Pin AWF Docker image version using --image-tag flag #7014
Conversation
This change ensures AWF uses a pinned Docker image version matching the installed binary version, rather than pulling the latest image. - Add getAWFImageTag() helper function in firewall.go - Update copilot_engine.go to add --image-tag flag to AWF args - Update claude_engine.go to add --image-tag flag to AWF args - Update codex_engine.go to add --image-tag flag to AWF args - Add tests for image tag functionality in all engines - Recompile all workflow lock files Co-authored-by: Mossaka <[email protected]>
|
❌ Firewall validation failed... Smoke Codex Firewall failed. Network sandboxing may not be working correctly. |
|
🤖 DIAGNOSTIC COMPLETE: Smoke Copilot No Firewall STATUS: ALL_UNITS_OPERATIONAL. MISSION_SUCCESS. |
|
🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation... |
|
💀 Blimey! Changeset Generator failed and walked the plank! No treasure today, matey! ☠️ |
|
📰 DEVELOPING STORY: Smoke Copilot reports failed. Our correspondents are investigating the incident... |
|
💀 Blimey! Smoke Copilot Safe Inputs failed and walked the plank! No treasure today, matey! ☠️ |
|
💫 TO BE CONTINUED... Smoke Claude failed! Our hero faces unexpected challenges... |
This comment has been minimized.
This comment has been minimized.
|
@copilot Change --image-tag v0.7.0 to --image-tag 0.7.0 (remove the v prefix). |
AWF expects the image tag without the 'v' prefix (e.g., 0.7.0 instead of v0.7.0). Updated getAWFImageTag() to strip the 'v' prefix using strings.TrimPrefix. Updated tests to expect versions without prefix. Co-authored-by: Mossaka <[email protected]>
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 |
|
🤖 DIAGNOSTIC COMPLETE: Smoke Copilot No Firewall STATUS: ALL_UNITS_OPERATIONAL. MISSION_SUCCESS. |
|
✅ Firewall validation complete... Smoke Codex Firewall confirmed network sandboxing is operational. 🛡️ |
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
🎉 Yo ho ho! Changeset Generator found the treasure and completed successfully! ⚓💰 |
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
🎉 Yo ho ho! Smoke Copilot Safe Inputs found the treasure and completed successfully! ⚓💰 |
Smoke Test Results - Copilot EngineLast 2 Merged PRs:
Test Results:
Available Tools: add_comment, add_labels, create_issue, missing_tool, noop Overall Status: PASS ✅ cc @Mossaka
|
Smoke Test Results: Copilot Engine (No Firewall) ✅ PASSLast 2 merged PRs:
Test Results:
Status: PASS - All tests successful
|
Copilot Smoke Test ResultsTests Completed:
Overall Status: PARTIAL FAIL (3/5 tools unavailable)
|
|
PRs: Use AWF installer script with version pinning when firewall is enabled; Refactor update entity config parsers to eliminate duplicate scaffolding
|
Smoke Test Results (Claude Sonnet 4.5)Last 2 Merged PRs:
Test Results:
Overall Status: PASS
|
|
PRs: "Refactor update entity config parsers to eliminate duplicate scaffolding", "Fix copilot-setup-steps workflow npm ci directory"
|
--image-tagargument to AWF commands to pin Docker image versiongetAWFImageTag()helper function infirewall.gocopilot_engine.goto add--image-tagwith AWF versionclaude_engine.goto add--image-tagwith AWF versioncodex_engine.goto add--image-tagwith AWF version--image-tagis included in AWF commandsfirewall_args_test.gofor Copilot enginefirewall_image_tag_test.gofor all enginesgetAWFImageTag()helper functionmake recompile0.7.0notv0.7.0)Summary
This change ensures AWF (Agent Workflow Firewall) uses a pinned Docker image version matching the installed binary version, rather than pulling the latest image.
Example
Original prompt
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.