Skip to content

chore: upgrade gh-aw to v0.82.8 pre-release and recompile workflows#6131

Merged
lpcox merged 2 commits into
mainfrom
upgrade-gh-aw-prerelease
Jul 12, 2026
Merged

chore: upgrade gh-aw to v0.82.8 pre-release and recompile workflows#6131
lpcox merged 2 commits into
mainfrom
upgrade-gh-aw-prerelease

Conversation

@lpcox

@lpcox lpcox commented Jul 12, 2026

Copy link
Copy Markdown
Collaborator

Summary

Upgrades the gh-aw extension from v0.81.6 to v0.82.8 (latest pre-release) and recompiles all agentic workflows.

Changes

  • Upgraded gh-aw from v0.81.6 → v0.82.8 via gh aw upgrade --pre-releases
  • Recompiled all 49 agentic workflows with gh aw compile
  • Ran post-processing via postprocess-smoke-workflows.ts for smoke/build-test workflows
  • Updated agentics-maintenance.yml with new gh-aw version reference
  • Simplified smoke-docker-sbx.lock.yml (removed redundant steps)
  • Updated self-hosted runner doctor workflow lock files

Verification

  • ✅ All 235 test suites pass (3705 tests)
  • ✅ Lint and build pass

- Upgraded gh-aw extension from v0.81.6 to v0.82.8 (pre-release)
- Recompiled all 49 agentic workflows
- Ran post-processing for smoke and build-test workflows
- All 3705 tests pass

Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings July 12, 2026 12:03

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Upgrades gh-aw-generated workflows to v0.82.8 and refreshes associated lock metadata.

Changes:

  • Updates gh-aw and firewall image references.
  • Regenerates MCP gateway configuration.
  • Refreshes runner-doctor hashes and maintenance metadata.
Show a summary per file
File Description
.github/workflows/smoke-docker-sbx.lock.yml Updates generated runtime configuration and removes sbx setup steps.
.github/workflows/self-hosted-runner-doctor.lock.yml Refreshes the generated body hash.
.github/workflows/self-hosted-runner-doctor-updater.lock.yml Refreshes the generated body hash.
.github/workflows/agentics-maintenance.yml Updates the generator version reference.

Review details

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 4/4 changed files
  • Comments generated: 1
  • Review effort level: Medium

@@ -569,72 +569,6 @@ jobs:
exec "${NODE_BIN}" "${WORKSPACE_PATH}/dist/cli.js" "\$@"
EOF
sudo chmod +x /usr/local/bin/awf
@github-actions

Copy link
Copy Markdown
Contributor

✅ Coverage Check Passed

Overall Coverage

Metric Base PR Delta
Lines 98.30% 98.33% 📈 +0.03%
Statements 98.23% 98.26% 📈 +0.03%
Functions 99.07% 99.07% ➡️ +0.00%
Branches 93.85% 93.85% ➡️ +0.00%
📁 Per-file Coverage Changes (1 files)
File Lines (Before → After) Statements (Before → After)
src/log-directory-setup.ts 96.2% → 100.0% (+3.78%) 96.3% → 100.0% (+3.71%)

Coverage comparison generated by scripts/ci/compare-coverage.ts

@github-actions

github-actions Bot commented Jul 12, 2026

Copy link
Copy Markdown
Contributor

✅ Copilot review passed with no inline comments.

@lpcox Add the ready-for-aw label to this PR to trigger agentic CI smoke tests.

@lpcox

lpcox commented Jul 12, 2026

Copy link
Copy Markdown
Collaborator Author

@copilot address review feedback but ignore changes to compiled .lock.yml files

gh-aw v0.82.8 dropped the 'Install Docker sbx CLI', 'Authenticate
Docker sbx', and 'Refresh sbx credentials' steps from its compiled
output. Without these steps, awf --container-runtime sbx fails
immediately because the sbx executable is not installed and the daemon
is not running or authenticated.

Update postprocess-smoke-workflows.ts to inject these three steps when
post-processing smoke-docker-sbx.lock.yml:
- 'Install Docker sbx CLI' and 'Authenticate Docker sbx': injected
  after 'Install awf binary (local)', before the lockdown mode step
- 'Refresh sbx credentials': injected before 'Execute GitHub Copilot CLI'

All injections are idempotent (guarded by step-name sentinels).

Copilot AI commented Jul 12, 2026

Copy link
Copy Markdown
Contributor

@copilot address review feedback but ignore changes to compiled .lock.yml files

Updated scripts/ci/postprocess-smoke-workflows.ts (commit ad12250) to re-inject the three sbx setup steps that gh-aw v0.82.8 dropped from compilation:

  • "Install Docker sbx CLI" + "Authenticate Docker sbx" — injected after "Install awf binary (local)", before "Determine automatic lockdown mode"
  • "Refresh sbx credentials" — injected immediately before "Execute GitHub Copilot CLI"

All three injections are idempotent (guarded by step-name sentinels). The .lock.yml file itself is not modified in this PR — the steps will appear automatically when the workflow is next recompiled and post-processed.

Copilot finished work on behalf of lpcox July 12, 2026 14:15
@lpcox lpcox merged commit 674a445 into main Jul 12, 2026
23 checks passed
@lpcox lpcox deleted the upgrade-gh-aw-prerelease branch July 12, 2026 15:26
@github-actions

Copy link
Copy Markdown
Contributor

🦎🔮 gVisor runtime: unconfirmed
✅ GitHub PR read: merged PR #6131 matches
✅ github.com connectivity: 301
✅ file read/write: verified
✅ example.com blocked: 403
Overall status: FAIL

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • example.com

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "example.com"

See Network Configuration for more information.

🦎🔮 gVisor + Codex smoke test by Smoke gVisor Codex
Add label test-gvisor-codex to run again

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants