diff --git a/.changeset/patch-unify-agent-artifacts.md b/.changeset/patch-unify-agent-artifacts.md new file mode 100644 index 0000000000..69c0c90522 --- /dev/null +++ b/.changeset/patch-unify-agent-artifacts.md @@ -0,0 +1,11 @@ +--- +"gh-aw": patch +--- + +Use the unified `agent-artifacts` artifact for downloads and remove duplicate +artifact downloads. Updated tests to expect `agent-artifacts` and removed +dead/unused artifact upload helpers. + +This is an internal fix that consolidates artifact downloads used by +safe_outputs and threat detection jobs. + diff --git a/.github/workflows/agent-performance-analyzer.lock.yml b/.github/workflows/agent-performance-analyzer.lock.yml index 22369ee30c..968645d102 100644 --- a/.github/workflows/agent-performance-analyzer.lock.yml +++ b/.github/workflows/agent-performance-analyzer.lock.yml @@ -1513,11 +1513,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1525,13 +1525,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/archie.lock.yml b/.github/workflows/archie.lock.yml index 35d5989351..17a55a74d5 100644 --- a/.github/workflows/archie.lock.yml +++ b/.github/workflows/archie.lock.yml @@ -1068,11 +1068,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1080,13 +1080,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml index f30f8022af..2f68a9e0ee 100644 --- a/.github/workflows/artifacts-summary.lock.yml +++ b/.github/workflows/artifacts-summary.lock.yml @@ -914,11 +914,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -926,13 +926,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/audit-workflows.lock.yml b/.github/workflows/audit-workflows.lock.yml index 9b5e08cef2..3e12511dca 100644 --- a/.github/workflows/audit-workflows.lock.yml +++ b/.github/workflows/audit-workflows.lock.yml @@ -1303,11 +1303,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1315,13 +1315,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/blog-auditor.lock.yml b/.github/workflows/blog-auditor.lock.yml index 0cd0b6fbf1..4f2a8f1aa3 100644 --- a/.github/workflows/blog-auditor.lock.yml +++ b/.github/workflows/blog-auditor.lock.yml @@ -1188,11 +1188,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1200,13 +1200,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml index aa002d009a..680725a518 100644 --- a/.github/workflows/brave.lock.yml +++ b/.github/workflows/brave.lock.yml @@ -961,11 +961,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -973,13 +973,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/breaking-change-checker.lock.yml b/.github/workflows/breaking-change-checker.lock.yml index 1cb767cb04..8cfbcfcb4a 100644 --- a/.github/workflows/breaking-change-checker.lock.yml +++ b/.github/workflows/breaking-change-checker.lock.yml @@ -1013,11 +1013,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1025,13 +1025,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/campaign-generator.lock.yml b/.github/workflows/campaign-generator.lock.yml index 9188a44b6a..03a0b21450 100644 --- a/.github/workflows/campaign-generator.lock.yml +++ b/.github/workflows/campaign-generator.lock.yml @@ -924,11 +924,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -936,13 +936,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/campaign-manager.lock.yml b/.github/workflows/campaign-manager.lock.yml index df7264f555..a0e91d7a3d 100644 --- a/.github/workflows/campaign-manager.lock.yml +++ b/.github/workflows/campaign-manager.lock.yml @@ -1353,11 +1353,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1365,13 +1365,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/changeset.lock.yml b/.github/workflows/changeset.lock.yml index a605ec5fde..cb8d9be2ed 100644 --- a/.github/workflows/changeset.lock.yml +++ b/.github/workflows/changeset.lock.yml @@ -1124,11 +1124,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1136,13 +1136,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1303,7 +1296,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Generate GitHub App token id: app-token diff --git a/.github/workflows/ci-coach.lock.yml b/.github/workflows/ci-coach.lock.yml index 2a94245220..88c02c0458 100644 --- a/.github/workflows/ci-coach.lock.yml +++ b/.github/workflows/ci-coach.lock.yml @@ -1681,11 +1681,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1693,13 +1693,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1871,7 +1864,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml index f2093b0556..ed24649477 100644 --- a/.github/workflows/ci-doctor.lock.yml +++ b/.github/workflows/ci-doctor.lock.yml @@ -190,7 +190,7 @@ jobs: const determineAutomaticLockdown = require('/tmp/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - name: Downloading container images - run: bash /tmp/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.26.3 mcp/fetch + run: bash /tmp/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.26.3 - name: Write Safe Outputs Config run: | mkdir -p /tmp/gh-aw/safeoutputs @@ -442,16 +442,6 @@ jobs: "GITHUB_WORKSPACE": "\${GITHUB_WORKSPACE}", "DEFAULT_BRANCH": "\${DEFAULT_BRANCH}" } - }, - "web-fetch": { - "command": "docker", - "args": [ - "run", - "-i", - "--rm", - "mcp/fetch" - ], - "tools": ["*"] } } } @@ -862,12 +852,12 @@ jobs: # Copilot CLI tool arguments (sorted): # --allow-tool github # --allow-tool safeoutputs - # --allow-tool web-fetch + # --allow-tool web_fetch timeout-minutes: 10 run: | set -o pipefail sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:rw" --mount /usr/bin/date:/usr/bin/date:ro --mount /usr/bin/gh:/usr/bin/gh:ro --mount /usr/bin/yq:/usr/bin/yq:ro --mount /usr/local/bin/copilot:/usr/local/bin/copilot:ro --mount /home/runner/.copilot:/home/runner/.copilot:rw --allow-domains api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,github.com,host.docker.internal,raw.githubusercontent.com,registry.npmjs.org --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --image-tag 0.7.0 \ - -- /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-tool github --allow-tool safeoutputs --allow-tool web-fetch --add-dir /tmp/gh-aw/cache-memory/ --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"${GH_AW_MODEL_AGENT_COPILOT:+ --model "$GH_AW_MODEL_AGENT_COPILOT"} \ + -- /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-tool github --allow-tool safeoutputs --allow-tool web_fetch --add-dir /tmp/gh-aw/cache-memory/ --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"${GH_AW_MODEL_AGENT_COPILOT:+ --model "$GH_AW_MODEL_AGENT_COPILOT"} \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log env: COPILOT_AGENT_RUNNER_TYPE: STANDALONE @@ -1108,11 +1098,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1120,13 +1110,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml index 6e9dd8eeb7..73c3893d32 100644 --- a/.github/workflows/cli-consistency-checker.lock.yml +++ b/.github/workflows/cli-consistency-checker.lock.yml @@ -163,7 +163,7 @@ jobs: const determineAutomaticLockdown = require('/tmp/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - name: Downloading container images - run: bash /tmp/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.26.3 mcp/fetch + run: bash /tmp/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.26.3 - name: Write Safe Outputs Config run: | mkdir -p /tmp/gh-aw/safeoutputs @@ -379,16 +379,6 @@ jobs: "GITHUB_WORKSPACE": "\${GITHUB_WORKSPACE}", "DEFAULT_BRANCH": "\${DEFAULT_BRANCH}" } - }, - "web-fetch": { - "command": "docker", - "args": [ - "run", - "-i", - "--rm", - "mcp/fetch" - ], - "tools": ["*"] } } } @@ -1006,11 +996,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1018,13 +1008,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml index 38511e4694..e1f1c673d7 100644 --- a/.github/workflows/cli-version-checker.lock.yml +++ b/.github/workflows/cli-version-checker.lock.yml @@ -1251,11 +1251,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1263,13 +1263,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/cloclo.lock.yml b/.github/workflows/cloclo.lock.yml index 75c1152d50..4e9ac61672 100644 --- a/.github/workflows/cloclo.lock.yml +++ b/.github/workflows/cloclo.lock.yml @@ -1405,11 +1405,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1417,13 +1417,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1658,7 +1651,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/commit-changes-analyzer.lock.yml b/.github/workflows/commit-changes-analyzer.lock.yml index 05f0e4771c..5cca99a90c 100644 --- a/.github/workflows/commit-changes-analyzer.lock.yml +++ b/.github/workflows/commit-changes-analyzer.lock.yml @@ -1101,11 +1101,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1113,13 +1113,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/copilot-agent-analysis.lock.yml b/.github/workflows/copilot-agent-analysis.lock.yml index 6021e63ff8..183d788e9f 100644 --- a/.github/workflows/copilot-agent-analysis.lock.yml +++ b/.github/workflows/copilot-agent-analysis.lock.yml @@ -1534,11 +1534,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1546,13 +1546,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml index c9566c4b37..048051d26c 100644 --- a/.github/workflows/copilot-pr-merged-report.lock.yml +++ b/.github/workflows/copilot-pr-merged-report.lock.yml @@ -1071,11 +1071,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1083,13 +1083,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/copilot-pr-nlp-analysis.lock.yml b/.github/workflows/copilot-pr-nlp-analysis.lock.yml index 2bedf26621..5957fa69f7 100644 --- a/.github/workflows/copilot-pr-nlp-analysis.lock.yml +++ b/.github/workflows/copilot-pr-nlp-analysis.lock.yml @@ -1762,11 +1762,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1774,13 +1774,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/copilot-pr-prompt-analysis.lock.yml b/.github/workflows/copilot-pr-prompt-analysis.lock.yml index 85bc772081..156c8539e1 100644 --- a/.github/workflows/copilot-pr-prompt-analysis.lock.yml +++ b/.github/workflows/copilot-pr-prompt-analysis.lock.yml @@ -1273,11 +1273,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1285,13 +1285,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/copilot-session-insights.lock.yml b/.github/workflows/copilot-session-insights.lock.yml index 6d670fbec0..e5a03290e6 100644 --- a/.github/workflows/copilot-session-insights.lock.yml +++ b/.github/workflows/copilot-session-insights.lock.yml @@ -2268,11 +2268,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -2280,13 +2280,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/craft.lock.yml b/.github/workflows/craft.lock.yml index b9b9dc9119..c926ce1d04 100644 --- a/.github/workflows/craft.lock.yml +++ b/.github/workflows/craft.lock.yml @@ -1134,11 +1134,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1146,13 +1146,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1367,7 +1360,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'push_to_pull_request_branch')) diff --git a/.github/workflows/daily-assign-issue-to-user.lock.yml b/.github/workflows/daily-assign-issue-to-user.lock.yml index 303142ca8f..293852f8a4 100644 --- a/.github/workflows/daily-assign-issue-to-user.lock.yml +++ b/.github/workflows/daily-assign-issue-to-user.lock.yml @@ -830,11 +830,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -842,13 +842,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-choice-test.lock.yml b/.github/workflows/daily-choice-test.lock.yml index fba6d9da00..d5c2eb1fe7 100644 --- a/.github/workflows/daily-choice-test.lock.yml +++ b/.github/workflows/daily-choice-test.lock.yml @@ -811,11 +811,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -823,13 +823,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-cli-performance.lock.yml b/.github/workflows/daily-cli-performance.lock.yml index ba32dc2459..52e8c2042e 100644 --- a/.github/workflows/daily-cli-performance.lock.yml +++ b/.github/workflows/daily-cli-performance.lock.yml @@ -1478,11 +1478,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1490,13 +1490,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-code-metrics.lock.yml b/.github/workflows/daily-code-metrics.lock.yml index 59f6c11e98..8be195955b 100644 --- a/.github/workflows/daily-code-metrics.lock.yml +++ b/.github/workflows/daily-code-metrics.lock.yml @@ -1780,11 +1780,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1792,13 +1792,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-copilot-token-report.lock.yml b/.github/workflows/daily-copilot-token-report.lock.yml index 084bca6210..e12009069a 100644 --- a/.github/workflows/daily-copilot-token-report.lock.yml +++ b/.github/workflows/daily-copilot-token-report.lock.yml @@ -1872,11 +1872,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1884,13 +1884,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-doc-updater.lock.yml b/.github/workflows/daily-doc-updater.lock.yml index 30bf4f6e74..516f141e81 100644 --- a/.github/workflows/daily-doc-updater.lock.yml +++ b/.github/workflows/daily-doc-updater.lock.yml @@ -1092,11 +1092,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1104,13 +1104,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1286,7 +1279,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/daily-fact.lock.yml b/.github/workflows/daily-fact.lock.yml index 5fc6c989af..19b982a49c 100644 --- a/.github/workflows/daily-fact.lock.yml +++ b/.github/workflows/daily-fact.lock.yml @@ -795,11 +795,11 @@ jobs: uses: githubnext/gh-aw/actions/setup@623e612ff6a684e9a8634449508bdda21e2c178c # 623e612ff6a684e9a8634449508bdda21e2c178c with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -807,13 +807,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-file-diet.lock.yml b/.github/workflows/daily-file-diet.lock.yml index dfcbe0b876..a8ba4b7533 100644 --- a/.github/workflows/daily-file-diet.lock.yml +++ b/.github/workflows/daily-file-diet.lock.yml @@ -1769,11 +1769,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1781,13 +1781,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-firewall-report.lock.yml b/.github/workflows/daily-firewall-report.lock.yml index 595b8f22e9..f12cd2fd3d 100644 --- a/.github/workflows/daily-firewall-report.lock.yml +++ b/.github/workflows/daily-firewall-report.lock.yml @@ -1324,11 +1324,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1336,13 +1336,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-issues-report.lock.yml b/.github/workflows/daily-issues-report.lock.yml index 9107fe7eb7..bb103e4665 100644 --- a/.github/workflows/daily-issues-report.lock.yml +++ b/.github/workflows/daily-issues-report.lock.yml @@ -1903,11 +1903,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1915,13 +1915,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-multi-device-docs-tester.lock.yml b/.github/workflows/daily-multi-device-docs-tester.lock.yml index 5781c3b732..63c563e2e3 100644 --- a/.github/workflows/daily-multi-device-docs-tester.lock.yml +++ b/.github/workflows/daily-multi-device-docs-tester.lock.yml @@ -1077,11 +1077,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1089,13 +1089,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml index 46213dbe1d..888a934134 100644 --- a/.github/workflows/daily-news.lock.yml +++ b/.github/workflows/daily-news.lock.yml @@ -227,7 +227,7 @@ jobs: const determineAutomaticLockdown = require('/tmp/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - name: Downloading container images - run: bash /tmp/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.26.3 mcp/fetch + run: bash /tmp/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.26.3 - name: Write Safe Outputs Config run: | mkdir -p /tmp/gh-aw/safeoutputs @@ -464,16 +464,6 @@ jobs: "env": { "TAVILY_API_KEY": "\${TAVILY_API_KEY}" } - }, - "web-fetch": { - "command": "docker", - "args": [ - "run", - "-i", - "--rm", - "mcp/fetch" - ], - "tools": ["*"] } } } @@ -1698,11 +1688,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1710,13 +1700,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml index 7c717b93da..6b1c26a2aa 100644 --- a/.github/workflows/daily-performance-summary.lock.yml +++ b/.github/workflows/daily-performance-summary.lock.yml @@ -1853,11 +1853,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1865,13 +1865,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml index 9e0b6478f0..c074309ec1 100644 --- a/.github/workflows/daily-repo-chronicle.lock.yml +++ b/.github/workflows/daily-repo-chronicle.lock.yml @@ -1528,11 +1528,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1540,13 +1540,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml index e39b4e7ff7..dd6edf7af5 100644 --- a/.github/workflows/daily-team-status.lock.yml +++ b/.github/workflows/daily-team-status.lock.yml @@ -921,11 +921,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -933,13 +933,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml index 9c0eded848..5efb5e4fae 100644 --- a/.github/workflows/daily-workflow-updater.lock.yml +++ b/.github/workflows/daily-workflow-updater.lock.yml @@ -983,11 +983,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -995,13 +995,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1173,7 +1166,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml index 2bd54b005d..db6f9de02e 100644 --- a/.github/workflows/deep-report.lock.yml +++ b/.github/workflows/deep-report.lock.yml @@ -1404,11 +1404,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1416,13 +1416,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml index 27cdb582ac..c772bd64b7 100644 --- a/.github/workflows/dependabot-go-checker.lock.yml +++ b/.github/workflows/dependabot-go-checker.lock.yml @@ -165,7 +165,7 @@ jobs: const determineAutomaticLockdown = require('/tmp/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - name: Downloading container images - run: bash /tmp/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.26.3 mcp/fetch + run: bash /tmp/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.26.3 - name: Write Safe Outputs Config run: | mkdir -p /tmp/gh-aw/safeoutputs @@ -419,16 +419,6 @@ jobs: "GITHUB_WORKSPACE": "\${GITHUB_WORKSPACE}", "DEFAULT_BRANCH": "\${DEFAULT_BRANCH}" } - }, - "web-fetch": { - "command": "docker", - "args": [ - "run", - "-i", - "--rm", - "mcp/fetch" - ], - "tools": ["*"] } } } @@ -1286,11 +1276,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1298,13 +1288,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index 656da8f87a..1bd23fb93c 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -1071,11 +1071,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1083,13 +1083,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml index 444d2e519f..7c45a05529 100644 --- a/.github/workflows/dev.lock.yml +++ b/.github/workflows/dev.lock.yml @@ -775,11 +775,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -787,13 +787,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/developer-docs-consolidator.lock.yml b/.github/workflows/developer-docs-consolidator.lock.yml index 7d4cb092c6..9d87ac577f 100644 --- a/.github/workflows/developer-docs-consolidator.lock.yml +++ b/.github/workflows/developer-docs-consolidator.lock.yml @@ -1622,11 +1622,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1634,13 +1634,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1816,7 +1809,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml index 00ec1d884a..7eac9249c5 100644 --- a/.github/workflows/dictation-prompt.lock.yml +++ b/.github/workflows/dictation-prompt.lock.yml @@ -879,11 +879,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -891,13 +891,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1068,7 +1061,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml index a8c38280fe..b0e50a6a4c 100644 --- a/.github/workflows/docs-noob-tester.lock.yml +++ b/.github/workflows/docs-noob-tester.lock.yml @@ -1013,11 +1013,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1025,13 +1025,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/docs-quality-maintenance-project67.campaign.lock.yml b/.github/workflows/docs-quality-maintenance-project67.campaign.lock.yml index 6fabdd56c4..79e670205f 100644 --- a/.github/workflows/docs-quality-maintenance-project67.campaign.lock.yml +++ b/.github/workflows/docs-quality-maintenance-project67.campaign.lock.yml @@ -1357,11 +1357,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1369,13 +1369,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/duplicate-code-detector.lock.yml b/.github/workflows/duplicate-code-detector.lock.yml index 47ec400eec..6f5e1d8721 100644 --- a/.github/workflows/duplicate-code-detector.lock.yml +++ b/.github/workflows/duplicate-code-detector.lock.yml @@ -1046,11 +1046,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1058,13 +1058,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml index 2ea3dbcd90..370b3f0600 100644 --- a/.github/workflows/example-workflow-analyzer.lock.yml +++ b/.github/workflows/example-workflow-analyzer.lock.yml @@ -882,11 +882,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -894,13 +894,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/firewall-escape.lock.yml b/.github/workflows/firewall-escape.lock.yml index df97def336..c607a35ac8 100644 --- a/.github/workflows/firewall-escape.lock.yml +++ b/.github/workflows/firewall-escape.lock.yml @@ -175,7 +175,7 @@ jobs: const determineAutomaticLockdown = require('/tmp/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - name: Downloading container images - run: bash /tmp/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.26.3 mcp/fetch + run: bash /tmp/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.26.3 - name: Setup MCPs env: GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} @@ -206,16 +206,6 @@ jobs: "env": { "GITHUB_PERSONAL_ACCESS_TOKEN": "\${GITHUB_MCP_SERVER_TOKEN}" } - }, - "web-fetch": { - "command": "docker", - "args": [ - "run", - "-i", - "--rm", - "mcp/fetch" - ], - "tools": ["*"] } } } diff --git a/.github/workflows/firewall.lock.yml b/.github/workflows/firewall.lock.yml index 6f1c8f5da1..05ef70e03e 100644 --- a/.github/workflows/firewall.lock.yml +++ b/.github/workflows/firewall.lock.yml @@ -151,7 +151,7 @@ jobs: const determineAutomaticLockdown = require('/tmp/gh-aw/actions/determine_automatic_lockdown.cjs'); await determineAutomaticLockdown(github, context, core); - name: Downloading container images - run: bash /tmp/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.26.3 mcp/fetch + run: bash /tmp/gh-aw/actions/download_docker_images.sh ghcr.io/github/github-mcp-server:v0.26.3 - name: Setup MCPs env: GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} @@ -182,16 +182,6 @@ jobs: "env": { "GITHUB_PERSONAL_ACCESS_TOKEN": "\${GITHUB_MCP_SERVER_TOKEN}" } - }, - "web-fetch": { - "command": "docker", - "args": [ - "run", - "-i", - "--rm", - "mcp/fetch" - ], - "tools": ["*"] } } } @@ -405,12 +395,12 @@ jobs: id: agentic_execution # Copilot CLI tool arguments (sorted): # --allow-tool github - # --allow-tool web-fetch + # --allow-tool web_fetch timeout-minutes: 5 run: | set -o pipefail sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --mount /tmp:/tmp:rw --mount "${GITHUB_WORKSPACE}:${GITHUB_WORKSPACE}:rw" --mount /usr/bin/date:/usr/bin/date:ro --mount /usr/bin/gh:/usr/bin/gh:ro --mount /usr/bin/yq:/usr/bin/yq:ro --mount /usr/local/bin/copilot:/usr/local/bin/copilot:ro --mount /home/runner/.copilot:/home/runner/.copilot:rw --allow-domains api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.npms.io,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,bun.sh,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,deb.nodesource.com,deno.land,get.pnpm.io,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,nodejs.org,npm.pkg.github.com,npmjs.com,npmjs.org,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.bower.io,registry.npmjs.com,registry.npmjs.org,registry.yarnpkg.com,repo.yarnpkg.com,s.symcb.com,s.symcd.com,security.ubuntu.com,skimdb.npmjs.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com,www.npmjs.com,www.npmjs.org,yarnpkg.com --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --image-tag 0.7.0 \ - -- /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-tool github --allow-tool web-fetch --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"${GH_AW_MODEL_DETECTION_COPILOT:+ --model "$GH_AW_MODEL_DETECTION_COPILOT"} \ + -- /usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-tool github --allow-tool web_fetch --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"${GH_AW_MODEL_DETECTION_COPILOT:+ --model "$GH_AW_MODEL_DETECTION_COPILOT"} \ 2>&1 | tee /tmp/gh-aw/agent-stdio.log env: COPILOT_AGENT_RUNNER_TYPE: STANDALONE diff --git a/.github/workflows/github-mcp-structural-analysis.lock.yml b/.github/workflows/github-mcp-structural-analysis.lock.yml index 9f3aa4c216..b113487cb5 100644 --- a/.github/workflows/github-mcp-structural-analysis.lock.yml +++ b/.github/workflows/github-mcp-structural-analysis.lock.yml @@ -1574,11 +1574,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1586,13 +1586,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/github-mcp-tools-report.lock.yml b/.github/workflows/github-mcp-tools-report.lock.yml index 62cc14201f..68810685bc 100644 --- a/.github/workflows/github-mcp-tools-report.lock.yml +++ b/.github/workflows/github-mcp-tools-report.lock.yml @@ -1462,11 +1462,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1474,13 +1474,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1656,7 +1649,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml index 6b0657673f..d42b950445 100644 --- a/.github/workflows/glossary-maintainer.lock.yml +++ b/.github/workflows/glossary-maintainer.lock.yml @@ -1527,11 +1527,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1539,13 +1539,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1716,7 +1709,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/go-fan.lock.yml b/.github/workflows/go-fan.lock.yml index e6bd3a60fb..250900e238 100644 --- a/.github/workflows/go-fan.lock.yml +++ b/.github/workflows/go-fan.lock.yml @@ -1243,11 +1243,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1255,13 +1255,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/go-file-size-reduction-project64.campaign.lock.yml b/.github/workflows/go-file-size-reduction-project64.campaign.lock.yml index 73bc7899e9..6b1d41f0d4 100644 --- a/.github/workflows/go-file-size-reduction-project64.campaign.lock.yml +++ b/.github/workflows/go-file-size-reduction-project64.campaign.lock.yml @@ -1329,11 +1329,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1341,13 +1341,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml index 0ec790ecd6..5b0acbdd1f 100644 --- a/.github/workflows/go-logger.lock.yml +++ b/.github/workflows/go-logger.lock.yml @@ -1188,11 +1188,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1200,13 +1200,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1381,7 +1374,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml index 94275fb89c..56e13ceb5e 100644 --- a/.github/workflows/go-pattern-detector.lock.yml +++ b/.github/workflows/go-pattern-detector.lock.yml @@ -1052,11 +1052,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1064,13 +1064,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml index 8d1ed96c87..104e6a0dd7 100644 --- a/.github/workflows/grumpy-reviewer.lock.yml +++ b/.github/workflows/grumpy-reviewer.lock.yml @@ -1075,11 +1075,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1087,13 +1087,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/hourly-ci-cleaner.lock.yml b/.github/workflows/hourly-ci-cleaner.lock.yml index 01ada5aa27..069d9f798d 100644 --- a/.github/workflows/hourly-ci-cleaner.lock.yml +++ b/.github/workflows/hourly-ci-cleaner.lock.yml @@ -1231,11 +1231,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1243,13 +1243,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1421,7 +1414,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/human-ai-collaboration.lock.yml b/.github/workflows/human-ai-collaboration.lock.yml index 4380d7bdf8..4b65be9e9c 100644 --- a/.github/workflows/human-ai-collaboration.lock.yml +++ b/.github/workflows/human-ai-collaboration.lock.yml @@ -1315,11 +1315,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1327,13 +1327,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/incident-response.lock.yml b/.github/workflows/incident-response.lock.yml index c6fb9168dd..1bbc9ce29d 100644 --- a/.github/workflows/incident-response.lock.yml +++ b/.github/workflows/incident-response.lock.yml @@ -1458,11 +1458,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1470,13 +1470,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1709,7 +1702,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/instructions-janitor.lock.yml b/.github/workflows/instructions-janitor.lock.yml index 99fed9f6ff..60e62c2cf9 100644 --- a/.github/workflows/instructions-janitor.lock.yml +++ b/.github/workflows/instructions-janitor.lock.yml @@ -1068,11 +1068,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1080,13 +1080,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1261,7 +1254,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/intelligence.lock.yml b/.github/workflows/intelligence.lock.yml index 4bcab500c3..f931a6e2e5 100644 --- a/.github/workflows/intelligence.lock.yml +++ b/.github/workflows/intelligence.lock.yml @@ -1981,11 +1981,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1993,13 +1993,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/issue-arborist.lock.yml b/.github/workflows/issue-arborist.lock.yml index b0f6871753..081fbec10b 100644 --- a/.github/workflows/issue-arborist.lock.yml +++ b/.github/workflows/issue-arborist.lock.yml @@ -1115,11 +1115,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1127,13 +1127,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/issue-classifier.lock.yml b/.github/workflows/issue-classifier.lock.yml index b4a3a2584f..84fc9cd47c 100644 --- a/.github/workflows/issue-classifier.lock.yml +++ b/.github/workflows/issue-classifier.lock.yml @@ -785,11 +785,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -797,13 +797,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml index e361d4c50f..8550e7d838 100644 --- a/.github/workflows/issue-monster.lock.yml +++ b/.github/workflows/issue-monster.lock.yml @@ -1023,11 +1023,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1035,13 +1035,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/issue-template-optimizer.lock.yml b/.github/workflows/issue-template-optimizer.lock.yml index 80eac7237c..112657fb98 100644 --- a/.github/workflows/issue-template-optimizer.lock.yml +++ b/.github/workflows/issue-template-optimizer.lock.yml @@ -1121,11 +1121,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1133,13 +1133,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1310,7 +1303,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/issue-triage-agent.lock.yml b/.github/workflows/issue-triage-agent.lock.yml index 1456af0d6d..b9c10f84f7 100644 --- a/.github/workflows/issue-triage-agent.lock.yml +++ b/.github/workflows/issue-triage-agent.lock.yml @@ -808,11 +808,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -820,13 +820,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/jsweep.lock.yml b/.github/workflows/jsweep.lock.yml index 3fb0b2a2f8..5bb12b04c3 100644 --- a/.github/workflows/jsweep.lock.yml +++ b/.github/workflows/jsweep.lock.yml @@ -1158,11 +1158,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1170,13 +1170,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1348,7 +1341,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/layout-spec-maintainer.lock.yml b/.github/workflows/layout-spec-maintainer.lock.yml index 1a3c78a8e3..a21fb4087d 100644 --- a/.github/workflows/layout-spec-maintainer.lock.yml +++ b/.github/workflows/layout-spec-maintainer.lock.yml @@ -1098,11 +1098,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1110,13 +1110,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1288,7 +1281,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/lockfile-stats.lock.yml b/.github/workflows/lockfile-stats.lock.yml index 1020c81809..2798865d7d 100644 --- a/.github/workflows/lockfile-stats.lock.yml +++ b/.github/workflows/lockfile-stats.lock.yml @@ -1243,11 +1243,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1255,13 +1255,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index 404b22808d..38ad635b45 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -1431,11 +1431,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1443,13 +1443,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml index 3cad3982fd..e889ccb363 100644 --- a/.github/workflows/mergefest.lock.yml +++ b/.github/workflows/mergefest.lock.yml @@ -1168,11 +1168,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1180,13 +1180,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1400,7 +1393,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'push_to_pull_request_branch')) diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml index 9bd84afeeb..10fdbce4df 100644 --- a/.github/workflows/notion-issue-summary.lock.yml +++ b/.github/workflows/notion-issue-summary.lock.yml @@ -807,11 +807,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -819,13 +819,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/org-health-report.lock.yml b/.github/workflows/org-health-report.lock.yml index 0a38db71f7..14ac7f8705 100644 --- a/.github/workflows/org-health-report.lock.yml +++ b/.github/workflows/org-health-report.lock.yml @@ -1682,11 +1682,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1694,13 +1694,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/org-wide-rollout.lock.yml b/.github/workflows/org-wide-rollout.lock.yml index c204f01252..e689c2a671 100644 --- a/.github/workflows/org-wide-rollout.lock.yml +++ b/.github/workflows/org-wide-rollout.lock.yml @@ -1486,11 +1486,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1498,13 +1498,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1737,7 +1730,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml index 2cbe9f9c0f..25da028c16 100644 --- a/.github/workflows/pdf-summary.lock.yml +++ b/.github/workflows/pdf-summary.lock.yml @@ -1066,11 +1066,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1078,13 +1078,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml index 8d2ce47981..3724eca911 100644 --- a/.github/workflows/plan.lock.yml +++ b/.github/workflows/plan.lock.yml @@ -1105,11 +1105,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1117,13 +1117,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/playground-org-project-update-issue.lock.yml b/.github/workflows/playground-org-project-update-issue.lock.yml index ab5cdd5c17..87a7136ebf 100644 --- a/.github/workflows/playground-org-project-update-issue.lock.yml +++ b/.github/workflows/playground-org-project-update-issue.lock.yml @@ -822,11 +822,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -834,13 +834,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/playground-snapshots-refresh.lock.yml b/.github/workflows/playground-snapshots-refresh.lock.yml index 88af4d74b4..f818b168f7 100644 --- a/.github/workflows/playground-snapshots-refresh.lock.yml +++ b/.github/workflows/playground-snapshots-refresh.lock.yml @@ -853,11 +853,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -865,13 +865,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1042,7 +1035,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml index a6aa7cd9fb..c612470a04 100644 --- a/.github/workflows/poem-bot.lock.yml +++ b/.github/workflows/poem-bot.lock.yml @@ -1493,11 +1493,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1505,13 +1505,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1731,7 +1724,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: (((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request'))) || (((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'push_to_pull_request_branch'))) diff --git a/.github/workflows/portfolio-analyst.lock.yml b/.github/workflows/portfolio-analyst.lock.yml index e4b3edfd87..cca8b8f7d6 100644 --- a/.github/workflows/portfolio-analyst.lock.yml +++ b/.github/workflows/portfolio-analyst.lock.yml @@ -1643,11 +1643,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1655,13 +1655,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml index 4a2fd14370..424f25d4ba 100644 --- a/.github/workflows/pr-nitpick-reviewer.lock.yml +++ b/.github/workflows/pr-nitpick-reviewer.lock.yml @@ -1389,11 +1389,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1401,13 +1401,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml index 5eeaababd1..2a17848c91 100644 --- a/.github/workflows/prompt-clustering-analysis.lock.yml +++ b/.github/workflows/prompt-clustering-analysis.lock.yml @@ -1664,11 +1664,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1676,13 +1676,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index 48a79c0eeb..03fa84993a 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -1931,11 +1931,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1943,13 +1943,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index a666fb6a53..c13a311416 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -1415,11 +1415,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1427,13 +1427,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1658,7 +1651,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml index c6edbfffdd..c1c30f584f 100644 --- a/.github/workflows/release.lock.yml +++ b/.github/workflows/release.lock.yml @@ -944,11 +944,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -956,13 +956,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml index fa83ef8b32..f807989f15 100644 --- a/.github/workflows/repo-tree-map.lock.yml +++ b/.github/workflows/repo-tree-map.lock.yml @@ -912,11 +912,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -924,13 +924,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/repository-quality-improver.lock.yml b/.github/workflows/repository-quality-improver.lock.yml index 1491f209de..bcce565bae 100644 --- a/.github/workflows/repository-quality-improver.lock.yml +++ b/.github/workflows/repository-quality-improver.lock.yml @@ -1429,11 +1429,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1441,13 +1441,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml index f97ab10077..53f94a5e9e 100644 --- a/.github/workflows/research.lock.yml +++ b/.github/workflows/research.lock.yml @@ -869,11 +869,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -881,13 +881,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml index 46eb7dcf64..2ba404324e 100644 --- a/.github/workflows/safe-output-health.lock.yml +++ b/.github/workflows/safe-output-health.lock.yml @@ -1369,11 +1369,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1381,13 +1381,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/schema-consistency-checker.lock.yml b/.github/workflows/schema-consistency-checker.lock.yml index f76480163e..7cca641742 100644 --- a/.github/workflows/schema-consistency-checker.lock.yml +++ b/.github/workflows/schema-consistency-checker.lock.yml @@ -1218,11 +1218,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1230,13 +1230,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/scout.lock.yml b/.github/workflows/scout.lock.yml index e5ff766dd7..aedde1b546 100644 --- a/.github/workflows/scout.lock.yml +++ b/.github/workflows/scout.lock.yml @@ -1314,11 +1314,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1326,13 +1326,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/security-compliance.lock.yml b/.github/workflows/security-compliance.lock.yml index 493ec3c1b0..5165959be1 100644 --- a/.github/workflows/security-compliance.lock.yml +++ b/.github/workflows/security-compliance.lock.yml @@ -1135,11 +1135,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1147,13 +1147,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/security-fix-pr.lock.yml b/.github/workflows/security-fix-pr.lock.yml index 585340b34c..4e5fe95d19 100644 --- a/.github/workflows/security-fix-pr.lock.yml +++ b/.github/workflows/security-fix-pr.lock.yml @@ -1057,11 +1057,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1069,13 +1069,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1293,7 +1286,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/semantic-function-refactor.lock.yml b/.github/workflows/semantic-function-refactor.lock.yml index 3fba49e714..f6ee04133f 100644 --- a/.github/workflows/semantic-function-refactor.lock.yml +++ b/.github/workflows/semantic-function-refactor.lock.yml @@ -1373,11 +1373,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1385,13 +1385,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/slide-deck-maintainer.lock.yml b/.github/workflows/slide-deck-maintainer.lock.yml index 05d7565093..d63998d7e4 100644 --- a/.github/workflows/slide-deck-maintainer.lock.yml +++ b/.github/workflows/slide-deck-maintainer.lock.yml @@ -1143,11 +1143,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1155,13 +1155,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1376,7 +1369,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml index c1eed487a2..26d391f907 100644 --- a/.github/workflows/smoke-claude.lock.yml +++ b/.github/workflows/smoke-claude.lock.yml @@ -1224,11 +1224,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1236,13 +1236,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/smoke-codex-firewall.lock.yml b/.github/workflows/smoke-codex-firewall.lock.yml index 76d265591f..c0001ef5eb 100644 --- a/.github/workflows/smoke-codex-firewall.lock.yml +++ b/.github/workflows/smoke-codex-firewall.lock.yml @@ -944,11 +944,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -956,13 +956,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml index 5206113237..17ecbd6d71 100644 --- a/.github/workflows/smoke-codex.lock.yml +++ b/.github/workflows/smoke-codex.lock.yml @@ -1038,11 +1038,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1050,13 +1050,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/smoke-copilot-no-firewall.lock.yml b/.github/workflows/smoke-copilot-no-firewall.lock.yml index 4e13abe36c..c05008dde0 100644 --- a/.github/workflows/smoke-copilot-no-firewall.lock.yml +++ b/.github/workflows/smoke-copilot-no-firewall.lock.yml @@ -1069,11 +1069,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1081,13 +1081,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/smoke-copilot-playwright.lock.yml b/.github/workflows/smoke-copilot-playwright.lock.yml index e3f4a56219..504f7128e6 100644 --- a/.github/workflows/smoke-copilot-playwright.lock.yml +++ b/.github/workflows/smoke-copilot-playwright.lock.yml @@ -1169,11 +1169,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1181,13 +1181,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/smoke-copilot-safe-inputs.lock.yml b/.github/workflows/smoke-copilot-safe-inputs.lock.yml index e72452149b..dc5a037d81 100644 --- a/.github/workflows/smoke-copilot-safe-inputs.lock.yml +++ b/.github/workflows/smoke-copilot-safe-inputs.lock.yml @@ -899,11 +899,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -911,13 +911,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml index 7c13d0facf..8f12ec3257 100644 --- a/.github/workflows/smoke-copilot.lock.yml +++ b/.github/workflows/smoke-copilot.lock.yml @@ -992,11 +992,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1004,13 +1004,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/smoke-detector.lock.yml b/.github/workflows/smoke-detector.lock.yml index 7d9ad04381..c64241de12 100644 --- a/.github/workflows/smoke-detector.lock.yml +++ b/.github/workflows/smoke-detector.lock.yml @@ -1291,11 +1291,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1303,13 +1303,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/smoke-srt.lock.yml b/.github/workflows/smoke-srt.lock.yml index 92153f223a..3517bb0393 100644 --- a/.github/workflows/smoke-srt.lock.yml +++ b/.github/workflows/smoke-srt.lock.yml @@ -951,11 +951,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -963,13 +963,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/spec-kit-execute.lock.yml b/.github/workflows/spec-kit-execute.lock.yml index 32199152dd..f5fa8fd2b4 100644 --- a/.github/workflows/spec-kit-execute.lock.yml +++ b/.github/workflows/spec-kit-execute.lock.yml @@ -1288,11 +1288,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1300,13 +1300,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1539,7 +1532,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/spec-kit-executor.lock.yml b/.github/workflows/spec-kit-executor.lock.yml index ca70811155..ab464e39db 100644 --- a/.github/workflows/spec-kit-executor.lock.yml +++ b/.github/workflows/spec-kit-executor.lock.yml @@ -1135,11 +1135,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1147,13 +1147,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1385,7 +1378,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/speckit-dispatcher.lock.yml b/.github/workflows/speckit-dispatcher.lock.yml index 10d24bd1cd..9bf4c3b1f8 100644 --- a/.github/workflows/speckit-dispatcher.lock.yml +++ b/.github/workflows/speckit-dispatcher.lock.yml @@ -1344,11 +1344,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1356,13 +1356,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/stale-repo-identifier.lock.yml b/.github/workflows/stale-repo-identifier.lock.yml index baeb416791..96c0bfdf35 100644 --- a/.github/workflows/stale-repo-identifier.lock.yml +++ b/.github/workflows/stale-repo-identifier.lock.yml @@ -1654,11 +1654,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1666,13 +1666,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml index ba5b279a29..cc5277faed 100644 --- a/.github/workflows/static-analysis-report.lock.yml +++ b/.github/workflows/static-analysis-report.lock.yml @@ -1277,11 +1277,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1289,13 +1289,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/sub-issue-closer.lock.yml b/.github/workflows/sub-issue-closer.lock.yml index 0320951aca..eacc9c003f 100644 --- a/.github/workflows/sub-issue-closer.lock.yml +++ b/.github/workflows/sub-issue-closer.lock.yml @@ -954,11 +954,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -966,13 +966,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml index 1ea4b5d3c9..c3acb222b2 100644 --- a/.github/workflows/super-linter.lock.yml +++ b/.github/workflows/super-linter.lock.yml @@ -1016,11 +1016,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1028,13 +1028,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml index 43c76035c0..11d0af5be5 100644 --- a/.github/workflows/technical-doc-writer.lock.yml +++ b/.github/workflows/technical-doc-writer.lock.yml @@ -1351,11 +1351,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1363,13 +1363,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1542,7 +1535,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/terminal-stylist.lock.yml b/.github/workflows/terminal-stylist.lock.yml index 2fb7119ab0..de0d5db772 100644 --- a/.github/workflows/terminal-stylist.lock.yml +++ b/.github/workflows/terminal-stylist.lock.yml @@ -936,11 +936,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -948,13 +948,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml index 18bf003db3..e18180be62 100644 --- a/.github/workflows/tidy.lock.yml +++ b/.github/workflows/tidy.lock.yml @@ -996,11 +996,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1008,13 +1008,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1229,7 +1222,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: (((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request'))) || (((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'push_to_pull_request_branch'))) diff --git a/.github/workflows/typist.lock.yml b/.github/workflows/typist.lock.yml index 72c9930dbb..54423a5cdb 100644 --- a/.github/workflows/typist.lock.yml +++ b/.github/workflows/typist.lock.yml @@ -1371,11 +1371,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1383,13 +1383,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/unbloat-docs.lock.yml b/.github/workflows/unbloat-docs.lock.yml index 248eb5c609..5c70fc8b1e 100644 --- a/.github/workflows/unbloat-docs.lock.yml +++ b/.github/workflows/unbloat-docs.lock.yml @@ -1358,11 +1358,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1370,13 +1370,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} @@ -1598,7 +1591,7 @@ jobs: continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: aw.patch + name: agent-artifacts path: /tmp/gh-aw/ - name: Checkout repository if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (contains(needs.agent.outputs.output_types, 'create_pull_request')) diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml index b25465af4e..01a5a54d49 100644 --- a/.github/workflows/video-analyzer.lock.yml +++ b/.github/workflows/video-analyzer.lock.yml @@ -1119,11 +1119,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1131,13 +1131,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml index 330d2f6a07..9cccbe8093 100644 --- a/.github/workflows/weekly-issue-summary.lock.yml +++ b/.github/workflows/weekly-issue-summary.lock.yml @@ -1459,11 +1459,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1471,13 +1471,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/workflow-generator.lock.yml b/.github/workflows/workflow-generator.lock.yml index f9f8bb985a..abf39f3827 100644 --- a/.github/workflows/workflow-generator.lock.yml +++ b/.github/workflows/workflow-generator.lock.yml @@ -940,11 +940,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -952,13 +952,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/.github/workflows/workflow-health-manager.lock.yml b/.github/workflows/workflow-health-manager.lock.yml index 7a717e2ca2..79083af073 100644 --- a/.github/workflows/workflow-health-manager.lock.yml +++ b/.github/workflows/workflow-health-manager.lock.yml @@ -1374,11 +1374,11 @@ jobs: uses: ./actions/setup with: destination: /tmp/gh-aw/actions - - name: Download prompt artifact + - name: Download agent artifacts continue-on-error: true uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: - name: prompt + name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true @@ -1386,13 +1386,6 @@ jobs: with: name: agent-output path: /tmp/gh-aw/threat-detection/ - - name: Download patch artifact - if: needs.agent.outputs.has_patch == 'true' - continue-on-error: true - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - name: aw.patch - path: /tmp/gh-aw/threat-detection/ - name: Echo agent output types env: AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }} diff --git a/actions/setup/js/setup_threat_detection.cjs b/actions/setup/js/setup_threat_detection.cjs index 8d49c8977f..06b8cfd427 100644 --- a/actions/setup/js/setup_threat_detection.cjs +++ b/actions/setup/js/setup_threat_detection.cjs @@ -21,7 +21,10 @@ const { getErrorMessage } = require("./error_helpers.cjs"); */ async function main(templateContent) { // Check if prompt file exists - const promptPath = "/tmp/gh-aw/threat-detection/prompt.txt"; + // Since agent-artifacts is downloaded to /tmp/gh-aw/threat-detection/, + // and the artifact contains files with full paths like /tmp/gh-aw/aw-prompts/prompt.txt, + // the downloaded file will be at /tmp/gh-aw/threat-detection/tmp/gh-aw/aw-prompts/prompt.txt + const promptPath = "/tmp/gh-aw/threat-detection/tmp/gh-aw/aw-prompts/prompt.txt"; let promptFileInfo = "No prompt file found"; if (fs.existsSync(promptPath)) { try { @@ -36,6 +39,8 @@ async function main(templateContent) { } // Check if agent output file exists + // Agent output is still a separate artifact downloaded to /tmp/gh-aw/threat-detection/, + // so it appears directly as /tmp/gh-aw/threat-detection/agent_output.json const agentOutputPath = "/tmp/gh-aw/threat-detection/agent_output.json"; let agentOutputFileInfo = "No agent output file found"; if (fs.existsSync(agentOutputPath)) { @@ -51,7 +56,10 @@ async function main(templateContent) { } // Check if patch file exists - const patchPath = "/tmp/gh-aw/threat-detection/aw.patch"; + // Since agent-artifacts is downloaded to /tmp/gh-aw/threat-detection/, + // and the artifact contains /tmp/gh-aw/aw.patch, + // the downloaded file will be at /tmp/gh-aw/threat-detection/tmp/gh-aw/aw.patch + const patchPath = "/tmp/gh-aw/threat-detection/tmp/gh-aw/aw.patch"; let patchFileInfo = "No patch file found"; if (fs.existsSync(patchPath)) { try { diff --git a/pkg/cli/logs_download.go b/pkg/cli/logs_download.go index 52725addd7..5d879e2c5e 100644 --- a/pkg/cli/logs_download.go +++ b/pkg/cli/logs_download.go @@ -112,15 +112,15 @@ func flattenSingleFileArtifacts(outputDir string, verbose bool) error { // This function moves those files to the root output directory and removes the nested structure func flattenUnifiedArtifact(outputDir string, verbose bool) error { agentArtifactsDir := filepath.Join(outputDir, "agent-artifacts") - + // Check if agent-artifacts directory exists if _, err := os.Stat(agentArtifactsDir); os.IsNotExist(err) { // No unified artifact, nothing to flatten return nil } - + logsDownloadLog.Printf("Flattening unified agent-artifacts directory: %s", agentArtifactsDir) - + // Look for tmp/gh-aw/ subdirectory structure tmpGhAwPath := filepath.Join(agentArtifactsDir, "tmp", "gh-aw") if _, err := os.Stat(tmpGhAwPath); os.IsNotExist(err) { @@ -128,26 +128,26 @@ func flattenUnifiedArtifact(outputDir string, verbose bool) error { logsDownloadLog.Printf("No tmp/gh-aw structure found in agent-artifacts, skipping flatten") return nil } - + // Walk through tmp/gh-aw and move all files to root output directory err := filepath.Walk(tmpGhAwPath, func(path string, info os.FileInfo, err error) error { if err != nil { return err } - + // Skip the root directory itself if path == tmpGhAwPath { return nil } - + // Calculate relative path from tmp/gh-aw relPath, err := filepath.Rel(tmpGhAwPath, path) if err != nil { return fmt.Errorf("failed to get relative path for %s: %w", path, err) } - + destPath := filepath.Join(outputDir, relPath) - + if info.IsDir() { // Create directory in destination if err := os.MkdirAll(destPath, 0755); err != nil { @@ -160,7 +160,7 @@ func flattenUnifiedArtifact(outputDir string, verbose bool) error { if err := os.MkdirAll(filepath.Dir(destPath), 0755); err != nil { return fmt.Errorf("failed to create parent directory for %s: %w", destPath, err) } - + if err := os.Rename(path, destPath); err != nil { return fmt.Errorf("failed to move file %s to %s: %w", path, destPath, err) } @@ -169,14 +169,14 @@ func flattenUnifiedArtifact(outputDir string, verbose bool) error { fmt.Fprintln(os.Stderr, console.FormatVerboseMessage(fmt.Sprintf("Flattened: %s → %s", relPath, relPath))) } } - + return nil }) - + if err != nil { return fmt.Errorf("failed to flatten unified artifact: %w", err) } - + // Remove the now-empty agent-artifacts directory structure if err := os.RemoveAll(agentArtifactsDir); err != nil { logsDownloadLog.Printf("Failed to remove agent-artifacts directory %s: %v", agentArtifactsDir, err) @@ -190,7 +190,7 @@ func flattenUnifiedArtifact(outputDir string, verbose bool) error { fmt.Fprintln(os.Stderr, console.FormatVerboseMessage("Flattened unified agent-artifacts and removed nested structure")) } } - + return nil } diff --git a/pkg/cli/logs_flatten_test.go b/pkg/cli/logs_flatten_test.go index 70aa3471b6..c409df320b 100644 --- a/pkg/cli/logs_flatten_test.go +++ b/pkg/cli/logs_flatten_test.go @@ -340,132 +340,132 @@ func TestAuditCanFindFlattenedArtifacts(t *testing.T) { } func TestFlattenUnifiedArtifact(t *testing.T) { -tests := []struct { -name string -setup func(string) error -expectedFiles []string -expectedDirs []string -unexpectedFiles []string -unexpectedDirs []string -}{ -{ -name: "unified artifact with nested structure gets flattened", -setup: func(dir string) error { -// Create the structure: agent-artifacts/tmp/gh-aw/... -nestedPath := filepath.Join(dir, "agent-artifacts", "tmp", "gh-aw") -if err := os.MkdirAll(nestedPath, 0755); err != nil { -return err -} + tests := []struct { + name string + setup func(string) error + expectedFiles []string + expectedDirs []string + unexpectedFiles []string + unexpectedDirs []string + }{ + { + name: "unified artifact with nested structure gets flattened", + setup: func(dir string) error { + // Create the structure: agent-artifacts/tmp/gh-aw/... + nestedPath := filepath.Join(dir, "agent-artifacts", "tmp", "gh-aw") + if err := os.MkdirAll(nestedPath, 0755); err != nil { + return err + } -// Create test files -if err := os.WriteFile(filepath.Join(nestedPath, "aw_info.json"), []byte("test"), 0644); err != nil { -return err -} + // Create test files + if err := os.WriteFile(filepath.Join(nestedPath, "aw_info.json"), []byte("test"), 0644); err != nil { + return err + } -// Create subdirectories with files -promptDir := filepath.Join(nestedPath, "aw-prompts") -if err := os.MkdirAll(promptDir, 0755); err != nil { -return err -} -if err := os.WriteFile(filepath.Join(promptDir, "prompt.txt"), []byte("test"), 0644); err != nil { -return err -} + // Create subdirectories with files + promptDir := filepath.Join(nestedPath, "aw-prompts") + if err := os.MkdirAll(promptDir, 0755); err != nil { + return err + } + if err := os.WriteFile(filepath.Join(promptDir, "prompt.txt"), []byte("test"), 0644); err != nil { + return err + } -mcpLogsDir := filepath.Join(nestedPath, "mcp-logs") -if err := os.MkdirAll(mcpLogsDir, 0755); err != nil { -return err -} -return os.WriteFile(filepath.Join(mcpLogsDir, "log.txt"), []byte("test"), 0644) -}, -expectedFiles: []string{ -"aw_info.json", -"aw-prompts/prompt.txt", -"mcp-logs/log.txt", -}, -expectedDirs: []string{ -"aw-prompts", -"mcp-logs", -}, -unexpectedDirs: []string{"agent-artifacts", "tmp", "gh-aw"}, -unexpectedFiles: []string{ -"agent-artifacts/tmp/gh-aw/aw_info.json", -"tmp/gh-aw/aw_info.json", -}, -}, -{ -name: "no agent-artifacts directory - no-op", -setup: func(dir string) error { -// Create a regular file structure without agent-artifacts -return os.WriteFile(filepath.Join(dir, "regular.txt"), []byte("test"), 0644) -}, -expectedFiles: []string{"regular.txt"}, -}, -{ -name: "agent-artifacts without tmp/gh-aw structure - no-op", -setup: func(dir string) error { -// Create agent-artifacts but without the expected nested structure -artifactDir := filepath.Join(dir, "agent-artifacts") -if err := os.MkdirAll(artifactDir, 0755); err != nil { -return err -} -return os.WriteFile(filepath.Join(artifactDir, "file.txt"), []byte("test"), 0644) -}, -expectedDirs: []string{"agent-artifacts"}, -expectedFiles: []string{"agent-artifacts/file.txt"}, -}, -} + mcpLogsDir := filepath.Join(nestedPath, "mcp-logs") + if err := os.MkdirAll(mcpLogsDir, 0755); err != nil { + return err + } + return os.WriteFile(filepath.Join(mcpLogsDir, "log.txt"), []byte("test"), 0644) + }, + expectedFiles: []string{ + "aw_info.json", + "aw-prompts/prompt.txt", + "mcp-logs/log.txt", + }, + expectedDirs: []string{ + "aw-prompts", + "mcp-logs", + }, + unexpectedDirs: []string{"agent-artifacts", "tmp", "gh-aw"}, + unexpectedFiles: []string{ + "agent-artifacts/tmp/gh-aw/aw_info.json", + "tmp/gh-aw/aw_info.json", + }, + }, + { + name: "no agent-artifacts directory - no-op", + setup: func(dir string) error { + // Create a regular file structure without agent-artifacts + return os.WriteFile(filepath.Join(dir, "regular.txt"), []byte("test"), 0644) + }, + expectedFiles: []string{"regular.txt"}, + }, + { + name: "agent-artifacts without tmp/gh-aw structure - no-op", + setup: func(dir string) error { + // Create agent-artifacts but without the expected nested structure + artifactDir := filepath.Join(dir, "agent-artifacts") + if err := os.MkdirAll(artifactDir, 0755); err != nil { + return err + } + return os.WriteFile(filepath.Join(artifactDir, "file.txt"), []byte("test"), 0644) + }, + expectedDirs: []string{"agent-artifacts"}, + expectedFiles: []string{"agent-artifacts/file.txt"}, + }, + } -for _, tt := range tests { -t.Run(tt.name, func(t *testing.T) { -tmpDir := testutil.TempDir(t, "test-flatten-unified-*") + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + tmpDir := testutil.TempDir(t, "test-flatten-unified-*") -// Setup test structure -if err := tt.setup(tmpDir); err != nil { -t.Fatalf("Setup failed: %v", err) -} + // Setup test structure + if err := tt.setup(tmpDir); err != nil { + t.Fatalf("Setup failed: %v", err) + } -// Run flattening -if err := flattenUnifiedArtifact(tmpDir, true); err != nil { -t.Fatalf("flattenUnifiedArtifact failed: %v", err) -} + // Run flattening + if err := flattenUnifiedArtifact(tmpDir, true); err != nil { + t.Fatalf("flattenUnifiedArtifact failed: %v", err) + } -// Verify expected files exist -for _, file := range tt.expectedFiles { -path := filepath.Join(tmpDir, file) -info, err := os.Stat(path) -if err != nil { -t.Errorf("Expected file %s does not exist: %v", file, err) -} else if info.IsDir() { -t.Errorf("Expected %s to be a file, but it's a directory", file) -} -} + // Verify expected files exist + for _, file := range tt.expectedFiles { + path := filepath.Join(tmpDir, file) + info, err := os.Stat(path) + if err != nil { + t.Errorf("Expected file %s does not exist: %v", file, err) + } else if info.IsDir() { + t.Errorf("Expected %s to be a file, but it's a directory", file) + } + } -// Verify expected directories exist -for _, dir := range tt.expectedDirs { -path := filepath.Join(tmpDir, dir) -info, err := os.Stat(path) -if err != nil { -t.Errorf("Expected directory %s does not exist: %v", dir, err) -} else if !info.IsDir() { -t.Errorf("Expected %s to be a directory", dir) -} -} + // Verify expected directories exist + for _, dir := range tt.expectedDirs { + path := filepath.Join(tmpDir, dir) + info, err := os.Stat(path) + if err != nil { + t.Errorf("Expected directory %s does not exist: %v", dir, err) + } else if !info.IsDir() { + t.Errorf("Expected %s to be a directory", dir) + } + } -// Verify unexpected files don't exist -for _, file := range tt.unexpectedFiles { -path := filepath.Join(tmpDir, file) -if _, err := os.Stat(path); err == nil { -t.Errorf("Unexpected file %s exists", file) -} -} + // Verify unexpected files don't exist + for _, file := range tt.unexpectedFiles { + path := filepath.Join(tmpDir, file) + if _, err := os.Stat(path); err == nil { + t.Errorf("Unexpected file %s exists", file) + } + } -// Verify unexpected directories don't exist -for _, dir := range tt.unexpectedDirs { -path := filepath.Join(tmpDir, dir) -if _, err := os.Stat(path); err == nil { -t.Errorf("Unexpected directory %s exists", dir) -} -} -}) -} + // Verify unexpected directories don't exist + for _, dir := range tt.unexpectedDirs { + path := filepath.Join(tmpDir, dir) + if _, err := os.Stat(path); err == nil { + t.Errorf("Unexpected directory %s exists", dir) + } + } + }) + } } diff --git a/pkg/workflow/artifacts.go b/pkg/workflow/artifacts.go index 005789759a..db4e4328bc 100644 --- a/pkg/workflow/artifacts.go +++ b/pkg/workflow/artifacts.go @@ -2,7 +2,6 @@ package workflow import ( "fmt" - "strings" "github.com/githubnext/gh-aw/pkg/logger" ) @@ -63,51 +62,5 @@ func buildArtifactDownloadSteps(config ArtifactDownloadConfig) []string { steps = append(steps, fmt.Sprintf(" echo \"%s=%s\" >> \"$GITHUB_ENV\"\n", config.EnvVarName, artifactPath)) } - artifactsLog.Printf("Generated %d artifact download steps", len(steps)) return steps } - -// ArtifactUploadConfig holds configuration for building artifact upload steps -type ArtifactUploadConfig struct { - StepName string // Human-readable step name (e.g., "Upload Agent Stdio") - ArtifactName string // Name of the artifact in GitHub Actions (e.g., "agent-stdio.log") - UploadPaths []string // Paths to upload (e.g., "/tmp/gh-aw/agent-stdio.log") - IfNoFilesFound string // What to do if files not found: "warn" or "ignore" (default: "warn") -} - -// generateArtifactUpload creates a YAML step to upload a GitHub Actions artifact -// This is a generalized helper that eliminates duplication across different upload functions -func (c *Compiler) generateArtifactUpload(yaml *strings.Builder, config ArtifactUploadConfig) error { - artifactsLog.Printf("Generating artifact upload: step=%s, artifact=%s, paths=%v", - config.StepName, config.ArtifactName, config.UploadPaths) - - // Record artifact upload for validation - c.stepOrderTracker.RecordArtifactUpload(config.StepName, config.UploadPaths) - - // Determine if-no-files-found value (default to "warn") - ifNoFilesFound := config.IfNoFilesFound - if ifNoFilesFound == "" { - ifNoFilesFound = "warn" - } - - // Generate upload step YAML - fmt.Fprintf(yaml, " - name: %s\n", config.StepName) - yaml.WriteString(" if: always()\n") - fmt.Fprintf(yaml, " uses: %s\n", GetActionPin("actions/upload-artifact")) - yaml.WriteString(" with:\n") - fmt.Fprintf(yaml, " name: %s\n", config.ArtifactName) - - // Write path (only single-path is supported) - if len(config.UploadPaths) == 0 { - return fmt.Errorf("no upload paths specified for artifact %s", config.ArtifactName) - } - if len(config.UploadPaths) > 1 { - return fmt.Errorf("multiple paths not supported (got %d paths for artifact %s)", len(config.UploadPaths), config.ArtifactName) - } - fmt.Fprintf(yaml, " path: %s\n", config.UploadPaths[0]) - - fmt.Fprintf(yaml, " if-no-files-found: %s\n", ifNoFilesFound) - - artifactsLog.Printf("Generated artifact upload step for %s", config.ArtifactName) - return nil -} diff --git a/pkg/workflow/compile_outputs_pr_test.go b/pkg/workflow/compile_outputs_pr_test.go index b1f48f221e..3faf893045 100644 --- a/pkg/workflow/compile_outputs_pr_test.go +++ b/pkg/workflow/compile_outputs_pr_test.go @@ -490,9 +490,9 @@ This test verifies that the aw.patch artifact is downloaded in the safe_outputs t.Errorf("Expected 'Download patch artifact' step in safe_outputs job when create-pull-request is enabled") } - // Verify that patch is downloaded to correct path - if !strings.Contains(lockContentStr, "name: aw.patch") { - t.Errorf("Expected patch artifact to be named 'aw.patch'") + // Verify that patch is downloaded from unified agent-artifacts + if !strings.Contains(lockContentStr, "name: agent-artifacts") { + t.Errorf("Expected patch artifact to be downloaded from 'agent-artifacts'") } if !strings.Contains(lockContentStr, "path: /tmp/gh-aw/") { diff --git a/pkg/workflow/compiler_safe_outputs_core.go b/pkg/workflow/compiler_safe_outputs_core.go index 5a81b1ec9e..e73ab8a7a4 100644 --- a/pkg/workflow/compiler_safe_outputs_core.go +++ b/pkg/workflow/compiler_safe_outputs_core.go @@ -74,10 +74,11 @@ func (c *Compiler) buildConsolidatedSafeOutputsJob(data *WorkflowData, mainJobNa // Add patch artifact download if create-pull-request or push-to-pull-request-branch is enabled // Both of these safe outputs require the patch file to apply changes + // Download from unified agent-artifacts artifact if data.SafeOutputs.CreatePullRequests != nil || data.SafeOutputs.PushToPullRequestBranch != nil { consolidatedSafeOutputsLog.Print("Adding patch artifact download for create-pull-request or push-to-pull-request-branch") patchDownloadSteps := buildArtifactDownloadSteps(ArtifactDownloadConfig{ - ArtifactName: "aw.patch", + ArtifactName: "agent-artifacts", DownloadPath: "/tmp/gh-aw/", SetupEnvStep: false, // No environment variable needed, the script checks the file directly StepName: "Download patch artifact", @@ -287,9 +288,10 @@ func (c *Compiler) buildConsolidatedSafeOutputsJob(data *WorkflowData, mainJobNa insertIndex += len(buildAgentOutputDownloadSteps()) // Add patch download steps if present + // Download from unified agent-artifacts artifact if data.SafeOutputs.CreatePullRequests != nil || data.SafeOutputs.PushToPullRequestBranch != nil { patchDownloadSteps := buildArtifactDownloadSteps(ArtifactDownloadConfig{ - ArtifactName: "aw.patch", + ArtifactName: "agent-artifacts", DownloadPath: "/tmp/gh-aw/", SetupEnvStep: false, StepName: "Download patch artifact", diff --git a/pkg/workflow/compiler_yaml_artifacts.go b/pkg/workflow/compiler_yaml_artifacts.go index 665b252979..a6a0bb552c 100644 --- a/pkg/workflow/compiler_yaml_artifacts.go +++ b/pkg/workflow/compiler_yaml_artifacts.go @@ -9,48 +9,6 @@ import ( var compilerYamlArtifactsLog = logger.New("workflow:compiler_yaml_artifacts") -// generateUploadAgentLogs generates a step that uploads the agent's stdout/stderr logs -func (c *Compiler) generateUploadAgentLogs(yaml *strings.Builder, logFileFull string) error { - compilerYamlArtifactsLog.Printf("Generating agent logs upload step: %s", logFileFull) - return c.generateArtifactUpload(yaml, ArtifactUploadConfig{ - StepName: "Upload Agent Stdio", - ArtifactName: "agent-stdio.log", - UploadPaths: []string{logFileFull}, - IfNoFilesFound: "warn", - }) -} - -// generateUploadAssets generates a step that uploads safe outputs assets -func (c *Compiler) generateUploadAssets(yaml *strings.Builder) error { - compilerYamlArtifactsLog.Print("Generating safe outputs assets upload step") - return c.generateArtifactUpload(yaml, ArtifactUploadConfig{ - StepName: "Upload safe outputs assets", - ArtifactName: "safe-outputs-assets", - UploadPaths: []string{"/tmp/gh-aw/safeoutputs/assets/"}, - IfNoFilesFound: "ignore", - }) -} - -// generateUploadAwInfo generates a step that uploads the aw_info.json file -func (c *Compiler) generateUploadAwInfo(yaml *strings.Builder) error { - return c.generateArtifactUpload(yaml, ArtifactUploadConfig{ - StepName: "Upload agentic run info", - ArtifactName: "aw-info", - UploadPaths: []string{"/tmp/gh-aw/aw_info.json"}, - IfNoFilesFound: "warn", - }) -} - -// generateUploadPrompt generates a step that uploads the prompt file -func (c *Compiler) generateUploadPrompt(yaml *strings.Builder) error { - return c.generateArtifactUpload(yaml, ArtifactUploadConfig{ - StepName: "Upload prompt", - ArtifactName: "prompt", - UploadPaths: []string{"/tmp/gh-aw/aw-prompts/prompt.txt"}, - IfNoFilesFound: "warn", - }) -} - // generateExtractAccessLogs is a legacy method that no longer does anything // Network filtering is now handled at the workflow level func (c *Compiler) generateExtractAccessLogs(yaml *strings.Builder, tools map[string]any) { @@ -63,40 +21,6 @@ func (c *Compiler) generateUploadAccessLogs(yaml *strings.Builder, tools map[str // No proxy tools anymore - network filtering is handled at workflow level } -// generateUploadMCPLogs generates a step that uploads MCP server logs -func (c *Compiler) generateUploadMCPLogs(yaml *strings.Builder) error { - return c.generateArtifactUpload(yaml, ArtifactUploadConfig{ - StepName: "Upload MCP logs", - ArtifactName: "mcp-logs", - UploadPaths: []string{"/tmp/gh-aw/mcp-logs/"}, - IfNoFilesFound: "ignore", - }) -} - -// generateUploadSafeInputsLogs generates a step that uploads SafeInputs logs -func (c *Compiler) generateUploadSafeInputsLogs(yaml *strings.Builder) error { - return c.generateArtifactUpload(yaml, ArtifactUploadConfig{ - StepName: "Upload SafeInputs logs", - ArtifactName: "safeinputs", - UploadPaths: []string{"/tmp/gh-aw/safe-inputs/logs/"}, - IfNoFilesFound: "ignore", - }) -} - -// generateGitPatchUploadStep generates a step that uploads a git patch artifact -// The patch itself is generated by the safe-outputs MCP server when create_pull_request -// or push_to_pull_request_branch tools are called. -func (c *Compiler) generateGitPatchUploadStep(yaml *strings.Builder) { - compilerYamlArtifactsLog.Print("Generating git patch upload step") - yaml.WriteString(" - name: Upload git patch\n") - yaml.WriteString(" if: always()\n") - fmt.Fprintf(yaml, " uses: %s\n", GetActionPin("actions/upload-artifact")) - yaml.WriteString(" with:\n") - yaml.WriteString(" name: aw.patch\n") - yaml.WriteString(" path: /tmp/gh-aw/aw.patch\n") - yaml.WriteString(" if-no-files-found: ignore\n") -} - // generateUnifiedArtifactUpload generates a single step that uploads all agent job artifacts // This consolidates multiple individual upload steps into one, improving workflow readability // and reliability. The step always runs (even on cancellation) and ignores missing files. diff --git a/pkg/workflow/create_pull_request.go b/pkg/workflow/create_pull_request.go index d7dd98eba2..6832b4f7e1 100644 --- a/pkg/workflow/create_pull_request.go +++ b/pkg/workflow/create_pull_request.go @@ -41,12 +41,12 @@ func (c *Compiler) buildCreateOutputPullRequestJob(data *WorkflowData, mainJobNa // Build pre-steps for patch download, checkout, and git config var preSteps []string - // Step 1: Download patch artifact + // Step 1: Download patch artifact from unified agent-artifacts preSteps = append(preSteps, " - name: Download patch artifact\n") preSteps = append(preSteps, " continue-on-error: true\n") preSteps = append(preSteps, fmt.Sprintf(" uses: %s\n", GetActionPin("actions/download-artifact"))) preSteps = append(preSteps, " with:\n") - preSteps = append(preSteps, " name: aw.patch\n") + preSteps = append(preSteps, " name: agent-artifacts\n") preSteps = append(preSteps, " path: /tmp/gh-aw/\n") // Step 2: Checkout repository diff --git a/pkg/workflow/patch_artifact_download_verification_test.go b/pkg/workflow/patch_artifact_download_verification_test.go index b367b5f580..6ffc15afeb 100644 --- a/pkg/workflow/patch_artifact_download_verification_test.go +++ b/pkg/workflow/patch_artifact_download_verification_test.go @@ -67,9 +67,9 @@ in the consolidated safe_outputs job when create-pull-request is enabled. t.Fatal("Expected 'Download patch artifact' step in safe_outputs job") } - // 3. Verify correct artifact name - if !strings.Contains(lockContentStr, "name: aw.patch") { - t.Error("Expected patch artifact to be named 'aw.patch'") + // 3. Verify artifact is downloaded from unified agent-artifacts + if !strings.Contains(lockContentStr, "name: agent-artifacts") { + t.Error("Expected patch to be downloaded from 'agent-artifacts' unified artifact") } // 4. Verify correct download path @@ -156,9 +156,9 @@ push-to-pull-request-branch is enabled. t.Fatal("Expected 'Download patch artifact' step when push-to-pull-request-branch is enabled") } - // Verify correct artifact name and path - if !strings.Contains(lockContentStr, "name: aw.patch") { - t.Error("Expected patch artifact to be named 'aw.patch'") + // Verify artifact is downloaded from unified agent-artifacts + if !strings.Contains(lockContentStr, "name: agent-artifacts") { + t.Error("Expected patch to be downloaded from 'agent-artifacts' unified artifact") } if !strings.Contains(lockContentStr, "path: /tmp/gh-aw/") { t.Error("Expected patch artifact to be downloaded to '/tmp/gh-aw/'") diff --git a/pkg/workflow/push_to_pull_request_branch_test.go b/pkg/workflow/push_to_pull_request_branch_test.go index 17448d29ee..09183238de 100644 --- a/pkg/workflow/push_to_pull_request_branch_test.go +++ b/pkg/workflow/push_to_pull_request_branch_test.go @@ -866,9 +866,9 @@ This test verifies that the aw.patch artifact is downloaded in the safe_outputs t.Errorf("Expected 'Download patch artifact' step in safe_outputs job when push-to-pull-request-branch is enabled") } - // Verify that patch is downloaded to correct path - if !strings.Contains(lockContentStr, "name: aw.patch") { - t.Errorf("Expected patch artifact to be named 'aw.patch'") + // Verify that patch is downloaded from unified agent-artifacts + if !strings.Contains(lockContentStr, "name: agent-artifacts") { + t.Errorf("Expected patch to be downloaded from 'agent-artifacts' unified artifact") } if !strings.Contains(lockContentStr, "path: /tmp/gh-aw/") { diff --git a/pkg/workflow/threat_detection.go b/pkg/workflow/threat_detection.go index ff9cdcaaa7..7f95792ea6 100644 --- a/pkg/workflow/threat_detection.go +++ b/pkg/workflow/threat_detection.go @@ -185,18 +185,19 @@ func (c *Compiler) buildThreatDetectionSteps(data *WorkflowData, mainJobName str } // buildDownloadArtifactStep creates the artifact download step +// Downloads from unified agent-artifacts (contains prompt, patch, etc.) and separate agent-output func (c *Compiler) buildDownloadArtifactStep(mainJobName string) []string { var steps []string - // Download prompt artifact + // Download unified agent-artifacts (contains prompt, patch, logs, etc.) steps = append(steps, buildArtifactDownloadSteps(ArtifactDownloadConfig{ - ArtifactName: "prompt", + ArtifactName: "agent-artifacts", DownloadPath: "/tmp/gh-aw/threat-detection/", SetupEnvStep: false, - StepName: "Download prompt artifact", + StepName: "Download agent artifacts", })...) - // Download agent output artifact + // Download agent output artifact (still separate) steps = append(steps, buildArtifactDownloadSteps(ArtifactDownloadConfig{ ArtifactName: constants.AgentOutputArtifactName, DownloadPath: "/tmp/gh-aw/threat-detection/", @@ -204,15 +205,6 @@ func (c *Compiler) buildDownloadArtifactStep(mainJobName string) []string { StepName: "Download agent output artifact", })...) - // Download patch artifact - only when patch exists - steps = append(steps, buildArtifactDownloadSteps(ArtifactDownloadConfig{ - ArtifactName: "aw.patch", - DownloadPath: "/tmp/gh-aw/threat-detection/", - SetupEnvStep: false, - StepName: "Download patch artifact", - IfCondition: fmt.Sprintf("needs.%s.outputs.has_patch == 'true'", mainJobName), - })...) - return steps } diff --git a/pkg/workflow/threat_detection_test.go b/pkg/workflow/threat_detection_test.go index bebfaeca82..bb9df9cf70 100644 --- a/pkg/workflow/threat_detection_test.go +++ b/pkg/workflow/threat_detection_test.go @@ -727,7 +727,7 @@ func TestThreatDetectionStepsIncludeEcho(t *testing.T) { func TestDownloadArtifactStepIncludesPrompt(t *testing.T) { compiler := NewCompiler(false, "", "test") - // Test that the download artifact step includes prompt.txt download + // Test that the download artifact step includes unified agent-artifacts download steps := compiler.buildDownloadArtifactStep("agent") if len(steps) == 0 { @@ -737,12 +737,12 @@ func TestDownloadArtifactStepIncludesPrompt(t *testing.T) { // Join all steps into a single string for easier verification stepsString := strings.Join(steps, "") - // Verify key components of the download prompt step + // Verify unified agent-artifacts download (contains prompt, patch, logs, etc.) expectedComponents := []string{ - "name: Download prompt artifact", + "name: Download agent artifacts", "continue-on-error: true", "uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53", - "name: prompt", + "name: agent-artifacts", "path: /tmp/gh-aw/threat-detection/", } @@ -752,63 +752,19 @@ func TestDownloadArtifactStepIncludesPrompt(t *testing.T) { } } - // Verify it still includes agent output and patch downloads + // Verify it still includes agent output download (separate artifact) if !strings.Contains(stepsString, "Download agent output artifact") { t.Error("Expected download steps to include agent output artifact") } - if !strings.Contains(stepsString, "Download patch artifact") { - t.Error("Expected download steps to include patch artifact") - } } func TestDownloadPatchArtifactHasConditional(t *testing.T) { - compiler := NewCompiler(false, "", "test") - - // Test that the patch download step has a conditional to only run when has_patch is true - steps := compiler.buildDownloadArtifactStep("agent") - - if len(steps) == 0 { - t.Fatal("Expected non-empty steps for download artifact") - } - - // Join all steps into a single string for easier verification - stepsString := strings.Join(steps, "") - - // Verify the patch download step has the conditional - if !strings.Contains(stepsString, "Download patch artifact") { - t.Error("Expected download steps to include patch artifact") - } - - // Verify the conditional is present - if !strings.Contains(stepsString, "if: needs.agent.outputs.has_patch == 'true'") { - t.Error("Expected patch download step to have conditional checking needs.agent.outputs.has_patch == 'true'") - } - - // More specific test: look for the pattern "Download patch artifact" followed by "if:" within the same step - expectedPattern := "Download patch artifact" - patchStepIndex := strings.Index(stepsString, expectedPattern) - if patchStepIndex == -1 { - t.Fatal("Could not find patch download step") - } - - // Get the substring from the patch step onwards - afterPatchStep := stepsString[patchStepIndex:] - - // Find the next step (starts with "- name:") - nextStepIndex := strings.Index(afterPatchStep[len(expectedPattern):], "- name:") - var patchStepContent string - if nextStepIndex == -1 { - // This is the last step - patchStepContent = afterPatchStep - } else { - // Get content up to the next step - patchStepContent = afterPatchStep[:len(expectedPattern)+nextStepIndex] - } - - // Verify the patch step content includes the conditional - if !strings.Contains(patchStepContent, "if: needs.agent.outputs.has_patch == 'true'") { - t.Errorf("Expected patch download step to contain conditional, but got:\n%s", patchStepContent) - } + // This test is no longer applicable since we now download the entire + // agent-artifacts unconditionally. The unified artifact contains prompt, + // patch (if present), logs, etc. The patch file being present or not + // doesn't affect the download step - it just means the file may or may not + // be in the downloaded artifact. + t.Skip("Patch is now part of unified agent-artifacts download without conditional") } func TestSetupScriptReferencesPromptFile(t *testing.T) {