Fix GH_AW_WORKFLOW_ID propagation to safe_outputs job for create_pull_request #260

Workflow file for this run

.github/workflows/smoke-isolated-srt.yml at f272281

	name: "Smoke Isolated SRT"

	on:
	pull_request:
	types:
	- labeled
	workflow_dispatch: null

	permissions:
	contents: read
	issues: read

	jobs:
	test-srt-env:
	if: >
	(github.event_name != 'pull_request') \|\|
	((github.event.action != 'labeled') \|\| (github.event.label.name == 'test-srt'))
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4

	- name: Setup Node.js
	uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
	with:
	node-version: '20'

	- name: Install Sandbox Runtime System Dependencies
	run: \|
	sudo apt-get update
	sudo apt-get install -y ripgrep bubblewrap socat

	- name: Configure System
	run: \|
	sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0

	- name: Install Dependencies
	run: \|
	npm install @anthropic-ai/sandbox-runtime
	npm install @github/[email protected]

	- name: Setup MCP for GitHub
	run: \|
	mkdir -p /home/runner/.copilot
	cat > /home/runner/.copilot/mcp-config.json << 'EOF'
	{
	"mcpServers": {
	"github": {
	"type": "local",
	"command": "docker",
	"args": [
	"run",
	"-i",
	"--rm",
	"-e",
	"GITHUB_PERSONAL_ACCESS_TOKEN",
	"-e",
	"GITHUB_READ_ONLY=1",
	"-e",
	"GITHUB_TOOLSETS=default",
	"ghcr.io/github/github-mcp-server:v0.20.2"
	],
	"tools": ["*"],
	"env": {
	"GITHUB_PERSONAL_ACCESS_TOKEN": "${GITHUB_MCP_SERVER_TOKEN}"
	}
	}
	}
	}
	EOF
	echo "-------START MCP CONFIG-----------"
	cat /home/runner/.copilot/mcp-config.json
	echo "-------END MCP CONFIG-----------"

	- name: Test Copilot with SRT
	env:
	COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN \|\| secrets.COPILOT_CLI_TOKEN }}
	COPILOT_AGENT_RUNNER_TYPE: STANDALONE
	XDG_CONFIG_HOME: /home/runner
	GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_TOKEN \|\| secrets.GITHUB_TOKEN }}
	run: \|
	set -e

	# Pre-create required directories
	mkdir -p /home/runner/.copilot
	mkdir -p /tmp/claude

	# Create SRT config
	cat > .srt-settings.json << 'EOF'
	{
	"network": {
	"allowedDomains": [
	"*.githubusercontent.com",
	"*.github.com",
	"*.githubcopilot.com",
	"api.enterprise.githubcopilot.com",
	"api.github.com",
	"api.snapcraft.io",
	"archive.ubuntu.com",
	"azure.archive.ubuntu.com",
	"codeload.github.com",
	"crl.geotrust.com",
	"crl.globalsign.com",
	"crl.identrust.com",
	"crl.sectigo.com",
	"crl.thawte.com",
	"crl.usertrust.com",
	"crl.verisign.com",
	"crl3.digicert.com",
	"crl4.digicert.com",
	"crls.ssl.com",
	"github-cloud.githubusercontent.com",
	"github-cloud.s3.amazonaws.com",
	"github.com",
	"json-schema.org",
	"json.schemastore.org",
	"keyserver.ubuntu.com",
	"lfs.github.com",
	"objects.githubusercontent.com",
	"ocsp.digicert.com",
	"ocsp.geotrust.com",
	"ocsp.globalsign.com",
	"ocsp.identrust.com",
	"ocsp.sectigo.com",
	"ocsp.ssl.com",
	"ocsp.thawte.com",
	"ocsp.usertrust.com",
	"ocsp.verisign.com",
	"packagecloud.io",
	"packages.cloud.google.com",
	"packages.microsoft.com",
	"ppa.launchpad.net",
	"raw.githubusercontent.com",
	"registry.npmjs.org",
	"registry.npmjs.com",
	"registry.bower.io",
	"registry.yarnpkg.com",
	"repo.yarnpkg.com",
	"api.npms.io",
	"bun.sh",
	"deb.nodesource.com",
	"deno.land",
	"get.pnpm.io",
	"nodejs.org",
	"npm.pkg.github.com",
	"npmjs.com",
	"npmjs.org",
	"www.npmjs.com",
	"www.npmjs.org",
	"yarnpkg.com",
	"skimdb.npmjs.com",
	"s.symcb.com",
	"s.symcd.com",
	"security.ubuntu.com",
	"ts-crl.ws.symantec.com",
	"ts-ocsp.ws.symantec.com",
	"example.com"
	],
	"deniedDomains": [],
	"allowUnixSockets": [
	"/var/run/docker.sock"
	],
	"allowLocalBinding": true,
	"allowAllUnixSockets": true
	},
	"filesystem": {
	"denyRead": [],
	"allowWrite": [
	".",
	"/tmp",
	"/home/runner/.copilot",
	"/home/runner"
	],
	"denyWrite": []
	},
	"enableWeakerNestedSandbox": true
	}
	EOF

	# Create SRT wrapper
	cat > .srt-wrapper.js << 'EOF'
	const { SandboxManager } = require('@anthropic-ai/sandbox-runtime');
	const { spawn } = require('child_process');
	const { readFileSync } = require('fs');

	async function main() {
	try {
	const config = JSON.parse(readFileSync('.srt-settings.json', 'utf-8'));
	await SandboxManager.initialize(config);

	const envVars = ['COPILOT_GITHUB_TOKEN', 'COPILOT_AGENT_RUNNER_TYPE', 'XDG_CONFIG_HOME', 'GITHUB_MCP_SERVER_TOKEN'];
	const envPrefix = envVars
	.filter(k => process.env[k])
	.map(k => `export ${k}='${process.env[k].replace(/'/g, "'\\''")}'`)
	.join('; ') + '; ';

	const command = envPrefix + 'node ./node_modules/.bin/copilot -p "Use the GitHub MCP server to get the latest issue from the repository githubnext/gh-aw. Show me the issue title and description." --disable-builtin-mcps --allow-tool \'github(*)\'';
	const sandboxedCommand = await SandboxManager.wrapWithSandbox(command);

	const child = spawn(sandboxedCommand, {
	shell: true,
	stdio: 'inherit',
	env: process.env
	});

	child.on('exit', async (code) => {
	await SandboxManager.reset();
	process.exit(code \|\| 0);
	});

	child.on('error', async (err) => {
	console.error('Error:', err);
	await SandboxManager.reset();
	process.exit(1);
	});
	} catch (err) {
	console.error('Fatal error:', err);
	process.exit(1);
	}
	}

	main();
	EOF

	node .srt-wrapper.js

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Fix GH_AW_WORKFLOW_ID propagation to safe_outputs job for create_pull_request #260

Workflow file

Fix GH_AW_WORKFLOW_ID propagation to safe_outputs job for create_pull_request #260

Uh oh!

Workflow file for this run