 'GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_22707f2b142f0f65_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/actions/safe_output_script_post_slack_message.cjs << 'GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_551ad3d0c1083150_EOF'
// @ts-check
///
// Auto-generated safe-output script handler: post-slack-message
@@ -2859,7 +2861,7 @@ jobs:
}
module.exports = { main };
- GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_22707f2b142f0f65_EOF
+ GH_AW_SAFE_OUTPUT_SCRIPT_POST_SLACK_MESSAGE_551ad3d0c1083150_EOF
- name: Process Safe Outputs
id: process_safe_outputs
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
diff --git a/.github/workflows/smoke-claude.md b/.github/workflows/smoke-claude.md
index 93af21f7085..094c82f0b33 100644
--- a/.github/workflows/smoke-claude.md
+++ b/.github/workflows/smoke-claude.md
@@ -34,6 +34,7 @@ imports:
with:
packages:
- microsoft/apm-sample-package
+ - shared/observability-otlp.md
network:
allowed:
- defaults
diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml
index fb4869a626a..80a2a734603 100644
--- a/.github/workflows/smoke-codex.lock.yml
+++ b/.github/workflows/smoke-codex.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"06451e0a825e8159b30a37bce567f63fb0e4e4c6f49a7e61578822b85109b12b","agent_id":"codex"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"422fa2696448272aca835da1ceeb62d22b05df0e6b06f47da90d50353e9fb0fe","agent_id":"codex"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -28,6 +28,7 @@
# - shared/gh.md
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
+# - shared/observability-otlp.md
# - shared/qmd.md
# - shared/reporting.md
#
@@ -217,9 +218,9 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_119ad86e92d10934_EOF'
+ cat << 'GH_AW_PROMPT_7ef484db6aab1293_EOF'
- GH_AW_PROMPT_119ad86e92d10934_EOF
+ GH_AW_PROMPT_7ef484db6aab1293_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -227,7 +228,7 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/qmd_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_119ad86e92d10934_EOF'
+ cat << 'GH_AW_PROMPT_7ef484db6aab1293_EOF'
Tools: add_comment(max:2), create_issue, add_labels, remove_labels, unassign_from_user, hide_comment(max:5), missing_tool, missing_data, noop, add_smoked_label
@@ -262,9 +263,9 @@ jobs:
- **Note**: If a branch you need is not in the list above and is not listed as an additional fetched ref, it has NOT been checked out. For private repositories you cannot fetch it without proper authentication. If the branch is required and not available, exit with an error and ask the user to add it to the `fetch:` option of the `checkout:` configuration (e.g., `fetch: ["refs/pulls/open/*"]` for all open PR refs, or `fetch: ["main", "feature/my-branch"]` for specific branches).
- GH_AW_PROMPT_119ad86e92d10934_EOF
+ GH_AW_PROMPT_7ef484db6aab1293_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_119ad86e92d10934_EOF'
+ cat << 'GH_AW_PROMPT_7ef484db6aab1293_EOF'
Use the `search` tool to find relevant documentation and content with a natural language request — it queries a local vector database built from the configured collections.
@@ -315,8 +316,9 @@ jobs:
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-codex.md}}
- GH_AW_PROMPT_119ad86e92d10934_EOF
+ GH_AW_PROMPT_7ef484db6aab1293_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -536,12 +538,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_50edf469cc655054_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_6e6a58c7547bc1c1_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-codex"]},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-codex","expires":2,"labels":["automation","testing"],"max":1},"hide_comment":{"max":5},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"unassign_from_user":{"allowed":["githubactionagent"],"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_50edf469cc655054_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_6e6a58c7547bc1c1_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_49d024a692caf8ad_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_8ccd796bdcb229ff_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -574,8 +576,8 @@ jobs:
}
]
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_49d024a692caf8ad_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_f1befde6ad6a3154_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_8ccd796bdcb229ff_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_da7775f0968df455_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -771,7 +773,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_f1befde6ad6a3154_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_da7775f0968df455_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -816,7 +818,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_8fc2797d26cb4918_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_2925f8f9ba753614_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -846,8 +848,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_8fc2797d26cb4918_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_9cd03b7817afbd8c_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_2925f8f9ba753614_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_13c4e807f5807b90_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -861,12 +863,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_9cd03b7817afbd8c_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_13c4e807f5807b90_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_275beea46129d17f_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_6129ac94eceb1ef7_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: gh
# Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -877,7 +879,7 @@ jobs:
echo " token: ${GH_AW_GH_TOKEN:0:6}..."
GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GH_275beea46129d17f_EOF
+ GH_AW_MCP_SCRIPTS_SH_GH_6129ac94eceb1ef7_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh
- name: Generate MCP Scripts Server Config
@@ -981,7 +983,7 @@ jobs:
export GH_AW_ENGINE="codex"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_c3d48ebeb7d5907a_EOF
+ cat > /tmp/gh-aw/mcp-config/config.toml << GH_AW_MCP_CONFIG_0d68975120ea8d64_EOF
[history]
persistence = "none"
@@ -1063,10 +1065,10 @@ jobs:
[mcp_servers.serena."guard-policies".write-sink]
accept = ["*"]
- GH_AW_MCP_CONFIG_c3d48ebeb7d5907a_EOF
+ GH_AW_MCP_CONFIG_0d68975120ea8d64_EOF
# Generate JSON config for MCP gateway
- cat << GH_AW_MCP_CONFIG_c3d48ebeb7d5907a_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_0d68975120ea8d64_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -1181,7 +1183,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_c3d48ebeb7d5907a_EOF
+ GH_AW_MCP_CONFIG_0d68975120ea8d64_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-codex.md b/.github/workflows/smoke-codex.md
index 65877f5742b..431120598c4 100644
--- a/.github/workflows/smoke-codex.md
+++ b/.github/workflows/smoke-codex.md
@@ -30,6 +30,7 @@ imports:
type: issues
max: 500
github-token: ${{ secrets.GITHUB_TOKEN }}
+ - shared/observability-otlp.md
network:
allowed:
- defaults
diff --git a/.github/workflows/smoke-copilot-arm.lock.yml b/.github/workflows/smoke-copilot-arm.lock.yml
index 65b02a2aedd..a075c58c8d9 100644
--- a/.github/workflows/smoke-copilot-arm.lock.yml
+++ b/.github/workflows/smoke-copilot-arm.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"e603d70b7bc3dba0312876331b6f358c10fbf40a13be449d18d2a71c98cc8c70","agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"f3ad11103c02b273bf8958c12ebf912959bee3d66916c08d5a0585eb69a593b2","agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -29,14 +29,13 @@
# - shared/github-queries-mcp-script.md
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
# - GH_AW_GITHUB_TOKEN
-# - GH_AW_OTEL_ENDPOINT
-# - GH_AW_OTEL_HEADERS
# - GITHUB_TOKEN
#
# Custom actions used:
@@ -73,11 +72,6 @@ concurrency:
run-name: "Smoke Copilot ARM64"
-env:
- OTEL_EXPORTER_OTLP_ENDPOINT: ${{ secrets.GH_AW_OTEL_ENDPOINT }}
- OTEL_SERVICE_NAME: gh-aw
- OTEL_EXPORTER_OTLP_HEADERS: ${{ secrets.GH_AW_OTEL_HEADERS }}
-
jobs:
activation:
needs: pre_activation
@@ -219,9 +213,9 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_e1fc2cb2cbeaacc4_EOF'
+ cat << 'GH_AW_PROMPT_a48c3b689b94045c_EOF'
- GH_AW_PROMPT_e1fc2cb2cbeaacc4_EOF
+ GH_AW_PROMPT_a48c3b689b94045c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -229,7 +223,7 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_e1fc2cb2cbeaacc4_EOF'
+ cat << 'GH_AW_PROMPT_a48c3b689b94045c_EOF'
Tools: add_comment(max:2), create_issue, create_discussion, create_pull_request_review_comment(max:5), submit_pull_request_review, add_labels, remove_labels, dispatch_workflow, missing_tool, missing_data, noop, send_slack_message
@@ -261,9 +255,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_e1fc2cb2cbeaacc4_EOF
+ GH_AW_PROMPT_a48c3b689b94045c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_e1fc2cb2cbeaacc4_EOF'
+ cat << 'GH_AW_PROMPT_a48c3b689b94045c_EOF'
## Serena Code Analysis
@@ -300,8 +294,9 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/github-queries-mcp-script.md}}
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-copilot-arm.md}}
- GH_AW_PROMPT_e1fc2cb2cbeaacc4_EOF
+ GH_AW_PROMPT_a48c3b689b94045c_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -561,12 +556,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_947e130c0b26d5ea_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_91819629c5ddeb32_EOF'
{"add_comment":{"allowed_repos":["github/gh-aw"],"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-copilot-arm"],"allowed_repos":["github/gh-aw"]},"create_discussion":{"category":"announcements","close_older_discussions":true,"expires":2,"fallback_to_issue":true,"labels":["ai-generated"],"max":1},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-copilot-arm","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT"},"dispatch_workflow":{"max":1,"workflow_files":{"haiku-printer":".yml"},"workflows":["haiku-printer"]},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"send-slack-message":{"description":"Send a message to Slack (stub for testing)","inputs":{"message":{"description":"The message to send","required":false,"type":"string"}},"output":"Slack message stub executed!"},"submit_pull_request_review":{"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_947e130c0b26d5ea_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_91819629c5ddeb32_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_7a5b953e996d8298_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_1a86c253706c70b2_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -623,8 +618,8 @@ jobs:
}
]
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_7a5b953e996d8298_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_cad1a7b1918f47ef_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_1a86c253706c70b2_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_bdea1445c22ce59b_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -854,7 +849,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_cad1a7b1918f47ef_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_bdea1445c22ce59b_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -899,7 +894,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_1c701d2b9950333f_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_79ea45d6c8a5ba06_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -1015,8 +1010,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_1c701d2b9950333f_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_c0a0a7288717268c_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_79ea45d6c8a5ba06_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_8aef5bda2801960f_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -1030,12 +1025,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_c0a0a7288717268c_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_8aef5bda2801960f_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_91488b82431e1a7f_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_82681cc1f8f62335_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: gh
# Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -1046,9 +1041,9 @@ jobs:
echo " token: ${GH_AW_GH_TOKEN:0:6}..."
GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GH_91488b82431e1a7f_EOF
+ GH_AW_MCP_SCRIPTS_SH_GH_82681cc1f8f62335_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_93e05781f9ca515e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_112c01cf09937404_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1183,9 +1178,9 @@ jobs:
EOF
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_93e05781f9ca515e_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_112c01cf09937404_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_c1c61a69acdb8d06_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_fc2bfc2efdeb5de2_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1264,9 +1259,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_c1c61a69acdb8d06_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_fc2bfc2efdeb5de2_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_f517760b3784f2a2_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_38aa1539c043dfe1_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1351,7 +1346,7 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_f517760b3784f2a2_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_38aa1539c043dfe1_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh
- name: Generate MCP Scripts Server Config
@@ -1424,7 +1419,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_baa1bb4a61e1bc9d_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_5bcb57263be2eb67_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -1541,7 +1536,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_baa1bb4a61e1bc9d_EOF
+ GH_AW_MCP_CONFIG_5bcb57263be2eb67_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-copilot-arm.md b/.github/workflows/smoke-copilot-arm.md
index 35564e5408c..b6d3f089038 100644
--- a/.github/workflows/smoke-copilot-arm.md
+++ b/.github/workflows/smoke-copilot-arm.md
@@ -21,6 +21,7 @@ imports:
- shared/reporting.md
- shared/github-queries-mcp-script.md
- shared/mcp/serena-go.md
+ - shared/observability-otlp.md
network:
allowed:
- defaults
@@ -106,10 +107,6 @@ safe-outputs:
run-failure: "📰 DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident..."
timeout-minutes: 15
strict: false
-observability:
- otlp:
- endpoint: ${{ secrets.GH_AW_OTEL_ENDPOINT }}
- headers: ${{ secrets.GH_AW_OTEL_HEADERS }}
---
# Smoke Test: Copilot Engine Validation (ARM64)
diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml
index c30d30a3e68..a48acdcc427 100644
--- a/.github/workflows/smoke-copilot.lock.yml
+++ b/.github/workflows/smoke-copilot.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"a905032d976816465ac3dca3ab19ecdf3acddb929861a5ff5984faffcab585e4","agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"6d0a385e47ce5ed241f4358e1578525037722f288b64d3dc18289d01bd352fbd","agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -30,14 +30,13 @@
# - shared/github-queries-mcp-script.md
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
# - GH_AW_GITHUB_TOKEN
-# - GH_AW_OTEL_ENDPOINT
-# - GH_AW_OTEL_HEADERS
# - GITHUB_TOKEN
#
# Custom actions used:
@@ -78,11 +77,6 @@ concurrency:
run-name: "Smoke Copilot"
-env:
- OTEL_EXPORTER_OTLP_ENDPOINT: ${{ secrets.GH_AW_OTEL_ENDPOINT }}
- OTEL_SERVICE_NAME: gh-aw
- OTEL_EXPORTER_OTLP_HEADERS: ${{ secrets.GH_AW_OTEL_HEADERS }}
-
jobs:
activation:
needs: pre_activation
@@ -226,9 +220,9 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_62c8abf1cc0f53ad_EOF'
+ cat << 'GH_AW_PROMPT_2d91fec7281e9c47_EOF'
- GH_AW_PROMPT_62c8abf1cc0f53ad_EOF
+ GH_AW_PROMPT_2d91fec7281e9c47_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
@@ -236,7 +230,7 @@ jobs:
cat "${RUNNER_TEMP}/gh-aw/prompts/agentic_workflows_guide.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_62c8abf1cc0f53ad_EOF'
+ cat << 'GH_AW_PROMPT_2d91fec7281e9c47_EOF'
Tools: add_comment(max:2), create_issue, create_discussion, create_pull_request_review_comment(max:5), submit_pull_request_review, reply_to_pull_request_review_comment(max:5), add_labels, remove_labels, set_issue_type, dispatch_workflow, missing_tool, missing_data, noop, send_slack_message
@@ -268,9 +262,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_62c8abf1cc0f53ad_EOF
+ GH_AW_PROMPT_2d91fec7281e9c47_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_62c8abf1cc0f53ad_EOF'
+ cat << 'GH_AW_PROMPT_2d91fec7281e9c47_EOF'
## Serena Code Analysis
@@ -308,8 +302,9 @@ jobs:
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/github-queries-mcp-script.md}}
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-copilot.md}}
- GH_AW_PROMPT_62c8abf1cc0f53ad_EOF
+ GH_AW_PROMPT_2d91fec7281e9c47_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -569,12 +564,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_996bb8e28da5dfb7_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_8c3103569671ea37_EOF'
{"add_comment":{"allowed_repos":["github/gh-aw"],"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-copilot"],"allowed_repos":["github/gh-aw"]},"create_discussion":{"category":"announcements","close_older_discussions":true,"close_older_key":"smoke-copilot","expires":2,"fallback_to_issue":true,"labels":["ai-generated"],"max":1},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-copilot","expires":2,"group":true,"labels":["automation","testing"],"max":1},"create_pull_request_review_comment":{"max":5,"side":"RIGHT"},"dispatch_workflow":{"max":1,"workflow_files":{"haiku-printer":".yml"},"workflows":["haiku-printer"]},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke"]},"reply_to_pull_request_review_comment":{"max":5},"send-slack-message":{"description":"Send a message to Slack (stub for testing)","inputs":{"message":{"description":"The message to send","required":false,"type":"string"}},"output":"Slack message stub executed!"},"set_issue_type":{},"submit_pull_request_review":{"max":1}}
- GH_AW_SAFE_OUTPUTS_CONFIG_996bb8e28da5dfb7_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_8c3103569671ea37_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_d4e9fcd31c3eddcb_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_6ba81623fc072ff3_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -632,8 +627,8 @@ jobs:
}
]
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_d4e9fcd31c3eddcb_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_7d41b605be50b9cb_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_6ba81623fc072ff3_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4cb5c46d855d3c50_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -903,7 +898,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_7d41b605be50b9cb_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_4cb5c46d855d3c50_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -948,7 +943,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_1e7561d526f43bda_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_7babc89e6d790778_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -1064,8 +1059,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_1e7561d526f43bda_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_a5255a3a8e9f133e_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_7babc89e6d790778_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_ef1fbc7ce3eca295_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -1079,12 +1074,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_a5255a3a8e9f133e_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_ef1fbc7ce3eca295_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_ba7386878a21d8cb_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_5a6688685d632c08_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: gh
# Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -1095,9 +1090,9 @@ jobs:
echo " token: ${GH_AW_GH_TOKEN:0:6}..."
GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GH_ba7386878a21d8cb_EOF
+ GH_AW_MCP_SCRIPTS_SH_GH_5a6688685d632c08_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_4d7640a4c077e31c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_acccc7340415fad4_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-discussion-query
# Query GitHub discussions with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1232,9 +1227,9 @@ jobs:
EOF
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_4d7640a4c077e31c_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-DISCUSSION-QUERY_acccc7340415fad4_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-discussion-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_0641c15ff140ff12_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_a6eacbb65c40c0ed_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-issue-query
# Query GitHub issues with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1313,9 +1308,9 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_0641c15ff140ff12_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-ISSUE-QUERY_a6eacbb65c40c0ed_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-issue-query.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_9ddf10ca0deacae4_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh << 'GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_cba8eb127506e4a8_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: github-pr-query
# Query GitHub pull requests with jq filtering support. Without --jq, returns schema and data size info. Use --jq '.' to get all data, or specific jq expressions to filter.
@@ -1400,7 +1395,7 @@ jobs:
fi
- GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_9ddf10ca0deacae4_EOF
+ GH_AW_MCP_SCRIPTS_SH_GITHUB-PR-QUERY_cba8eb127506e4a8_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/github-pr-query.sh
- name: Generate MCP Scripts Server Config
@@ -1471,7 +1466,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -e GH_TOKEN -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_c260f8029b966df4_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_8d31e9e79e8b0709_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"agenticworkflows": {
@@ -1591,7 +1586,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_c260f8029b966df4_EOF
+ GH_AW_MCP_CONFIG_8d31e9e79e8b0709_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-copilot.md b/.github/workflows/smoke-copilot.md
index b476456956e..8c6087573ed 100644
--- a/.github/workflows/smoke-copilot.md
+++ b/.github/workflows/smoke-copilot.md
@@ -25,6 +25,7 @@ imports:
- shared/reporting.md
- shared/github-queries-mcp-script.md
- shared/mcp/serena-go.md
+ - shared/observability-otlp.md
network:
allowed:
- defaults
@@ -117,10 +118,6 @@ safe-outputs:
run-failure: "📰 DEVELOPING STORY: [{workflow_name}]({run_url}) reports {status}. Our correspondents are investigating the incident..."
timeout-minutes: 15
strict: false
-observability:
- otlp:
- endpoint: ${{ secrets.GH_AW_OTEL_ENDPOINT }}
- headers: ${{ secrets.GH_AW_OTEL_HEADERS }}
---
# Smoke Test: Copilot Engine Validation
diff --git a/.github/workflows/smoke-create-cross-repo-pr.lock.yml b/.github/workflows/smoke-create-cross-repo-pr.lock.yml
index fcb71b59289..b10e69a8db9 100644
--- a/.github/workflows/smoke-create-cross-repo-pr.lock.yml
+++ b/.github/workflows/smoke-create-cross-repo-pr.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"23d3c7a58f979f7799b7e17bdac619d06c521a62e3079dfc27f35b90f4bbce9f","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"183ac727afd39894587c1583781dc7aafb67e0486e3e10ec3b1cf0bc0c06bbd4","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Smoke test validating cross-repo pull request creation in githubnext/gh-aw-side-repo
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - GH_AW_CI_TRIGGER_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -183,19 +187,19 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_b5851c5feae065c1_EOF'
+ cat << 'GH_AW_PROMPT_94b1604d6fe5e476_EOF'
- GH_AW_PROMPT_b5851c5feae065c1_EOF
+ GH_AW_PROMPT_94b1604d6fe5e476_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_b5851c5feae065c1_EOF'
+ cat << 'GH_AW_PROMPT_94b1604d6fe5e476_EOF'
Tools: add_comment(max:2), create_issue, create_pull_request, missing_tool, missing_data, noop
- GH_AW_PROMPT_b5851c5feae065c1_EOF
+ GH_AW_PROMPT_94b1604d6fe5e476_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_b5851c5feae065c1_EOF'
+ cat << 'GH_AW_PROMPT_94b1604d6fe5e476_EOF'
The following GitHub context information is available for this workflow:
@@ -228,12 +232,13 @@ jobs:
- **Note**: If a branch you need is not in the list above and is not listed as an additional fetched ref, it has NOT been checked out. For private repositories you cannot fetch it without proper authentication. If the branch is required and not available, exit with an error and ask the user to add it to the `fetch:` option of the `checkout:` configuration (e.g., `fetch: ["refs/pulls/open/*"]` for all open PR refs, or `fetch: ["main", "feature/my-branch"]` for specific branches).
- GH_AW_PROMPT_b5851c5feae065c1_EOF
+ GH_AW_PROMPT_94b1604d6fe5e476_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_b5851c5feae065c1_EOF'
+ cat << 'GH_AW_PROMPT_94b1604d6fe5e476_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-create-cross-repo-pr.md}}
- GH_AW_PROMPT_b5851c5feae065c1_EOF
+ GH_AW_PROMPT_94b1604d6fe5e476_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -415,12 +420,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_dda6c6cade8b9292_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_f061fe32f12a05ac_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_issue":{"close_older_issues":true,"expires":2,"labels":["automation","testing"],"max":1},"create_pull_request":{"draft":true,"expires":24,"fallback_as_issue":false,"github-token":"${{ secrets.GH_AW_SIDE_REPO_PAT }}","if_no_changes":"error","labels":["smoke-test"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"target-repo":"githubnext/gh-aw-side-repo","title_prefix":"[smoke] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_dda6c6cade8b9292_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_f061fe32f12a05ac_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_7e7ce00aac884a7c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_11f8ee29f501d697_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -430,8 +435,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_7e7ce00aac884a7c_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_2acf94955ef0dc17_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_11f8ee29f501d697_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_012cee66428c7727_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -578,7 +583,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_2acf94955ef0dc17_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_012cee66428c7727_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -648,7 +653,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_4e0fc3a9881a180e_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_de9e28f8a759eede_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -689,7 +694,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_4e0fc3a9881a180e_EOF
+ GH_AW_MCP_CONFIG_de9e28f8a759eede_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-create-cross-repo-pr.md b/.github/workflows/smoke-create-cross-repo-pr.md
index 346ce47cc7d..1d3c4f9c248 100644
--- a/.github/workflows/smoke-create-cross-repo-pr.md
+++ b/.github/workflows/smoke-create-cross-repo-pr.md
@@ -58,6 +58,8 @@ safe-outputs:
timeout-minutes: 10
features:
copilot-requests: true
+imports:
+ - shared/observability-otlp.md
---
# Smoke Test: Cross-Repo Pull Request Creation
diff --git a/.github/workflows/smoke-gemini.lock.yml b/.github/workflows/smoke-gemini.lock.yml
index e7186d6cd0f..66eee9d61ea 100644
--- a/.github/workflows/smoke-gemini.lock.yml
+++ b/.github/workflows/smoke-gemini.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"0f1c00beafd1829acdd4f2160c974eae49a534ef077f9b9427e6760a627fcaef","strict":true,"agent_id":"gemini"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"6fa73425f890e6d8352976a82978abd62ab75f0e8c76c235d19c3487d1402c76","strict":true,"agent_id":"gemini"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/gh.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -209,15 +210,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_ec5ddfdb986834ab_EOF'
+ cat << 'GH_AW_PROMPT_9f443bb9e0552392_EOF'
- GH_AW_PROMPT_ec5ddfdb986834ab_EOF
+ GH_AW_PROMPT_9f443bb9e0552392_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_ec5ddfdb986834ab_EOF'
+ cat << 'GH_AW_PROMPT_9f443bb9e0552392_EOF'
Tools: add_comment(max:2), create_issue, add_labels, missing_tool, missing_data, noop
@@ -249,14 +250,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_ec5ddfdb986834ab_EOF
+ GH_AW_PROMPT_9f443bb9e0552392_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_ec5ddfdb986834ab_EOF'
+ cat << 'GH_AW_PROMPT_9f443bb9e0552392_EOF'
{{#runtime-import .github/workflows/shared/gh.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-gemini.md}}
- GH_AW_PROMPT_ec5ddfdb986834ab_EOF
+ GH_AW_PROMPT_9f443bb9e0552392_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -454,12 +456,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_01758ee466270a56_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_a507083b95a3f5fd_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-gemini"]},"create_issue":{"close_older_issues":true,"close_older_key":"smoke-gemini","expires":2,"labels":["automation","testing"],"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_01758ee466270a56_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_a507083b95a3f5fd_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_3976c2187d2cbcfe_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_033bbee5b32c6e0a_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -469,8 +471,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_3976c2187d2cbcfe_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_0f0c060c2a233ca5_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_033bbee5b32c6e0a_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_16c5fc7c635b5ded_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -600,7 +602,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_0f0c060c2a233ca5_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_16c5fc7c635b5ded_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -645,7 +647,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_db61f592fb740c66_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_eeacfabc3ef2402a_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -675,8 +677,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_db61f592fb740c66_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_9ede82243d9570a1_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_eeacfabc3ef2402a_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_c7a14968c05f6ed8_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -690,12 +692,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_9ede82243d9570a1_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_c7a14968c05f6ed8_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_37dab787d6840ac7_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh << 'GH_AW_MCP_SCRIPTS_SH_GH_e6f3656b383a4920_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: gh
# Execute any gh CLI command. This tool is accessible as 'mcpscripts-gh'. Provide the full command after 'gh' (e.g., args: 'pr list --limit 5'). The tool will run: gh . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -706,7 +708,7 @@ jobs:
echo " token: ${GH_AW_GH_TOKEN:0:6}..."
GH_TOKEN="$GH_AW_GH_TOKEN" gh $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GH_37dab787d6840ac7_EOF
+ GH_AW_MCP_SCRIPTS_SH_GH_e6f3656b383a4920_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/gh.sh
- name: Generate MCP Scripts Server Config
@@ -774,7 +776,7 @@ jobs:
export GH_AW_ENGINE="gemini"
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -e GH_AW_GH_TOKEN -e GH_DEBUG -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
- cat << GH_AW_MCP_CONFIG_dc3832e9686c5ff4_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_3736e04da4cb6cea_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -828,7 +830,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_dc3832e9686c5ff4_EOF
+ GH_AW_MCP_CONFIG_3736e04da4cb6cea_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-gemini.md b/.github/workflows/smoke-gemini.md
index b581e6e3935..8a348e9aa0e 100644
--- a/.github/workflows/smoke-gemini.md
+++ b/.github/workflows/smoke-gemini.md
@@ -19,6 +19,7 @@ strict: true
imports:
- shared/gh.md
- shared/reporting.md
+ - shared/observability-otlp.md
network:
allowed:
- defaults
diff --git a/.github/workflows/smoke-multi-pr.lock.yml b/.github/workflows/smoke-multi-pr.lock.yml
index 8d303f2f4a0..08fec133110 100644
--- a/.github/workflows/smoke-multi-pr.lock.yml
+++ b/.github/workflows/smoke-multi-pr.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"cdcc6dd9771a5732e02056aa956cc660846057deed0acec0fea5bca9af63c0b0","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"d8bcc8ab8a733152e54dbd392cc469cf8acf46f91800d17dab1f7587a22186f5","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Test creating multiple pull requests in a single workflow run
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
# - GH_AW_CI_TRIGGER_TOKEN
@@ -201,19 +205,19 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_8176b7650e805e07_EOF'
+ cat << 'GH_AW_PROMPT_d5ab19e04586f20b_EOF'
- GH_AW_PROMPT_8176b7650e805e07_EOF
+ GH_AW_PROMPT_d5ab19e04586f20b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_8176b7650e805e07_EOF'
+ cat << 'GH_AW_PROMPT_d5ab19e04586f20b_EOF'
Tools: add_comment, create_pull_request(max:2), missing_tool, missing_data, noop
- GH_AW_PROMPT_8176b7650e805e07_EOF
+ GH_AW_PROMPT_d5ab19e04586f20b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_8176b7650e805e07_EOF'
+ cat << 'GH_AW_PROMPT_d5ab19e04586f20b_EOF'
The following GitHub context information is available for this workflow:
@@ -243,12 +247,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_8176b7650e805e07_EOF
+ GH_AW_PROMPT_d5ab19e04586f20b_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_8176b7650e805e07_EOF'
+ cat << 'GH_AW_PROMPT_d5ab19e04586f20b_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-multi-pr.md}}
- GH_AW_PROMPT_8176b7650e805e07_EOF
+ GH_AW_PROMPT_d5ab19e04586f20b_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -418,12 +423,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_6763693a64d3ddac_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_4fc66af68d9f1146_EOF'
{"add_comment":{"hide_older_comments":true,"max":1},"create_pull_request":{"expires":2,"if_no_changes":"warn","labels":["ai-generated"],"max":2,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"title_prefix":"[smoke-multi-pr] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_6763693a64d3ddac_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_4fc66af68d9f1146_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_03c11e1da95a3122_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_a8317501ab19e647_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 1 comment(s) can be added.",
@@ -432,8 +437,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_03c11e1da95a3122_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_988248fdd10d37ac_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_a8317501ab19e647_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_b8b9d986009fd23c_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -547,7 +552,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_988248fdd10d37ac_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_b8b9d986009fd23c_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -617,7 +622,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_21037b0628df299c_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_45d35be8093fc5f6_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -658,7 +663,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_21037b0628df299c_EOF
+ GH_AW_MCP_CONFIG_45d35be8093fc5f6_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-multi-pr.md b/.github/workflows/smoke-multi-pr.md
index a45506e908f..d8658324709 100644
--- a/.github/workflows/smoke-multi-pr.md
+++ b/.github/workflows/smoke-multi-pr.md
@@ -42,6 +42,8 @@ safe-outputs:
run-success: "✅ [{workflow_name}]({run_url}) successfully created multiple PRs."
run-failure: "❌ [{workflow_name}]({run_url}) failed to create multiple PRs. Check the logs."
timeout-minutes: 10
+imports:
+ - shared/observability-otlp.md
---
# Smoke Test: Multiple Pull Request Creation
diff --git a/.github/workflows/smoke-project.lock.yml b/.github/workflows/smoke-project.lock.yml
index be7bbeb8fb8..069bc2ae8c8 100644
--- a/.github/workflows/smoke-project.lock.yml
+++ b/.github/workflows/smoke-project.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"443639d657b72ea47c2885b9779aabe56a6cc53f605548f9ad685687fc5276b3","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"8bcae22e790c498a4d0c4a24fc23384ec7be4e39f2bbf10b06bbed77bb070c0f","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Smoke Project - Test project operations
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
# - GH_AW_CI_TRIGGER_TOKEN
@@ -200,19 +204,19 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_ba7946ed4c54c799_EOF'
+ cat << 'GH_AW_PROMPT_58453f345124cba3_EOF'
- GH_AW_PROMPT_ba7946ed4c54c799_EOF
+ GH_AW_PROMPT_58453f345124cba3_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_ba7946ed4c54c799_EOF'
+ cat << 'GH_AW_PROMPT_58453f345124cba3_EOF'
Tools: add_comment(max:2), create_issue, create_pull_request, add_labels, remove_labels, update_project(max:20), create_project_status_update, missing_tool, missing_data, noop
- GH_AW_PROMPT_ba7946ed4c54c799_EOF
+ GH_AW_PROMPT_58453f345124cba3_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_create_pull_request.md"
- cat << 'GH_AW_PROMPT_ba7946ed4c54c799_EOF'
+ cat << 'GH_AW_PROMPT_58453f345124cba3_EOF'
The following GitHub context information is available for this workflow:
@@ -242,12 +246,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_ba7946ed4c54c799_EOF
+ GH_AW_PROMPT_58453f345124cba3_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_ba7946ed4c54c799_EOF'
+ cat << 'GH_AW_PROMPT_58453f345124cba3_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-project.md}}
- GH_AW_PROMPT_ba7946ed4c54c799_EOF
+ GH_AW_PROMPT_58453f345124cba3_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -418,12 +423,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_b056215a99ad916b_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_1160c02dd06158cf_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"add_labels":{"allowed":["smoke-project"]},"create_issue":{"close_older_issues":true,"expires":2,"group":true,"labels":["ai-generated","automation","testing"],"max":1},"create_project_status_update":{"github-token":"${{ secrets.GH_AW_PROJECT_GITHUB_TOKEN }}","max":1,"project":"https://github.com/orgs/github/projects/24068"},"create_pull_request":{"expires":2,"if_no_changes":"warn","labels":["ai-generated"],"max":1,"max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"title_prefix":"[smoke-project] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"remove_labels":{"allowed":["smoke-project"]},"update_project":{"github-token":"${{ secrets.GH_AW_PROJECT_GITHUB_TOKEN }}","max":20,"project":"https://github.com/orgs/github/projects/24068","views":[{"name":"Smoke Test Board","layout":"board","filter":"is:open"}]}}
- GH_AW_SAFE_OUTPUTS_CONFIG_b056215a99ad916b_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_1160c02dd06158cf_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_0a4fc139d2c619d0_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_5135f6bdfbdbe66b_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -437,8 +442,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_0a4fc139d2c619d0_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_1f4a5d719749a120_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_5135f6bdfbdbe66b_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_6d596dd663e40e98_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -705,7 +710,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_1f4a5d719749a120_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_6d596dd663e40e98_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -775,7 +780,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_5aaca792fea31195_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_1f44ece8f17868b6_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -816,7 +821,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_5aaca792fea31195_EOF
+ GH_AW_MCP_CONFIG_1f44ece8f17868b6_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-project.md b/.github/workflows/smoke-project.md
index 96b27a01f3c..b7228a890e1 100644
--- a/.github/workflows/smoke-project.md
+++ b/.github/workflows/smoke-project.md
@@ -62,6 +62,8 @@ safe-outputs:
run-failure: "❌ [{workflow_name}]({run_url}) encountered failures. Check the logs for details."
timeout-minutes: 15
strict: true
+imports:
+ - shared/observability-otlp.md
---
# Smoke Test: Project Operations Validation
diff --git a/.github/workflows/smoke-service-ports.lock.yml b/.github/workflows/smoke-service-ports.lock.yml
index 5255455ad32..b098901a0a0 100644
--- a/.github/workflows/smoke-service-ports.lock.yml
+++ b/.github/workflows/smoke-service-ports.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"e5ce1ba22e481b76f0eb27bdfc0c0a87048dbff2c7d9b94295bd1713658bf76c","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"4e6eb08c392b1448e95987ada56dfdfd47e9914daf5da49dfc37e76e60eaa2eb","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Smoke test to validate --allow-host-service-ports with Redis service container
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -167,14 +171,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_c31fae809a703351_EOF'
+ cat << 'GH_AW_PROMPT_8b7da5de864f633e_EOF'
- GH_AW_PROMPT_c31fae809a703351_EOF
+ GH_AW_PROMPT_8b7da5de864f633e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_c31fae809a703351_EOF'
+ cat << 'GH_AW_PROMPT_8b7da5de864f633e_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
@@ -206,12 +210,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_c31fae809a703351_EOF
+ GH_AW_PROMPT_8b7da5de864f633e_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_c31fae809a703351_EOF'
+ cat << 'GH_AW_PROMPT_8b7da5de864f633e_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-service-ports.md}}
- GH_AW_PROMPT_c31fae809a703351_EOF
+ GH_AW_PROMPT_8b7da5de864f633e_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -389,12 +394,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_157c2d9ba58bbb86_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_6bf0cb9b782d80da_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_157c2d9ba58bbb86_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_6bf0cb9b782d80da_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_c83d4be4db7ea1c1_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_d94773b8761f460c_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added."
@@ -402,8 +407,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_c83d4be4db7ea1c1_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_78a41162c66dcf65_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_d94773b8761f460c_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_d461af88e433dde6_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -481,7 +486,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_78a41162c66dcf65_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_d461af88e433dde6_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -551,7 +556,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_4d3271670f04abd8_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_99ffa6da0591cb4e_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -592,7 +597,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_4d3271670f04abd8_EOF
+ GH_AW_MCP_CONFIG_99ffa6da0591cb4e_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-service-ports.md b/.github/workflows/smoke-service-ports.md
index f5b6d2661d7..67414c2c50f 100644
--- a/.github/workflows/smoke-service-ports.md
+++ b/.github/workflows/smoke-service-ports.md
@@ -39,6 +39,8 @@ safe-outputs:
run-success: "✅ Service ports validation passed! [{workflow_name}]({run_url}) confirms agent can reach Redis."
run-failure: "❌ Service ports validation failed! [{workflow_name}]({run_url}) could not reach Redis: {status}"
timeout-minutes: 5
+imports:
+ - shared/observability-otlp.md
---
# Smoke Test: Service Ports (Redis)
diff --git a/.github/workflows/smoke-temporary-id.lock.yml b/.github/workflows/smoke-temporary-id.lock.yml
index 466a75ce704..44805ffbecb 100644
--- a/.github/workflows/smoke-temporary-id.lock.yml
+++ b/.github/workflows/smoke-temporary-id.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"84179275d507c26a64c5e981337aac259c6dbb023b319c514ba82942a26e254f","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"b6f00aacc0138c6dab5d64e347168a6343ecd145b3a0f387fe33d00d145d51d1","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Test temporary ID functionality for issue chaining and cross-references
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -198,14 +202,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_c31eac1d4f2c45d0_EOF'
+ cat << 'GH_AW_PROMPT_16c4d412cd64d233_EOF'
- GH_AW_PROMPT_c31eac1d4f2c45d0_EOF
+ GH_AW_PROMPT_16c4d412cd64d233_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_c31eac1d4f2c45d0_EOF'
+ cat << 'GH_AW_PROMPT_16c4d412cd64d233_EOF'
Tools: add_comment(max:2), create_issue(max:5), link_sub_issue(max:3), missing_tool, missing_data, noop
@@ -237,12 +241,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_c31eac1d4f2c45d0_EOF
+ GH_AW_PROMPT_16c4d412cd64d233_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_c31eac1d4f2c45d0_EOF'
+ cat << 'GH_AW_PROMPT_16c4d412cd64d233_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-temporary-id.md}}
- GH_AW_PROMPT_c31eac1d4f2c45d0_EOF
+ GH_AW_PROMPT_16c4d412cd64d233_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -412,12 +417,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_4118261bca13ba4c_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_79be0a437ebc2e1b_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_issue":{"close_older_issues":true,"expires":2,"group":true,"labels":["ai-generated","automation","testing"],"max":5,"title_prefix":"[smoke-temporary-id] "},"link_sub_issue":{"max":3},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_4118261bca13ba4c_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_79be0a437ebc2e1b_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_db1719c4e92a5f12_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_7df888ae99d6be86_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -427,8 +432,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_db1719c4e92a5f12_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_ad306700fa700567_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_7df888ae99d6be86_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_4b85ce9f04e519a1_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -557,7 +562,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_ad306700fa700567_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_4b85ce9f04e519a1_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -627,7 +632,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_e916af4ce11580a1_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_e58de4b51892a2f5_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -668,7 +673,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_e916af4ce11580a1_EOF
+ GH_AW_MCP_CONFIG_e58de4b51892a2f5_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-temporary-id.md b/.github/workflows/smoke-temporary-id.md
index 3eff5ec8514..0596b8b5828 100644
--- a/.github/workflows/smoke-temporary-id.md
+++ b/.github/workflows/smoke-temporary-id.md
@@ -40,6 +40,8 @@ safe-outputs:
run-success: "✅ [{workflow_name}]({run_url}) completed successfully. Temporary ID validation passed."
run-failure: "❌ [{workflow_name}]({run_url}) encountered failures. Check the logs for details."
timeout-minutes: 10
+imports:
+ - shared/observability-otlp.md
---
# Smoke Test: Temporary ID Functionality
diff --git a/.github/workflows/smoke-test-tools.lock.yml b/.github/workflows/smoke-test-tools.lock.yml
index a13d956a06d..3d30cf9f481 100644
--- a/.github/workflows/smoke-test-tools.lock.yml
+++ b/.github/workflows/smoke-test-tools.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"23b133eb5633ac9b7e7e9dedf421b69f17a4fbf9a1d7c94bf8ae2792eb522029","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"210a11e5de26719232a8a53e306c93ae65ba45a77ddf077dbc6ddbedcd7bd4f2","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Smoke test to validate common development tools are available in the agent container
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - COPILOT_GITHUB_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -192,14 +196,14 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_72c3c12f0815b592_EOF'
+ cat << 'GH_AW_PROMPT_d65170401ad95a6c_EOF'
- GH_AW_PROMPT_72c3c12f0815b592_EOF
+ GH_AW_PROMPT_d65170401ad95a6c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_72c3c12f0815b592_EOF'
+ cat << 'GH_AW_PROMPT_d65170401ad95a6c_EOF'
Tools: add_comment(max:2), missing_tool, missing_data, noop
@@ -231,12 +235,13 @@ jobs:
{{/if}}
- GH_AW_PROMPT_72c3c12f0815b592_EOF
+ GH_AW_PROMPT_d65170401ad95a6c_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_72c3c12f0815b592_EOF'
+ cat << 'GH_AW_PROMPT_d65170401ad95a6c_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-test-tools.md}}
- GH_AW_PROMPT_72c3c12f0815b592_EOF
+ GH_AW_PROMPT_d65170401ad95a6c_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -431,12 +436,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_e1e538f92ff8eb3a_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_40c6ea7062c910a3_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_e1e538f92ff8eb3a_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_40c6ea7062c910a3_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_b5dd125b152082c0_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_acba7834e5e9a1fe_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added."
@@ -444,8 +449,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_b5dd125b152082c0_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_350b5f58e8863755_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_acba7834e5e9a1fe_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_bee3c3e3c48fd01c_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -523,7 +528,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_350b5f58e8863755_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_bee3c3e3c48fd01c_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -593,7 +598,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_4afe8cef8efb619c_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_bdc6195f4ece8765_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -634,7 +639,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_4afe8cef8efb619c_EOF
+ GH_AW_MCP_CONFIG_bdc6195f4ece8765_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-test-tools.md b/.github/workflows/smoke-test-tools.md
index 0c0e1eb0d9d..54e2ccb13b6 100644
--- a/.github/workflows/smoke-test-tools.md
+++ b/.github/workflows/smoke-test-tools.md
@@ -44,6 +44,8 @@ safe-outputs:
run-success: "✅ All tools validated successfully! [{workflow_name}]({run_url}) confirms agent container is ready."
run-failure: "❌ Tool validation failed! [{workflow_name}]({run_url}) detected missing tools: {status}"
timeout-minutes: 5
+imports:
+ - shared/observability-otlp.md
---
# Smoke Test: Agent Container Tools
diff --git a/.github/workflows/smoke-update-cross-repo-pr.lock.yml b/.github/workflows/smoke-update-cross-repo-pr.lock.yml
index ad227ad8b64..f6febbd724d 100644
--- a/.github/workflows/smoke-update-cross-repo-pr.lock.yml
+++ b/.github/workflows/smoke-update-cross-repo-pr.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"c4cc360fde9ba13fd2b610711fbb6c68dfd7f9a090849a11f1adb25e099cea6f","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"37969d7efee1f2ce613593cabdd72ef4de128a21581b663ac51177ae4e663e3e","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -23,6 +23,10 @@
#
# Smoke test validating cross-repo pull request updates in githubnext/gh-aw-side-repo by adding lines from Homer's Odyssey to the README
#
+# Resolved workflow manifest:
+# Imports:
+# - shared/observability-otlp.md
+#
# Secrets used:
# - GH_AW_CI_TRIGGER_TOKEN
# - GH_AW_GITHUB_MCP_SERVER_TOKEN
@@ -185,20 +189,20 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_6b3177d37c27b8e8_EOF'
+ cat << 'GH_AW_PROMPT_2686481f8c8fed02_EOF'
- GH_AW_PROMPT_6b3177d37c27b8e8_EOF
+ GH_AW_PROMPT_2686481f8c8fed02_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/cache_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_6b3177d37c27b8e8_EOF'
+ cat << 'GH_AW_PROMPT_2686481f8c8fed02_EOF'
Tools: add_comment(max:2), create_issue, push_to_pull_request_branch, missing_tool, missing_data, noop
- GH_AW_PROMPT_6b3177d37c27b8e8_EOF
+ GH_AW_PROMPT_2686481f8c8fed02_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_push_to_pr_branch.md"
- cat << 'GH_AW_PROMPT_6b3177d37c27b8e8_EOF'
+ cat << 'GH_AW_PROMPT_2686481f8c8fed02_EOF'
The following GitHub context information is available for this workflow:
@@ -231,12 +235,13 @@ jobs:
- **Note**: If a branch you need is not in the list above and is not listed as an additional fetched ref, it has NOT been checked out. For private repositories you cannot fetch it without proper authentication. If the branch is required and not available, exit with an error and ask the user to add it to the `fetch:` option of the `checkout:` configuration (e.g., `fetch: ["refs/pulls/open/*"]` for all open PR refs, or `fetch: ["main", "feature/my-branch"]` for specific branches).
- GH_AW_PROMPT_6b3177d37c27b8e8_EOF
+ GH_AW_PROMPT_2686481f8c8fed02_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_6b3177d37c27b8e8_EOF'
+ cat << 'GH_AW_PROMPT_2686481f8c8fed02_EOF'
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/smoke-update-cross-repo-pr.md}}
- GH_AW_PROMPT_6b3177d37c27b8e8_EOF
+ GH_AW_PROMPT_2686481f8c8fed02_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -446,12 +451,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_97426e2a05d9f178_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_81da4795d47e284c_EOF'
{"add_comment":{"hide_older_comments":true,"max":2},"create_issue":{"close_older_issues":true,"expires":2,"labels":["automation","testing"],"max":1},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_to_pull_request_branch":{"github-token":"${{ secrets.GH_AW_SIDE_REPO_PAT }}","if_no_changes":"error","max_patch_size":1024,"protected_files":["package.json","bun.lockb","bunfig.toml","deno.json","deno.jsonc","deno.lock","global.json","NuGet.Config","Directory.Packages.props","mix.exs","mix.lock","go.mod","go.sum","stack.yaml","stack.yaml.lock","pom.xml","build.gradle","build.gradle.kts","settings.gradle","settings.gradle.kts","gradle.properties","package-lock.json","yarn.lock","pnpm-lock.yaml","npm-shrinkwrap.json","requirements.txt","Pipfile","Pipfile.lock","pyproject.toml","setup.py","setup.cfg","Gemfile","Gemfile.lock","uv.lock","CODEOWNERS"],"protected_path_prefixes":[".github/",".agents/"],"target":"1","target-repo":"githubnext/gh-aw-side-repo"}}
- GH_AW_SAFE_OUTPUTS_CONFIG_97426e2a05d9f178_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_81da4795d47e284c_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_64866647fd258585_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_377d0a44dda6c044_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 2 comment(s) can be added.",
@@ -460,8 +465,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_64866647fd258585_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_17147ab8c7b67ec1_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_377d0a44dda6c044_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_5e30170160daf012_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -592,7 +597,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_17147ab8c7b67ec1_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_5e30170160daf012_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -662,7 +667,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_814ac3400c1a07dd_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_a575965fe24d5e0b_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -703,7 +708,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_814ac3400c1a07dd_EOF
+ GH_AW_MCP_CONFIG_a575965fe24d5e0b_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/smoke-update-cross-repo-pr.md b/.github/workflows/smoke-update-cross-repo-pr.md
index 62e4f0c37ec..12d1edd84ed 100644
--- a/.github/workflows/smoke-update-cross-repo-pr.md
+++ b/.github/workflows/smoke-update-cross-repo-pr.md
@@ -58,6 +58,8 @@ safe-outputs:
timeout-minutes: 10
features:
copilot-requests: true
+imports:
+ - shared/observability-otlp.md
---
# Smoke Test: Cross-Repo Pull Request Update
From 52250a9861636136cecee914b7928c2887591be6 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Sun, 5 Apr 2026 01:44:03 +0000
Subject: [PATCH 2/2] chore: merge main and recompile lock files
Agent-Logs-Url: https://github.com/github/gh-aw/sessions/c8214416-8cd1-4d25-a385-80a09c012f43
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
---
.../workflows/daily-cli-performance.lock.yml | 48 ++++++++++---------
.../daily-testify-uber-super-expert.lock.yml | 32 +++++++------
2 files changed, 42 insertions(+), 38 deletions(-)
diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml
index 9b5be0e8799..071214cbbca 100644
--- a/.github/workflows/daily-cli-performance.lock.yml
+++ b/.github/workflows/daily-cli-performance.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"c9066f6b0881966f9803ef3cfbca856637043382ca50914f37a6e26480cb255f","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"ca6c6ea818fe4a3b74562aac0d4b7a689adb0f24060562fa46cdaa2b54a8c257","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -26,6 +26,7 @@
# Resolved workflow manifest:
# Imports:
# - shared/go-make.md
+# - shared/observability-otlp.md
# - shared/reporting.md
#
# Secrets used:
@@ -176,15 +177,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_807ad8ba69be7f6d_EOF'
+ cat << 'GH_AW_PROMPT_f03f34c772ef5145_EOF'
- GH_AW_PROMPT_807ad8ba69be7f6d_EOF
+ GH_AW_PROMPT_f03f34c772ef5145_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_807ad8ba69be7f6d_EOF'
+ cat << 'GH_AW_PROMPT_f03f34c772ef5145_EOF'
Tools: add_comment(max:5), create_issue(max:3), missing_tool, missing_data, noop
@@ -216,14 +217,15 @@ jobs:
{{/if}}
- GH_AW_PROMPT_807ad8ba69be7f6d_EOF
+ GH_AW_PROMPT_f03f34c772ef5145_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_807ad8ba69be7f6d_EOF'
+ cat << 'GH_AW_PROMPT_f03f34c772ef5145_EOF'
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/shared/go-make.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/daily-cli-performance.md}}
- GH_AW_PROMPT_807ad8ba69be7f6d_EOF
+ GH_AW_PROMPT_f03f34c772ef5145_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -423,12 +425,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_ae464913baf18cdf_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_969b4c011faa90b8_EOF'
{"add_comment":{"max":5},"create_issue":{"expires":48,"group":true,"labels":["performance","automation","cookie"],"max":3,"title_prefix":"[performance] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":131072,"max_patch_size":10240}]}}
- GH_AW_SAFE_OUTPUTS_CONFIG_ae464913baf18cdf_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_969b4c011faa90b8_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_d26740920220865e_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_00a1b7c966489c01_EOF'
{
"description_suffixes": {
"add_comment": " CONSTRAINTS: Maximum 5 comment(s) can be added.",
@@ -437,8 +439,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_d26740920220865e_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_3d125e7e6f7dde8b_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_00a1b7c966489c01_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_64e17e4452561c85_EOF'
{
"add_comment": {
"defaultMax": 1,
@@ -549,7 +551,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_3d125e7e6f7dde8b_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_64e17e4452561c85_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -594,7 +596,7 @@ jobs:
- name: Setup MCP Scripts Config
run: |
mkdir -p ${RUNNER_TEMP}/gh-aw/mcp-scripts/logs
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_f2bc58ec10efb856_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/tools.json << 'GH_AW_MCP_SCRIPTS_TOOLS_5d19fc88280e6234_EOF'
{
"serverName": "mcpscripts",
"version": "1.0.0",
@@ -638,8 +640,8 @@ jobs:
}
]
}
- GH_AW_MCP_SCRIPTS_TOOLS_f2bc58ec10efb856_EOF
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_9054f587168df6a1_EOF'
+ GH_AW_MCP_SCRIPTS_TOOLS_5d19fc88280e6234_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs << 'GH_AW_MCP_SCRIPTS_SERVER_124be5f8aac3f3e6_EOF'
const path = require("path");
const { startHttpServer } = require("./mcp_scripts_mcp_server_http.cjs");
const configPath = path.join(__dirname, "tools.json");
@@ -653,12 +655,12 @@ jobs:
console.error("Failed to start mcp-scripts HTTP server:", error);
process.exit(1);
});
- GH_AW_MCP_SCRIPTS_SERVER_9054f587168df6a1_EOF
+ GH_AW_MCP_SCRIPTS_SERVER_124be5f8aac3f3e6_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/mcp-server.cjs
- name: Setup MCP Scripts Tool Files
run: |
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_9dcce2fd86c305c4_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh << 'GH_AW_MCP_SCRIPTS_SH_GO_b8bc2d81aca76663_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: go
# Execute any Go command. This tool is accessible as 'mcpscripts-go'. Provide the full command after 'go' (e.g., args: 'test ./...'). The tool will run: go . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -669,9 +671,9 @@ jobs:
go $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_GO_9dcce2fd86c305c4_EOF
+ GH_AW_MCP_SCRIPTS_SH_GO_b8bc2d81aca76663_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/go.sh
- cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh << 'GH_AW_MCP_SCRIPTS_SH_MAKE_67b4c67d94c97451_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh << 'GH_AW_MCP_SCRIPTS_SH_MAKE_327fb7f034e6b4f4_EOF'
#!/bin/bash
# Auto-generated mcp-script tool: make
# Execute any Make target. This tool is accessible as 'mcpscripts-make'. Provide the target name(s) (e.g., args: 'build'). The tool will run: make . Use single quotes ' for complex args to avoid shell interpretation issues.
@@ -681,7 +683,7 @@ jobs:
echo "make $INPUT_ARGS"
make $INPUT_ARGS
- GH_AW_MCP_SCRIPTS_SH_MAKE_67b4c67d94c97451_EOF
+ GH_AW_MCP_SCRIPTS_SH_MAKE_327fb7f034e6b4f4_EOF
chmod +x ${RUNNER_TEMP}/gh-aw/mcp-scripts/make.sh
- name: Generate MCP Scripts Server Config
@@ -746,7 +748,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_MCP_SCRIPTS_PORT -e GH_AW_MCP_SCRIPTS_API_KEY -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_57965ced84ff3d2d_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_5da341d6f3c42525_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -801,7 +803,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_57965ced84ff3d2d_EOF
+ GH_AW_MCP_CONFIG_5da341d6f3c42525_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
diff --git a/.github/workflows/daily-testify-uber-super-expert.lock.yml b/.github/workflows/daily-testify-uber-super-expert.lock.yml
index d1cd08f96f1..3383c1d9f7f 100644
--- a/.github/workflows/daily-testify-uber-super-expert.lock.yml
+++ b/.github/workflows/daily-testify-uber-super-expert.lock.yml
@@ -1,4 +1,4 @@
-# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"bba95ad9250bb672b3a05645f2d1318ef1bf2a00ad0bd760474ba7d09fee15f3","strict":true,"agent_id":"copilot"}
+# gh-aw-metadata: {"schema_version":"v3","frontmatter_hash":"9b8a0ad8ecc713ae5a0ca103385b791fb08f58b7b20d9372ccb27de39ec92f54","strict":true,"agent_id":"copilot"}
# ___ _ _
# / _ \ | | (_)
# | |_| | __ _ ___ _ __ | |_ _ ___
@@ -28,6 +28,7 @@
# - shared/activation-app.md
# - shared/mcp/serena-go.md
# - shared/mcp/serena.md
+# - shared/observability-otlp.md
# - shared/reporting.md
# - shared/go-source-analysis.md
# - shared/safe-output-app.md
@@ -155,15 +156,15 @@ jobs:
run: |
bash ${RUNNER_TEMP}/gh-aw/actions/create_prompt_first.sh
{
- cat << 'GH_AW_PROMPT_5f72201103c23aa8_EOF'
+ cat << 'GH_AW_PROMPT_422ecd1c124e1767_EOF'
- GH_AW_PROMPT_5f72201103c23aa8_EOF
+ GH_AW_PROMPT_422ecd1c124e1767_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/xpia.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/temp_folder_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/markdown.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/repo_memory_prompt.md"
cat "${RUNNER_TEMP}/gh-aw/prompts/safe_outputs_prompt.md"
- cat << 'GH_AW_PROMPT_5f72201103c23aa8_EOF'
+ cat << 'GH_AW_PROMPT_422ecd1c124e1767_EOF'
Tools: create_issue, missing_tool, missing_data, noop
@@ -195,9 +196,9 @@ jobs:
{{/if}}
- GH_AW_PROMPT_5f72201103c23aa8_EOF
+ GH_AW_PROMPT_422ecd1c124e1767_EOF
cat "${RUNNER_TEMP}/gh-aw/prompts/github_mcp_tools_with_safeoutputs_prompt.md"
- cat << 'GH_AW_PROMPT_5f72201103c23aa8_EOF'
+ cat << 'GH_AW_PROMPT_422ecd1c124e1767_EOF'
## Serena Code Analysis
@@ -233,10 +234,11 @@ jobs:
{{#runtime-import .github/workflows/shared/activation-app.md}}
{{#runtime-import .github/workflows/shared/go-source-analysis.md}}
{{#runtime-import .github/workflows/shared/safe-output-app.md}}
+ {{#runtime-import .github/workflows/shared/observability-otlp.md}}
{{#runtime-import .github/workflows/shared/mcp/serena-go.md}}
{{#runtime-import .github/workflows/shared/reporting.md}}
{{#runtime-import .github/workflows/daily-testify-uber-super-expert.md}}
- GH_AW_PROMPT_5f72201103c23aa8_EOF
+ GH_AW_PROMPT_422ecd1c124e1767_EOF
} > "$GH_AW_PROMPT"
- name: Interpolate variables and render templates
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@@ -433,12 +435,12 @@ jobs:
mkdir -p ${RUNNER_TEMP}/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/safeoutputs
mkdir -p /tmp/gh-aw/mcp-logs/safeoutputs
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_54c00f1ba2b07ba0_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/config.json << 'GH_AW_SAFE_OUTPUTS_CONFIG_150765d2bcef6bee_EOF'
{"create_issue":{"expires":48,"labels":["testing","code-quality","automated-analysis","cookie"],"max":1,"title_prefix":"[testify-expert] "},"missing_data":{},"missing_tool":{},"noop":{"max":1,"report-as-issue":"true"},"push_repo_memory":{"memories":[{"dir":"/tmp/gh-aw/repo-memory/default","id":"default","max_file_count":100,"max_file_size":51200,"max_patch_size":10240}]}}
- GH_AW_SAFE_OUTPUTS_CONFIG_54c00f1ba2b07ba0_EOF
+ GH_AW_SAFE_OUTPUTS_CONFIG_150765d2bcef6bee_EOF
- name: Write Safe Outputs Tools
run: |
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_95a691e3da21ee80_EOF'
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/tools_meta.json << 'GH_AW_SAFE_OUTPUTS_TOOLS_META_3b97af79f384210e_EOF'
{
"description_suffixes": {
"create_issue": " CONSTRAINTS: Maximum 1 issue(s) can be created. Title will be prefixed with \"[testify-expert] \". Labels [\"testing\" \"code-quality\" \"automated-analysis\" \"cookie\"] will be automatically added."
@@ -446,8 +448,8 @@ jobs:
"repo_params": {},
"dynamic_tools": []
}
- GH_AW_SAFE_OUTPUTS_TOOLS_META_95a691e3da21ee80_EOF
- cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_8955c72aa35b82ac_EOF'
+ GH_AW_SAFE_OUTPUTS_TOOLS_META_3b97af79f384210e_EOF
+ cat > ${RUNNER_TEMP}/gh-aw/safeoutputs/validation.json << 'GH_AW_SAFE_OUTPUTS_VALIDATION_2e485228ab45495d_EOF'
{
"create_issue": {
"defaultMax": 1,
@@ -540,7 +542,7 @@ jobs:
}
}
}
- GH_AW_SAFE_OUTPUTS_VALIDATION_8955c72aa35b82ac_EOF
+ GH_AW_SAFE_OUTPUTS_VALIDATION_2e485228ab45495d_EOF
node ${RUNNER_TEMP}/gh-aw/actions/generate_safe_outputs_tools.cjs
- name: Generate Safe Outputs MCP Server Config
id: safe-outputs-config
@@ -610,7 +612,7 @@ jobs:
export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GH_AW_SAFE_OUTPUTS_PORT -e GH_AW_SAFE_OUTPUTS_API_KEY -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.2.12'
mkdir -p /home/runner/.copilot
- cat << GH_AW_MCP_CONFIG_1790eefffbdef56a_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
+ cat << GH_AW_MCP_CONFIG_4f73a5ab30d5ef56_EOF | bash ${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.sh
{
"mcpServers": {
"github": {
@@ -680,7 +682,7 @@ jobs:
"payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}"
}
}
- GH_AW_MCP_CONFIG_1790eefffbdef56a_EOF
+ GH_AW_MCP_CONFIG_4f73a5ab30d5ef56_EOF
- name: Download activation artifact
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with: