From 8e74afd50004a0da43d236fa6dfe16911f5fb7cb Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 24 Apr 2026 20:57:03 +0000 Subject: [PATCH 1/4] Initial plan From 3478737badce9d81a64f90da9b81d9851f02be0b Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 24 Apr 2026 21:12:58 +0000 Subject: [PATCH 2/4] Fix binary copy logic to be safe under bash -e (errexit) The `GH_AW_BIN=$(which gh-aw 2>/dev/null || find ...)` pattern fails under `bash -e` because `which` exits with 1 when the binary is not on PATH, potentially aborting the script before the `find` fallback runs. Also, `find ... | head -1` with `set -o pipefail` can fail due to broken pipe. Replace the single-line compound command with explicit sequential steps using `|| true` to prevent errexit from aborting on failure: GH_AW_BIN=\"\" GH_AW_BIN=$(which gh-aw 2>/dev/null) || true if [ -z \"$GH_AW_BIN\" ]; then GH_AW_BIN=$(find \"${HOME}/.local/share/gh/extensions/gh-aw\" ...) || true fi Changes: - pkg/workflow/mcp_setup_generator.go: Fix compiled lock file generation - .github/workflows/shared/mcp/gh-aw.md: Fix shared MCP component - pkg/workflow/testdata/.../smoke-copilot.golden: Update golden file - .github/workflows/*.lock.yml: Recompiled with updated logic Agent-Logs-Url: https://github.com/github/gh-aw/sessions/a3614c93-5459-43c4-b62e-144ddc1f9a2f Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .../agent-performance-analyzer.lock.yml | 6 +++++- .../workflows/agent-persona-explorer.lock.yml | 6 +++++- .../agentic-observability-kit.lock.yml | 6 +++++- .../agentic-optimization-kit.lock.yml | 2 +- .../workflows/api-consumption-report.lock.yml | 6 +++++- .github/workflows/audit-workflows.lock.yml | 6 +++++- .../workflows/aw-failure-investigator.lock.yml | 6 +++++- .github/workflows/cloclo.lock.yml | 6 +++++- .github/workflows/copilot-token-audit.lock.yml | 2 +- .../workflows/daily-cli-tools-tester.lock.yml | 6 +++++- .../workflows/daily-firewall-report.lock.yml | 6 +++++- .../daily-integrity-analysis.lock.yml | 6 +++++- .../daily-observability-report.lock.yml | 18 +++++++++++------- .../daily-rendering-scripts-verifier.lock.yml | 6 +++++- .../daily-safe-output-optimizer.lock.yml | 6 +++++- .github/workflows/deep-report.lock.yml | 6 +++++- .github/workflows/dev-hawk.lock.yml | 6 +++++- .../example-workflow-analyzer.lock.yml | 6 +++++- .github/workflows/mcp-inspector.lock.yml | 6 +++++- .github/workflows/metrics-collector.lock.yml | 6 +++++- .../prompt-clustering-analysis.lock.yml | 6 +++++- .github/workflows/python-data-charts.lock.yml | 6 +++++- .github/workflows/q.lock.yml | 6 +++++- .github/workflows/safe-output-health.lock.yml | 6 +++++- .github/workflows/security-review.lock.yml | 6 +++++- .github/workflows/shared/mcp/gh-aw.md | 6 +++++- .github/workflows/smoke-claude.lock.yml | 6 +++++- .github/workflows/smoke-copilot-arm.lock.yml | 6 +++++- .github/workflows/smoke-copilot.lock.yml | 6 +++++- .../workflows/static-analysis-report.lock.yml | 6 +++++- .../workflows/weekly-blog-post-writer.lock.yml | 6 +++++- .github/workflows/workflow-normalizer.lock.yml | 6 +++++- pkg/workflow/mcp_setup_generator.go | 6 +++++- .../smoke-copilot.golden | 6 +++++- 34 files changed, 168 insertions(+), 40 deletions(-) diff --git a/.github/workflows/agent-performance-analyzer.lock.yml b/.github/workflows/agent-performance-analyzer.lock.yml index a024c424507..ea29b66ed29 100644 --- a/.github/workflows/agent-performance-analyzer.lock.yml +++ b/.github/workflows/agent-performance-analyzer.lock.yml @@ -487,7 +487,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/agent-persona-explorer.lock.yml b/.github/workflows/agent-persona-explorer.lock.yml index fb13a89e9f9..88efad41ad2 100644 --- a/.github/workflows/agent-persona-explorer.lock.yml +++ b/.github/workflows/agent-persona-explorer.lock.yml @@ -491,7 +491,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/agentic-observability-kit.lock.yml b/.github/workflows/agentic-observability-kit.lock.yml index f693ff936e1..ad63a4bff54 100644 --- a/.github/workflows/agentic-observability-kit.lock.yml +++ b/.github/workflows/agentic-observability-kit.lock.yml @@ -524,7 +524,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/agentic-optimization-kit.lock.yml b/.github/workflows/agentic-optimization-kit.lock.yml index 01bcdb8d349..0b345aa4a63 100644 --- a/.github/workflows/agentic-optimization-kit.lock.yml +++ b/.github/workflows/agentic-optimization-kit.lock.yml @@ -473,7 +473,7 @@ jobs: - env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} name: Install gh-aw extension - run: "# Install gh-aw if not already available\nif ! gh aw --version >/dev/null 2>&1; then\n echo \"Installing gh-aw extension...\"\n curl -fsSL https://raw.githubusercontent.com/github/gh-aw/refs/heads/main/install-gh-aw.sh | bash\nfi\ngh aw --version\n# Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization\nmkdir -p \"${RUNNER_TEMP}/gh-aw\"\nGH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1)\nif [ -n \"$GH_AW_BIN\" ] && [ -f \"$GH_AW_BIN\" ]; then\n cp \"$GH_AW_BIN\" \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n chmod +x \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n echo \"Copied gh-aw binary to ${RUNNER_TEMP}/gh-aw/gh-aw\"\nelse\n echo \"::error::Failed to find gh-aw binary for MCP server\"\n exit 1\nfi\n" + run: "# Install gh-aw if not already available\nif ! gh aw --version >/dev/null 2>&1; then\n echo \"Installing gh-aw extension...\"\n curl -fsSL https://raw.githubusercontent.com/github/gh-aw/refs/heads/main/install-gh-aw.sh | bash\nfi\ngh aw --version\n# Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization\nmkdir -p \"${RUNNER_TEMP}/gh-aw\"\nGH_AW_BIN=\"\"\nGH_AW_BIN=$(which gh-aw 2>/dev/null) || true\nif [ -z \"$GH_AW_BIN\" ]; then\n GH_AW_BIN=$(find \"${HOME}/.local/share/gh/extensions/gh-aw\" -name 'gh-aw' -type f 2>/dev/null | head -1) || true\nfi\nif [ -n \"$GH_AW_BIN\" ] && [ -f \"$GH_AW_BIN\" ]; then\n cp \"$GH_AW_BIN\" \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n chmod +x \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n echo \"Copied gh-aw binary to ${RUNNER_TEMP}/gh-aw/gh-aw\"\nelse\n echo \"::error::Failed to find gh-aw binary for MCP server\"\n exit 1\nfi\n" - name: Setup Python environment run: "mkdir -p /tmp/gh-aw/python/{data,charts,artifacts}\n# Create a virtual environment for proper package isolation (avoids --break-system-packages)\nif [ ! -d /tmp/gh-aw/venv ]; then\n python3 -m venv /tmp/gh-aw/venv\nfi\necho \"/tmp/gh-aw/venv/bin\" >> \"$GITHUB_PATH\"\n/tmp/gh-aw/venv/bin/pip install --quiet numpy pandas matplotlib seaborn scipy\n" - if: always() diff --git a/.github/workflows/api-consumption-report.lock.yml b/.github/workflows/api-consumption-report.lock.yml index d4ca856c2da..51763b74fa1 100644 --- a/.github/workflows/api-consumption-report.lock.yml +++ b/.github/workflows/api-consumption-report.lock.yml @@ -533,7 +533,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml index c950da3acca..e9f0f97363a 100644 --- a/.github/workflows/audit-workflows.lock.yml +++ b/.github/workflows/audit-workflows.lock.yml @@ -554,7 +554,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/aw-failure-investigator.lock.yml b/.github/workflows/aw-failure-investigator.lock.yml index 855bc3aaacd..6140fb656b1 100644 --- a/.github/workflows/aw-failure-investigator.lock.yml +++ b/.github/workflows/aw-failure-investigator.lock.yml @@ -461,7 +461,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/cloclo.lock.yml b/.github/workflows/cloclo.lock.yml index a792cb05dda..1d226b29ba1 100644 --- a/.github/workflows/cloclo.lock.yml +++ b/.github/workflows/cloclo.lock.yml @@ -646,7 +646,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/copilot-token-audit.lock.yml b/.github/workflows/copilot-token-audit.lock.yml index 0d6870e8a19..b5312f7fd29 100644 --- a/.github/workflows/copilot-token-audit.lock.yml +++ b/.github/workflows/copilot-token-audit.lock.yml @@ -471,7 +471,7 @@ jobs: - env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} name: Install gh-aw extension - run: "# Install gh-aw if not already available\nif ! gh aw --version >/dev/null 2>&1; then\n echo \"Installing gh-aw extension...\"\n curl -fsSL https://raw.githubusercontent.com/github/gh-aw/refs/heads/main/install-gh-aw.sh | bash\nfi\ngh aw --version\n# Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization\nmkdir -p \"${RUNNER_TEMP}/gh-aw\"\nGH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1)\nif [ -n \"$GH_AW_BIN\" ] && [ -f \"$GH_AW_BIN\" ]; then\n cp \"$GH_AW_BIN\" \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n chmod +x \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n echo \"Copied gh-aw binary to ${RUNNER_TEMP}/gh-aw/gh-aw\"\nelse\n echo \"::error::Failed to find gh-aw binary for MCP server\"\n exit 1\nfi\n" + run: "# Install gh-aw if not already available\nif ! gh aw --version >/dev/null 2>&1; then\n echo \"Installing gh-aw extension...\"\n curl -fsSL https://raw.githubusercontent.com/github/gh-aw/refs/heads/main/install-gh-aw.sh | bash\nfi\ngh aw --version\n# Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization\nmkdir -p \"${RUNNER_TEMP}/gh-aw\"\nGH_AW_BIN=\"\"\nGH_AW_BIN=$(which gh-aw 2>/dev/null) || true\nif [ -z \"$GH_AW_BIN\" ]; then\n GH_AW_BIN=$(find \"${HOME}/.local/share/gh/extensions/gh-aw\" -name 'gh-aw' -type f 2>/dev/null | head -1) || true\nfi\nif [ -n \"$GH_AW_BIN\" ] && [ -f \"$GH_AW_BIN\" ]; then\n cp \"$GH_AW_BIN\" \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n chmod +x \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n echo \"Copied gh-aw binary to ${RUNNER_TEMP}/gh-aw/gh-aw\"\nelse\n echo \"::error::Failed to find gh-aw binary for MCP server\"\n exit 1\nfi\n" - name: Setup Python environment run: "# Create working directory for Python scripts\nmkdir -p /tmp/gh-aw/python\nmkdir -p /tmp/gh-aw/python/data\nmkdir -p /tmp/gh-aw/python/charts\nmkdir -p /tmp/gh-aw/python/artifacts\n\necho \"Python environment setup complete\"\necho \"Working directory: /tmp/gh-aw/python\"\necho \"Data directory: /tmp/gh-aw/python/data\"\necho \"Charts directory: /tmp/gh-aw/python/charts\"\necho \"Artifacts directory: /tmp/gh-aw/python/artifacts\"\n" - name: Install Python scientific libraries diff --git a/.github/workflows/daily-cli-tools-tester.lock.yml b/.github/workflows/daily-cli-tools-tester.lock.yml index 810479d645d..d9a5805070d 100644 --- a/.github/workflows/daily-cli-tools-tester.lock.yml +++ b/.github/workflows/daily-cli-tools-tester.lock.yml @@ -478,7 +478,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml index 3af7436264d..a3dfeb95754 100644 --- a/.github/workflows/daily-firewall-report.lock.yml +++ b/.github/workflows/daily-firewall-report.lock.yml @@ -527,7 +527,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/daily-integrity-analysis.lock.yml b/.github/workflows/daily-integrity-analysis.lock.yml index 660995b1a39..ef6dcaf532f 100644 --- a/.github/workflows/daily-integrity-analysis.lock.yml +++ b/.github/workflows/daily-integrity-analysis.lock.yml @@ -541,7 +541,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/daily-observability-report.lock.yml b/.github/workflows/daily-observability-report.lock.yml index 82cd6e59d9a..e77e67e1146 100644 --- a/.github/workflows/daily-observability-report.lock.yml +++ b/.github/workflows/daily-observability-report.lock.yml @@ -487,7 +487,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" @@ -1308,18 +1312,18 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' /var/run/docker.sock 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.0' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_9bd0d52ff679d846_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_576b1cba4021902f_EOF [history] persistence = "none" [shell_environment_policy] inherit = "core" include_only = ["CODEX_API_KEY", "HOME", "OPENAI_API_KEY", "PATH"] - GH_AW_MCP_CONFIG_9bd0d52ff679d846_EOF + GH_AW_MCP_CONFIG_576b1cba4021902f_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_3578644eac14a340_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_d6c38b18bbbbdf1d_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { }, @@ -1330,11 +1334,11 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_3578644eac14a340_EOF + GH_AW_MCP_CONFIG_d6c38b18bbbbdf1d_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_25817292dc40bafb_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_c13feec9e4c72676_EOF model_provider = "openai-proxy" [model_providers.openai-proxy] name = "OpenAI AWF proxy" @@ -1344,7 +1348,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["CODEX_API_KEY", "HOME", "OPENAI_API_KEY", "PATH"] - GH_AW_CODEX_SHELL_POLICY_25817292dc40bafb_EOF + GH_AW_CODEX_SHELL_POLICY_c13feec9e4c72676_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } diff --git a/.github/workflows/daily-rendering-scripts-verifier.lock.yml b/.github/workflows/daily-rendering-scripts-verifier.lock.yml index 0d0f87fe6e4..d61c018fc88 100644 --- a/.github/workflows/daily-rendering-scripts-verifier.lock.yml +++ b/.github/workflows/daily-rendering-scripts-verifier.lock.yml @@ -515,7 +515,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml index 20fb8f0d5ec..a41b7709c65 100644 --- a/.github/workflows/daily-safe-output-optimizer.lock.yml +++ b/.github/workflows/daily-safe-output-optimizer.lock.yml @@ -521,7 +521,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml index a66a01ea41a..0896d0f961c 100644 --- a/.github/workflows/deep-report.lock.yml +++ b/.github/workflows/deep-report.lock.yml @@ -539,7 +539,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index 182a7a4b17c..5fa7d670408 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -488,7 +488,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml index f73b77f3609..0dc622c9445 100644 --- a/.github/workflows/example-workflow-analyzer.lock.yml +++ b/.github/workflows/example-workflow-analyzer.lock.yml @@ -477,7 +477,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index 18e5c8d337d..84b70fd17bc 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -600,7 +600,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/metrics-collector.lock.yml b/.github/workflows/metrics-collector.lock.yml index e485ebb7f0c..995b8da1cf5 100644 --- a/.github/workflows/metrics-collector.lock.yml +++ b/.github/workflows/metrics-collector.lock.yml @@ -462,7 +462,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml index 57b1242bd1b..82cfb63fa4e 100644 --- a/.github/workflows/prompt-clustering-analysis.lock.yml +++ b/.github/workflows/prompt-clustering-analysis.lock.yml @@ -562,7 +562,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index c6e4a762341..9837de1fb90 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -510,7 +510,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index 930015d6fe6..35aa5ea1fed 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -612,7 +612,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml index 65679f2bd93..e569ae7c9d4 100644 --- a/.github/workflows/safe-output-health.lock.yml +++ b/.github/workflows/safe-output-health.lock.yml @@ -508,7 +508,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/security-review.lock.yml b/.github/workflows/security-review.lock.yml index 3d3fbc3f3d7..511cbeae675 100644 --- a/.github/workflows/security-review.lock.yml +++ b/.github/workflows/security-review.lock.yml @@ -544,7 +544,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/shared/mcp/gh-aw.md b/.github/workflows/shared/mcp/gh-aw.md index d3eefbce857..39ffafb6ba6 100644 --- a/.github/workflows/shared/mcp/gh-aw.md +++ b/.github/workflows/shared/mcp/gh-aw.md @@ -24,7 +24,11 @@ steps: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml index c008cc2deef..3b3ae762b00 100644 --- a/.github/workflows/smoke-claude.lock.yml +++ b/.github/workflows/smoke-claude.lock.yml @@ -972,7 +972,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/smoke-copilot-arm.lock.yml b/.github/workflows/smoke-copilot-arm.lock.yml index 2eda17a4329..5ad72d1babe 100644 --- a/.github/workflows/smoke-copilot-arm.lock.yml +++ b/.github/workflows/smoke-copilot-arm.lock.yml @@ -609,7 +609,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml index 0efc130877e..dbbcc1a36c4 100644 --- a/.github/workflows/smoke-copilot.lock.yml +++ b/.github/workflows/smoke-copilot.lock.yml @@ -612,7 +612,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml index 73f69cf4199..a116b29c8b8 100644 --- a/.github/workflows/static-analysis-report.lock.yml +++ b/.github/workflows/static-analysis-report.lock.yml @@ -504,7 +504,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/weekly-blog-post-writer.lock.yml b/.github/workflows/weekly-blog-post-writer.lock.yml index fe7c8df3b98..c312c257227 100644 --- a/.github/workflows/weekly-blog-post-writer.lock.yml +++ b/.github/workflows/weekly-blog-post-writer.lock.yml @@ -486,7 +486,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/.github/workflows/workflow-normalizer.lock.yml b/.github/workflows/workflow-normalizer.lock.yml index 905883a2732..ef293af497f 100644 --- a/.github/workflows/workflow-normalizer.lock.yml +++ b/.github/workflows/workflow-normalizer.lock.yml @@ -459,7 +459,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" diff --git a/pkg/workflow/mcp_setup_generator.go b/pkg/workflow/mcp_setup_generator.go index c7d350a31fb..47c9b1abf02 100644 --- a/pkg/workflow/mcp_setup_generator.go +++ b/pkg/workflow/mcp_setup_generator.go @@ -202,7 +202,11 @@ func generateAgenticWorkflowsInstallStep(yaml *strings.Builder, hasAgenticWorkfl yaml.WriteString(" gh aw --version\n") yaml.WriteString(" # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization\n") yaml.WriteString(" mkdir -p \"${RUNNER_TEMP}/gh-aw\"\n") - yaml.WriteString(" GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1)\n") + yaml.WriteString(" GH_AW_BIN=\"\"\n") + yaml.WriteString(" GH_AW_BIN=$(which gh-aw 2>/dev/null) || true\n") + yaml.WriteString(" if [ -z \"$GH_AW_BIN\" ]; then\n") + yaml.WriteString(" GH_AW_BIN=$(find \"${HOME}/.local/share/gh/extensions/gh-aw\" -name 'gh-aw' -type f 2>/dev/null | head -1) || true\n") + yaml.WriteString(" fi\n") yaml.WriteString(" if [ -n \"$GH_AW_BIN\" ] && [ -f \"$GH_AW_BIN\" ]; then\n") yaml.WriteString(" cp \"$GH_AW_BIN\" \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n") yaml.WriteString(" chmod +x \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n") diff --git a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden index 1235063f790..9062baa070d 100644 --- a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden +++ b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden @@ -435,7 +435,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p ${RUNNER_TEMP}/gh-aw - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" ${RUNNER_TEMP}/gh-aw/gh-aw chmod +x ${RUNNER_TEMP}/gh-aw/gh-aw From a1cffe3ffffa5f57222c4e13b6f38d4315bc4dda Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 24 Apr 2026 21:45:48 +0000 Subject: [PATCH 3/4] Use command -v instead of which for gh-aw binary detection which is not guaranteed to be available in all environments; command -v is a POSIX built-in that works even in minimal containers. Also merge main and recompile all lock files. Agent-Logs-Url: https://github.com/github/gh-aw/sessions/7359daa4-8762-402c-90de-1185310c3f6b Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .../agent-performance-analyzer.lock.yml | 2 +- .../workflows/agent-persona-explorer.lock.yml | 2 +- .../agentic-observability-kit.lock.yml | 2 +- .../agentic-optimization-kit.lock.yml | 2 +- .../workflows/api-consumption-report.lock.yml | 2 +- .github/workflows/audit-workflows.lock.yml | 2 +- .../workflows/aw-failure-investigator.lock.yml | 2 +- .github/workflows/cloclo.lock.yml | 2 +- .github/workflows/copilot-token-audit.lock.yml | 2 +- .../workflows/daily-cli-tools-tester.lock.yml | 2 +- .../workflows/daily-firewall-report.lock.yml | 2 +- .../daily-integrity-analysis.lock.yml | 2 +- .../daily-observability-report.lock.yml | 18 +++++++++++------- .../daily-rendering-scripts-verifier.lock.yml | 2 +- .../daily-safe-output-optimizer.lock.yml | 2 +- .github/workflows/deep-report.lock.yml | 2 +- .github/workflows/dev-hawk.lock.yml | 2 +- .../example-workflow-analyzer.lock.yml | 2 +- .github/workflows/mcp-inspector.lock.yml | 2 +- .github/workflows/metrics-collector.lock.yml | 2 +- .../prompt-clustering-analysis.lock.yml | 2 +- .github/workflows/python-data-charts.lock.yml | 2 +- .github/workflows/q.lock.yml | 2 +- .github/workflows/safe-output-health.lock.yml | 2 +- .github/workflows/security-review.lock.yml | 2 +- .github/workflows/shared/mcp/gh-aw.md | 2 +- .github/workflows/smoke-claude.lock.yml | 2 +- .github/workflows/smoke-copilot-arm.lock.yml | 2 +- .github/workflows/smoke-copilot.lock.yml | 2 +- .../workflows/static-analysis-report.lock.yml | 2 +- .../workflows/weekly-blog-post-writer.lock.yml | 2 +- .github/workflows/workflow-normalizer.lock.yml | 2 +- pkg/workflow/mcp_setup_generator.go | 2 +- .../smoke-copilot.golden | 2 +- 34 files changed, 44 insertions(+), 40 deletions(-) diff --git a/.github/workflows/agent-performance-analyzer.lock.yml b/.github/workflows/agent-performance-analyzer.lock.yml index 26e6db0a971..25c05a14ffd 100644 --- a/.github/workflows/agent-performance-analyzer.lock.yml +++ b/.github/workflows/agent-performance-analyzer.lock.yml @@ -489,7 +489,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/agent-persona-explorer.lock.yml b/.github/workflows/agent-persona-explorer.lock.yml index aadc402794f..31adbf78859 100644 --- a/.github/workflows/agent-persona-explorer.lock.yml +++ b/.github/workflows/agent-persona-explorer.lock.yml @@ -493,7 +493,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/agentic-observability-kit.lock.yml b/.github/workflows/agentic-observability-kit.lock.yml index 9aac921bdb2..85bbc85294a 100644 --- a/.github/workflows/agentic-observability-kit.lock.yml +++ b/.github/workflows/agentic-observability-kit.lock.yml @@ -526,7 +526,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/agentic-optimization-kit.lock.yml b/.github/workflows/agentic-optimization-kit.lock.yml index 3008b0b3407..234b32048f0 100644 --- a/.github/workflows/agentic-optimization-kit.lock.yml +++ b/.github/workflows/agentic-optimization-kit.lock.yml @@ -474,7 +474,7 @@ jobs: - env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} name: Install gh-aw extension - run: "# Install gh-aw if not already available\nif ! gh aw --version >/dev/null 2>&1; then\n echo \"Installing gh-aw extension...\"\n curl -fsSL https://raw.githubusercontent.com/github/gh-aw/refs/heads/main/install-gh-aw.sh | bash\nfi\ngh aw --version\n# Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization\nmkdir -p \"${RUNNER_TEMP}/gh-aw\"\nGH_AW_BIN=\"\"\nGH_AW_BIN=$(which gh-aw 2>/dev/null) || true\nif [ -z \"$GH_AW_BIN\" ]; then\n GH_AW_BIN=$(find \"${HOME}/.local/share/gh/extensions/gh-aw\" -name 'gh-aw' -type f 2>/dev/null | head -1) || true\nfi\nif [ -n \"$GH_AW_BIN\" ] && [ -f \"$GH_AW_BIN\" ]; then\n cp \"$GH_AW_BIN\" \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n chmod +x \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n echo \"Copied gh-aw binary to ${RUNNER_TEMP}/gh-aw/gh-aw\"\nelse\n echo \"::error::Failed to find gh-aw binary for MCP server\"\n exit 1\nfi\n" + run: "# Install gh-aw if not already available\nif ! gh aw --version >/dev/null 2>&1; then\n echo \"Installing gh-aw extension...\"\n curl -fsSL https://raw.githubusercontent.com/github/gh-aw/refs/heads/main/install-gh-aw.sh | bash\nfi\ngh aw --version\n# Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization\nmkdir -p \"${RUNNER_TEMP}/gh-aw\"\nGH_AW_BIN=\"\"\nGH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true\nif [ -z \"$GH_AW_BIN\" ]; then\n GH_AW_BIN=$(find \"${HOME}/.local/share/gh/extensions/gh-aw\" -name 'gh-aw' -type f 2>/dev/null | head -1) || true\nfi\nif [ -n \"$GH_AW_BIN\" ] && [ -f \"$GH_AW_BIN\" ]; then\n cp \"$GH_AW_BIN\" \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n chmod +x \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n echo \"Copied gh-aw binary to ${RUNNER_TEMP}/gh-aw/gh-aw\"\nelse\n echo \"::error::Failed to find gh-aw binary for MCP server\"\n exit 1\nfi\n" - name: Setup Python environment run: "mkdir -p /tmp/gh-aw/python/{data,charts,artifacts}\n# Create a virtual environment for proper package isolation (avoids --break-system-packages)\nif [ ! -d /tmp/gh-aw/venv ]; then\n python3 -m venv /tmp/gh-aw/venv\nfi\necho \"/tmp/gh-aw/venv/bin\" >> \"$GITHUB_PATH\"\n/tmp/gh-aw/venv/bin/pip install --quiet numpy pandas matplotlib seaborn scipy\n" - if: always() diff --git a/.github/workflows/api-consumption-report.lock.yml b/.github/workflows/api-consumption-report.lock.yml index e238394c917..b5293771e5d 100644 --- a/.github/workflows/api-consumption-report.lock.yml +++ b/.github/workflows/api-consumption-report.lock.yml @@ -535,7 +535,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml index 11b4fa78629..0a489536408 100644 --- a/.github/workflows/audit-workflows.lock.yml +++ b/.github/workflows/audit-workflows.lock.yml @@ -556,7 +556,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/aw-failure-investigator.lock.yml b/.github/workflows/aw-failure-investigator.lock.yml index 5f2c8d4ede3..f81bc90066c 100644 --- a/.github/workflows/aw-failure-investigator.lock.yml +++ b/.github/workflows/aw-failure-investigator.lock.yml @@ -463,7 +463,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/cloclo.lock.yml b/.github/workflows/cloclo.lock.yml index d9c9d0435e7..93d68184ceb 100644 --- a/.github/workflows/cloclo.lock.yml +++ b/.github/workflows/cloclo.lock.yml @@ -648,7 +648,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/copilot-token-audit.lock.yml b/.github/workflows/copilot-token-audit.lock.yml index 2342654aee1..7036768bf91 100644 --- a/.github/workflows/copilot-token-audit.lock.yml +++ b/.github/workflows/copilot-token-audit.lock.yml @@ -472,7 +472,7 @@ jobs: - env: GH_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} name: Install gh-aw extension - run: "# Install gh-aw if not already available\nif ! gh aw --version >/dev/null 2>&1; then\n echo \"Installing gh-aw extension...\"\n curl -fsSL https://raw.githubusercontent.com/github/gh-aw/refs/heads/main/install-gh-aw.sh | bash\nfi\ngh aw --version\n# Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization\nmkdir -p \"${RUNNER_TEMP}/gh-aw\"\nGH_AW_BIN=\"\"\nGH_AW_BIN=$(which gh-aw 2>/dev/null) || true\nif [ -z \"$GH_AW_BIN\" ]; then\n GH_AW_BIN=$(find \"${HOME}/.local/share/gh/extensions/gh-aw\" -name 'gh-aw' -type f 2>/dev/null | head -1) || true\nfi\nif [ -n \"$GH_AW_BIN\" ] && [ -f \"$GH_AW_BIN\" ]; then\n cp \"$GH_AW_BIN\" \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n chmod +x \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n echo \"Copied gh-aw binary to ${RUNNER_TEMP}/gh-aw/gh-aw\"\nelse\n echo \"::error::Failed to find gh-aw binary for MCP server\"\n exit 1\nfi\n" + run: "# Install gh-aw if not already available\nif ! gh aw --version >/dev/null 2>&1; then\n echo \"Installing gh-aw extension...\"\n curl -fsSL https://raw.githubusercontent.com/github/gh-aw/refs/heads/main/install-gh-aw.sh | bash\nfi\ngh aw --version\n# Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization\nmkdir -p \"${RUNNER_TEMP}/gh-aw\"\nGH_AW_BIN=\"\"\nGH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true\nif [ -z \"$GH_AW_BIN\" ]; then\n GH_AW_BIN=$(find \"${HOME}/.local/share/gh/extensions/gh-aw\" -name 'gh-aw' -type f 2>/dev/null | head -1) || true\nfi\nif [ -n \"$GH_AW_BIN\" ] && [ -f \"$GH_AW_BIN\" ]; then\n cp \"$GH_AW_BIN\" \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n chmod +x \"${RUNNER_TEMP}/gh-aw/gh-aw\"\n echo \"Copied gh-aw binary to ${RUNNER_TEMP}/gh-aw/gh-aw\"\nelse\n echo \"::error::Failed to find gh-aw binary for MCP server\"\n exit 1\nfi\n" - name: Setup Python environment run: "# Create working directory for Python scripts\nmkdir -p /tmp/gh-aw/python\nmkdir -p /tmp/gh-aw/python/data\nmkdir -p /tmp/gh-aw/python/charts\nmkdir -p /tmp/gh-aw/python/artifacts\n\necho \"Python environment setup complete\"\necho \"Working directory: /tmp/gh-aw/python\"\necho \"Data directory: /tmp/gh-aw/python/data\"\necho \"Charts directory: /tmp/gh-aw/python/charts\"\necho \"Artifacts directory: /tmp/gh-aw/python/artifacts\"\n" - name: Install Python scientific libraries diff --git a/.github/workflows/daily-cli-tools-tester.lock.yml b/.github/workflows/daily-cli-tools-tester.lock.yml index 4ac394df329..4154d8a7288 100644 --- a/.github/workflows/daily-cli-tools-tester.lock.yml +++ b/.github/workflows/daily-cli-tools-tester.lock.yml @@ -480,7 +480,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml index d07ac1f04a2..30f0a04ec2d 100644 --- a/.github/workflows/daily-firewall-report.lock.yml +++ b/.github/workflows/daily-firewall-report.lock.yml @@ -529,7 +529,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/daily-integrity-analysis.lock.yml b/.github/workflows/daily-integrity-analysis.lock.yml index 7c7ee21a45b..00d62237278 100644 --- a/.github/workflows/daily-integrity-analysis.lock.yml +++ b/.github/workflows/daily-integrity-analysis.lock.yml @@ -543,7 +543,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/daily-observability-report.lock.yml b/.github/workflows/daily-observability-report.lock.yml index 053a667f532..470455a0317 100644 --- a/.github/workflows/daily-observability-report.lock.yml +++ b/.github/workflows/daily-observability-report.lock.yml @@ -488,7 +488,11 @@ jobs: gh aw --version # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" - GH_AW_BIN=$(which gh-aw 2>/dev/null || find ~/.local/share/gh/extensions/gh-aw -name 'gh-aw' -type f 2>/dev/null | head -1) + GH_AW_BIN="" + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true + if [ -z "$GH_AW_BIN" ]; then + GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true + fi if [ -n "$GH_AW_BIN" ] && [ -f "$GH_AW_BIN" ]; then cp "$GH_AW_BIN" "${RUNNER_TEMP}/gh-aw/gh-aw" chmod +x "${RUNNER_TEMP}/gh-aw/gh-aw" @@ -1309,18 +1313,18 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' /var/run/docker.sock 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v /var/run/docker.sock:/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.0' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_7c30bc9f53ccd42f_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_3c598095e22dad2c_EOF [history] persistence = "none" [shell_environment_policy] inherit = "core" include_only = ["CODEX_API_KEY", "HOME", "OPENAI_API_KEY", "PATH"] - GH_AW_MCP_CONFIG_7c30bc9f53ccd42f_EOF + GH_AW_MCP_CONFIG_3c598095e22dad2c_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_e7a0814a85020495_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_cdd8152942b1db40_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { }, @@ -1331,11 +1335,11 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_e7a0814a85020495_EOF + GH_AW_MCP_CONFIG_cdd8152942b1db40_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_f01deed294199434_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_642d534dcaee7f48_EOF model_provider = "openai-proxy" [model_providers.openai-proxy] name = "OpenAI AWF proxy" @@ -1345,7 +1349,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["CODEX_API_KEY", "HOME", "OPENAI_API_KEY", "PATH"] - GH_AW_CODEX_SHELL_POLICY_f01deed294199434_EOF + GH_AW_CODEX_SHELL_POLICY_642d534dcaee7f48_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } diff --git a/.github/workflows/daily-rendering-scripts-verifier.lock.yml b/.github/workflows/daily-rendering-scripts-verifier.lock.yml index 03eb7384c11..b88ba8a4437 100644 --- a/.github/workflows/daily-rendering-scripts-verifier.lock.yml +++ b/.github/workflows/daily-rendering-scripts-verifier.lock.yml @@ -517,7 +517,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml index 8613336fedd..68743846c16 100644 --- a/.github/workflows/daily-safe-output-optimizer.lock.yml +++ b/.github/workflows/daily-safe-output-optimizer.lock.yml @@ -523,7 +523,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml index 0cb6ce8799f..5f5740d9adc 100644 --- a/.github/workflows/deep-report.lock.yml +++ b/.github/workflows/deep-report.lock.yml @@ -541,7 +541,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index 2721ec183c4..052e66670b6 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -490,7 +490,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml index 916db8aac0b..b3527d956aa 100644 --- a/.github/workflows/example-workflow-analyzer.lock.yml +++ b/.github/workflows/example-workflow-analyzer.lock.yml @@ -479,7 +479,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index 854b413ebbf..4b18776875d 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -602,7 +602,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/metrics-collector.lock.yml b/.github/workflows/metrics-collector.lock.yml index 6c3fa5ee2bf..4ab0fb00a2b 100644 --- a/.github/workflows/metrics-collector.lock.yml +++ b/.github/workflows/metrics-collector.lock.yml @@ -464,7 +464,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml index 80b63249a18..aeabae3b00e 100644 --- a/.github/workflows/prompt-clustering-analysis.lock.yml +++ b/.github/workflows/prompt-clustering-analysis.lock.yml @@ -564,7 +564,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index 04db0322554..5be1c5616e5 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -512,7 +512,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index d048c923bf6..01eb6d8b21c 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -614,7 +614,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml index 04d22d86feb..2d4c9036016 100644 --- a/.github/workflows/safe-output-health.lock.yml +++ b/.github/workflows/safe-output-health.lock.yml @@ -510,7 +510,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/security-review.lock.yml b/.github/workflows/security-review.lock.yml index 658b4c30f10..a9836634fb9 100644 --- a/.github/workflows/security-review.lock.yml +++ b/.github/workflows/security-review.lock.yml @@ -546,7 +546,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/shared/mcp/gh-aw.md b/.github/workflows/shared/mcp/gh-aw.md index 39ffafb6ba6..995d496e4b0 100644 --- a/.github/workflows/shared/mcp/gh-aw.md +++ b/.github/workflows/shared/mcp/gh-aw.md @@ -25,7 +25,7 @@ steps: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml index 5eb1134aee8..90157054a3a 100644 --- a/.github/workflows/smoke-claude.lock.yml +++ b/.github/workflows/smoke-claude.lock.yml @@ -987,7 +987,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/smoke-copilot-arm.lock.yml b/.github/workflows/smoke-copilot-arm.lock.yml index df1d8a7005a..00398bd5891 100644 --- a/.github/workflows/smoke-copilot-arm.lock.yml +++ b/.github/workflows/smoke-copilot-arm.lock.yml @@ -611,7 +611,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml index 4e36cc91bed..23ea7d8ba9b 100644 --- a/.github/workflows/smoke-copilot.lock.yml +++ b/.github/workflows/smoke-copilot.lock.yml @@ -614,7 +614,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml index c344fceda72..68db82ec516 100644 --- a/.github/workflows/static-analysis-report.lock.yml +++ b/.github/workflows/static-analysis-report.lock.yml @@ -506,7 +506,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/weekly-blog-post-writer.lock.yml b/.github/workflows/weekly-blog-post-writer.lock.yml index c60ebd31198..94a023b5d87 100644 --- a/.github/workflows/weekly-blog-post-writer.lock.yml +++ b/.github/workflows/weekly-blog-post-writer.lock.yml @@ -488,7 +488,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/.github/workflows/workflow-normalizer.lock.yml b/.github/workflows/workflow-normalizer.lock.yml index 6d4750a967d..8aa2e84c6eb 100644 --- a/.github/workflows/workflow-normalizer.lock.yml +++ b/.github/workflows/workflow-normalizer.lock.yml @@ -461,7 +461,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p "${RUNNER_TEMP}/gh-aw" GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi diff --git a/pkg/workflow/mcp_setup_generator.go b/pkg/workflow/mcp_setup_generator.go index 47c9b1abf02..e4d2ab8e7c8 100644 --- a/pkg/workflow/mcp_setup_generator.go +++ b/pkg/workflow/mcp_setup_generator.go @@ -203,7 +203,7 @@ func generateAgenticWorkflowsInstallStep(yaml *strings.Builder, hasAgenticWorkfl yaml.WriteString(" # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization\n") yaml.WriteString(" mkdir -p \"${RUNNER_TEMP}/gh-aw\"\n") yaml.WriteString(" GH_AW_BIN=\"\"\n") - yaml.WriteString(" GH_AW_BIN=$(which gh-aw 2>/dev/null) || true\n") + yaml.WriteString(" GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true\n") yaml.WriteString(" if [ -z \"$GH_AW_BIN\" ]; then\n") yaml.WriteString(" GH_AW_BIN=$(find \"${HOME}/.local/share/gh/extensions/gh-aw\" -name 'gh-aw' -type f 2>/dev/null | head -1) || true\n") yaml.WriteString(" fi\n") diff --git a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden index b08f7c8b4f5..086421a7841 100644 --- a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden +++ b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden @@ -437,7 +437,7 @@ jobs: # Copy the gh-aw binary to ${RUNNER_TEMP}/gh-aw for MCP server containerization mkdir -p ${RUNNER_TEMP}/gh-aw GH_AW_BIN="" - GH_AW_BIN=$(which gh-aw 2>/dev/null) || true + GH_AW_BIN=$(command -v gh-aw 2>/dev/null) || true if [ -z "$GH_AW_BIN" ]; then GH_AW_BIN=$(find "${HOME}/.local/share/gh/extensions/gh-aw" -name 'gh-aw' -type f 2>/dev/null | head -1) || true fi From 7cb2584e4f20e61a79d002b1b2d7db0e84d12b01 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 24 Apr 2026 22:14:48 +0000 Subject: [PATCH 4/4] Add changeset --- .changeset/patch-fix-gh-aw-binary-detection.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .changeset/patch-fix-gh-aw-binary-detection.md diff --git a/.changeset/patch-fix-gh-aw-binary-detection.md b/.changeset/patch-fix-gh-aw-binary-detection.md new file mode 100644 index 00000000000..eba879119d8 --- /dev/null +++ b/.changeset/patch-fix-gh-aw-binary-detection.md @@ -0,0 +1,5 @@ +--- +"gh-aw": patch +--- + +Fix `gh-aw` binary detection in generated MCP setup steps so workflow runs do not fail under `bash -e` and `set -o pipefail` when the extension binary is installed outside `$PATH`.