sandbox:false - compiler doesn't generate MCP config for Copilot CLI to discover safeoutputs server #14875
Description
Problem
When compiling a workflow with sandbox: false, the compiler:
- Generates steps to start the Safe Outputs MCP HTTP Server ✅
- Sets
GH_AW_MCP_CONFIG: /home/runner/.copilot/mcp-config.jsonenv var ✅ - Does NOT generate a step to write
mcp-config.json❌
Without the MCP gateway (which is disabled by sandbox: false), Copilot CLI has no way to discover the safeoutputs MCP server. The agent cannot find create_pull_request, noop, or other safe output tools.
Additional Issue: base_branch in GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG
The compiler always generates "base_branch":"${{ github.ref_name }}" in GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG. For pull_request triggers, github.ref_name resolves to 18/merge (the synthetic merge ref), not the actual branch name. This causes the safe_outputs job to fail when creating PRs.
Similarly, the safe_outputs job Checkout repository step uses default github.ref which checks out refs/pull/18/merge instead of the PR head branch.
Current Workaround (3 manual fixes after every compile)
- Add "Write MCP config" step after "Start Safe Outputs MCP HTTP Server" to write
/home/runner/.copilot/mcp-config.jsonwithsafeoutputsHTTP server config - Fix
base_branchin handler config:github.ref_name→github.event.pull_request.head.ref || github.ref_name - Fix safe_outputs checkout ref: add
ref: ${{ github.event.pull_request.head.ref || github.ref }}
Expected Behavior
The compiler should:
- Generate a step to write
mcp-config.jsonwhensandbox: falseso Copilot CLI can connect to safe outputs - Use
github.event.pull_request.head.ref(with fallback) forbase_branchand safe_outputs checkout when triggered bypull_request
Reproduction
sandbox: false
strict: false
safe-outputs:
create-pull-request:
draft: trueCompile and run on a pull_request trigger — agent cannot find create_pull_request tool.