From 1a70274cc7023bacfea08bb704f293c574b18bd4 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 7 Oct 2025 17:40:24 +0000 Subject: [PATCH 1/3] Initial plan From 079b83dafd3f015a7be6d3de09931a2f3ca38246 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 7 Oct 2025 17:45:16 +0000 Subject: [PATCH 2/3] Initial plan: Add git configuration step to agentic job Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .github/workflows/cli-version-checker.lock.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml index a83c480136..56da9b2f4e 100644 --- a/.github/workflows/cli-version-checker.lock.yml +++ b/.github/workflows/cli-version-checker.lock.yml @@ -1025,7 +1025,7 @@ jobs: - **Document Changes**: Include detailed information in the PR description - **Test First**: The recompile step will catch obvious issues - **Security Focused**: Prioritize security updates - - **DO NOT COMMIT *.lock.yml files directly**. These files will be reconstructed by another action. + - **DO NOT COMMIT `*.lock.yml` and `pkg/workflow/js/*.js` files directly**. These files will be reconstructed by another action. ## PR Description Template @@ -2736,7 +2736,7 @@ jobs: AGENT_OUTPUT: ${{ needs.agent.outputs.output }} WORKFLOW_NAME: "CLI Version Checker" WORKFLOW_DESCRIPTION: "No description provided" - WORKFLOW_MARKDOWN: "# CLI Version Checker\n\nYou are the CLI Version Checker agent, responsible for monitoring updates to the agentic CLI tools used in this project and proposing updates when new versions are available.\n\n## Mission\n\nCheck for new versions of the following agentic CLIs daily:\n1. **Claude Code** (`@anthropic-ai/claude-code`)\n2. **GitHub Copilot CLI** (`@github/copilot`)\n3. **OpenAI Codex** (`@openai/codex`)\n\nWhen updates are found, update the default versions in the codebase and create a pull request.\n\n## Current Context\n\n- **Repository**: ${{ github.repository }}\n- **Triggered**: Scheduled daily check\n- **Run ID**: ${{ github.run_id }}\n\n## Checking Process\n\n### Phase 1: Check Claude Code Version\n\n1. **Fetch NPM Registry Data**:\n - Use web-fetch to get the latest version from `https://registry.npmjs.org/@anthropic-ai/claude-code/latest`\n - Extract the `version` field from the JSON response\n \n2. **Check Current Version**:\n - Read `/home/runner/work/gh-aw/gh-aw/pkg/constants/constants.go`\n - Find the current `DefaultClaudeCodeVersion` constant value\n\n3. **Compare Versions**:\n - If the NPM version is newer than the current version, mark Claude for update\n\n4. **Review Changelog (if update available)**:\n - Fetch the changelog from NPM package metadata\n - Look for breaking changes, important features, or security fixes\n - Note any changes that might affect our usage\n\n### Phase 2: Check GitHub Copilot CLI Version\n\n1. **Fetch NPM Registry Data**:\n - Use web-fetch to get the latest version from `https://registry.npmjs.org/@github/copilot/latest`\n - Extract the `version` field from the JSON response\n\n2. **Review Changelog**:\n - Check the GitHub repository at `https://github.com/github/copilot-cli` for changelog\n - Look at recent releases or changelog.md\n - Note any breaking changes or important updates\n\n3. **Determine Update Strategy**:\n - Since Copilot uses \"latest\" by default, note the current available version\n - Document any important changes in the PR description\n\n### Phase 3: Check OpenAI Codex Version\n\n1. **Fetch NPM Registry Data**:\n - Use web-fetch to get the latest version from `https://registry.npmjs.org/@openai/codex/latest`\n - Extract the `version` field from the JSON response\n\n2. **Review Releases**:\n - Check GitHub releases at `https://github.com/openai/codex/releases` using web-fetch\n - Note any breaking changes or important updates\n\n3. **Determine Update Strategy**:\n - Since Codex uses \"latest\" by default, note the current available version\n - Document any important changes in the PR description\n\n### Phase 4: Update Code If Needed\n\nIf any CLI has a newer version available:\n\n1. **Update Constants File**:\n - Edit `/home/runner/work/gh-aw/gh-aw/pkg/constants/constants.go`\n - Update `DefaultClaudeCodeVersion` to the new version if Claude has an update\n - Use the `Edit` tool to make surgical changes to the constant value\n\n2. **Recompile Workflows**:\n - Run `make recompile` to ensure all workflows are updated with the new version\n - This ensures the compiled `.lock.yml` files reflect the version change\n\n3. **Verify Changes**:\n - Run `git status` to see what files changed\n - Verify that only expected files were modified\n\n### Phase 5: Create Pull Request\n\nIf updates were made:\n\n1. **Prepare PR Description**:\n - Title: \"[auto] Update agentic CLI versions\"\n - Description should include:\n - Which CLIs were updated and to what versions\n - Summary of important changes from changelogs\n - Any breaking changes or migration notes\n - Link to changelogs for each updated CLI\n\n2. **Create PR Using Safe Outputs**:\n - Use the safe-outputs create-pull-request mechanism\n - The PR will be created automatically with your changes\n\n## Important Guidelines\n\n- **Be Conservative**: Only update if the new version is stable (not pre-release)\n- **Check Compatibility**: Review changelogs for breaking changes\n- **Document Changes**: Include detailed information in the PR description\n- **Test First**: The recompile step will catch obvious issues\n- **Security Focused**: Prioritize security updates\n- **DO NOT COMMIT *.lock.yml files directly**. These files will be reconstructed by another action.\n\n## PR Description Template\n\nUse this template when creating the PR:\n\n```markdown\n# Update Agentic CLI Versions\n\nThis automated PR updates the default versions for agentic CLIs used in gh-aw.\n\n## Changes\n\n### Claude Code\n- **Previous Version**: [old version]\n- **New Version**: [new version]\n- **Changelog**: [link to changelog or key changes]\n\n### GitHub Copilot CLI\n- **Current Available**: [version]\n- **Changelog**: [link to changelog or key changes]\n- **Note**: Uses \"latest\" tag by default\n\n### OpenAI Codex\n- **Current Available**: [version]\n- **Releases**: [link to releases or key changes]\n- **Note**: Uses \"latest\" tag by default\n\n## Migration Notes\n\n[Any breaking changes or important updates users should be aware of]\n\n## Testing\n\n- [x] Workflows recompiled successfully with `make recompile`\n- [x] Constants file updated\n- [ ] Manual testing recommended before merge\n\n## References\n\n- Claude NPM: https://www.npmjs.com/package/@anthropic-ai/claude-code\n- Copilot NPM: https://www.npmjs.com/package/@github/copilot\n- Codex NPM: https://www.npmjs.com/package/@openai/codex\n```\n\n## Error Handling\n\n- If NPM registry is unavailable, retry once after 30 seconds\n- If changelog fetch fails, proceed with version update but note in PR\n- If recompile fails, do NOT create PR - log the error\n- If no updates are available, exit successfully without creating PR\n\n## Security Notes\n\n- Never execute code from external sources\n- Only fetch data from trusted NPM registry and official GitHub repos\n- Validate version strings match semver format before updating\n- Review changelogs for security-related updates\n" + WORKFLOW_MARKDOWN: "# CLI Version Checker\n\nYou are the CLI Version Checker agent, responsible for monitoring updates to the agentic CLI tools used in this project and proposing updates when new versions are available.\n\n## Mission\n\nCheck for new versions of the following agentic CLIs daily:\n1. **Claude Code** (`@anthropic-ai/claude-code`)\n2. **GitHub Copilot CLI** (`@github/copilot`)\n3. **OpenAI Codex** (`@openai/codex`)\n\nWhen updates are found, update the default versions in the codebase and create a pull request.\n\n## Current Context\n\n- **Repository**: ${{ github.repository }}\n- **Triggered**: Scheduled daily check\n- **Run ID**: ${{ github.run_id }}\n\n## Checking Process\n\n### Phase 1: Check Claude Code Version\n\n1. **Fetch NPM Registry Data**:\n - Use web-fetch to get the latest version from `https://registry.npmjs.org/@anthropic-ai/claude-code/latest`\n - Extract the `version` field from the JSON response\n \n2. **Check Current Version**:\n - Read `/home/runner/work/gh-aw/gh-aw/pkg/constants/constants.go`\n - Find the current `DefaultClaudeCodeVersion` constant value\n\n3. **Compare Versions**:\n - If the NPM version is newer than the current version, mark Claude for update\n\n4. **Review Changelog (if update available)**:\n - Fetch the changelog from NPM package metadata\n - Look for breaking changes, important features, or security fixes\n - Note any changes that might affect our usage\n\n### Phase 2: Check GitHub Copilot CLI Version\n\n1. **Fetch NPM Registry Data**:\n - Use web-fetch to get the latest version from `https://registry.npmjs.org/@github/copilot/latest`\n - Extract the `version` field from the JSON response\n\n2. **Review Changelog**:\n - Check the GitHub repository at `https://github.com/github/copilot-cli` for changelog\n - Look at recent releases or changelog.md\n - Note any breaking changes or important updates\n\n3. **Determine Update Strategy**:\n - Since Copilot uses \"latest\" by default, note the current available version\n - Document any important changes in the PR description\n\n### Phase 3: Check OpenAI Codex Version\n\n1. **Fetch NPM Registry Data**:\n - Use web-fetch to get the latest version from `https://registry.npmjs.org/@openai/codex/latest`\n - Extract the `version` field from the JSON response\n\n2. **Review Releases**:\n - Check GitHub releases at `https://github.com/openai/codex/releases` using web-fetch\n - Note any breaking changes or important updates\n\n3. **Determine Update Strategy**:\n - Since Codex uses \"latest\" by default, note the current available version\n - Document any important changes in the PR description\n\n### Phase 4: Update Code If Needed\n\nIf any CLI has a newer version available:\n\n1. **Update Constants File**:\n - Edit `/home/runner/work/gh-aw/gh-aw/pkg/constants/constants.go`\n - Update `DefaultClaudeCodeVersion` to the new version if Claude has an update\n - Use the `Edit` tool to make surgical changes to the constant value\n\n2. **Recompile Workflows**:\n - Run `make recompile` to ensure all workflows are updated with the new version\n - This ensures the compiled `.lock.yml` files reflect the version change\n\n3. **Verify Changes**:\n - Run `git status` to see what files changed\n - Verify that only expected files were modified\n\n### Phase 5: Create Pull Request\n\nIf updates were made:\n\n1. **Prepare PR Description**:\n - Title: \"[auto] Update agentic CLI versions\"\n - Description should include:\n - Which CLIs were updated and to what versions\n - Summary of important changes from changelogs\n - Any breaking changes or migration notes\n - Link to changelogs for each updated CLI\n\n2. **Create PR Using Safe Outputs**:\n - Use the safe-outputs create-pull-request mechanism\n - The PR will be created automatically with your changes\n\n## Important Guidelines\n\n- **Be Conservative**: Only update if the new version is stable (not pre-release)\n- **Check Compatibility**: Review changelogs for breaking changes\n- **Document Changes**: Include detailed information in the PR description\n- **Test First**: The recompile step will catch obvious issues\n- **Security Focused**: Prioritize security updates\n- **DO NOT COMMIT `*.lock.yml` and `pkg/workflow/js/*.js` files directly**. These files will be reconstructed by another action.\n\n## PR Description Template\n\nUse this template when creating the PR:\n\n```markdown\n# Update Agentic CLI Versions\n\nThis automated PR updates the default versions for agentic CLIs used in gh-aw.\n\n## Changes\n\n### Claude Code\n- **Previous Version**: [old version]\n- **New Version**: [new version]\n- **Changelog**: [link to changelog or key changes]\n\n### GitHub Copilot CLI\n- **Current Available**: [version]\n- **Changelog**: [link to changelog or key changes]\n- **Note**: Uses \"latest\" tag by default\n\n### OpenAI Codex\n- **Current Available**: [version]\n- **Releases**: [link to releases or key changes]\n- **Note**: Uses \"latest\" tag by default\n\n## Migration Notes\n\n[Any breaking changes or important updates users should be aware of]\n\n## Testing\n\n- [x] Workflows recompiled successfully with `make recompile`\n- [x] Constants file updated\n- [ ] Manual testing recommended before merge\n\n## References\n\n- Claude NPM: https://www.npmjs.com/package/@anthropic-ai/claude-code\n- Copilot NPM: https://www.npmjs.com/package/@github/copilot\n- Codex NPM: https://www.npmjs.com/package/@openai/codex\n```\n\n## Error Handling\n\n- If NPM registry is unavailable, retry once after 30 seconds\n- If changelog fetch fails, proceed with version update but note in PR\n- If recompile fails, do NOT create PR - log the error\n- If no updates are available, exit successfully without creating PR\n\n## Security Notes\n\n- Never execute code from external sources\n- Only fetch data from trusted NPM registry and official GitHub repos\n- Validate version strings match semver format before updating\n- Review changelogs for security-related updates\n" with: script: | const fs = require('fs'); @@ -2938,9 +2938,9 @@ jobs: GITHUB_AW_WORKFLOW_ID: "agent" GITHUB_AW_WORKFLOW_NAME: "CLI Version Checker" GITHUB_AW_BASE_BRANCH: ${{ github.ref_name }} - GITHUB_AW_PR_TITLE_PREFIX: "[auto] " + GITHUB_AW_PR_TITLE_PREFIX: "[ca] " GITHUB_AW_PR_LABELS: "automation,dependencies" - GITHUB_AW_PR_DRAFT: "false" + GITHUB_AW_PR_DRAFT: "true" GITHUB_AW_PR_IF_NO_CHANGES: "warn" GITHUB_AW_MAX_PATCH_SIZE: 1024 with: From 0bd096ad9533916bad31d9f8e482198a957e0c87 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 7 Oct 2025 17:54:54 +0000 Subject: [PATCH 3/3] Add git configuration step to main agentic job - Call generateGitConfigurationSteps() in generateMainJobSteps() - Position after cache setup and before engine installation - Add test to verify git config appears in compiled workflows - All existing tests pass, linting passes - Recompiled all workflows successfully Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- .github/workflows/artifacts-summary.lock.yml | 5 + .github/workflows/brave.lock.yml | 5 + .../workflows/changeset-generator.lock.yml | 5 + .github/workflows/ci-doctor.lock.yml | 5 + .../workflows/cli-version-checker.lock.yml | 5 + .github/workflows/dev.lock.yml | 5 + .../duplicate-code-detector.lock.yml | 5 + .../workflows/go-pattern-detector.lock.yml | 5 + .github/workflows/issue-classifier.lock.yml | 5 + .../workflows/notion-issue-summary.lock.yml | 5 + .github/workflows/pdf-summary.lock.yml | 5 + .github/workflows/poem-bot.lock.yml | 5 + .github/workflows/scout.lock.yml | 5 + .../workflows/technical-doc-writer.lock.yml | 5 + .github/workflows/tidy.lock.yml | 5 + pkg/workflow/compiler.go | 7 +- pkg/workflow/git_config_test.go | 103 ++++++++++++++++++ 17 files changed, 183 insertions(+), 2 deletions(-) create mode 100644 pkg/workflow/git_config_test.go diff --git a/.github/workflows/artifacts-summary.lock.yml b/.github/workflows/artifacts-summary.lock.yml index a787a5ec98..4e4b4a27e8 100644 --- a/.github/workflows/artifacts-summary.lock.yml +++ b/.github/workflows/artifacts-summary.lock.yml @@ -130,6 +130,11 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v5 + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/brave.lock.yml b/.github/workflows/brave.lock.yml index 5ca2f42616..5b2f917fa7 100644 --- a/.github/workflows/brave.lock.yml +++ b/.github/workflows/brave.lock.yml @@ -456,6 +456,11 @@ jobs: gh pr checkout "$PR_NUMBER" env: GH_TOKEN: ${{ github.token }} + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/changeset-generator.lock.yml b/.github/workflows/changeset-generator.lock.yml index 3432352de4..916b124bb3 100644 --- a/.github/workflows/changeset-generator.lock.yml +++ b/.github/workflows/changeset-generator.lock.yml @@ -280,6 +280,11 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v5 + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml index 6fd642433a..32bf941185 100644 --- a/.github/workflows/ci-doctor.lock.yml +++ b/.github/workflows/ci-doctor.lock.yml @@ -101,6 +101,11 @@ jobs: with: name: cache-memory path: /tmp/cache-memory + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml index 56da9b2f4e..806f721dbb 100644 --- a/.github/workflows/cli-version-checker.lock.yml +++ b/.github/workflows/cli-version-checker.lock.yml @@ -128,6 +128,11 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v5 + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml index 372b187b60..f6ae42c515 100644 --- a/.github/workflows/dev.lock.yml +++ b/.github/workflows/dev.lock.yml @@ -139,6 +139,11 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v5 + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/duplicate-code-detector.lock.yml b/.github/workflows/duplicate-code-detector.lock.yml index 5bad832fd3..7762a7da14 100644 --- a/.github/workflows/duplicate-code-detector.lock.yml +++ b/.github/workflows/duplicate-code-detector.lock.yml @@ -133,6 +133,11 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v5 + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml index 9ad685a59e..ab579a039e 100644 --- a/.github/workflows/go-pattern-detector.lock.yml +++ b/.github/workflows/go-pattern-detector.lock.yml @@ -140,6 +140,11 @@ jobs: npm install --global @ast-grep/cli ast-grep --version + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/issue-classifier.lock.yml b/.github/workflows/issue-classifier.lock.yml index 57d25d154f..d3e805bdfe 100644 --- a/.github/workflows/issue-classifier.lock.yml +++ b/.github/workflows/issue-classifier.lock.yml @@ -434,6 +434,11 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v5 + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Safe Outputs Collector MCP run: | mkdir -p /tmp/safe-outputs diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml index b1d6d1272b..af86b9c84b 100644 --- a/.github/workflows/notion-issue-summary.lock.yml +++ b/.github/workflows/notion-issue-summary.lock.yml @@ -289,6 +289,11 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v5 + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml index 38a889809b..d86fe382ae 100644 --- a/.github/workflows/pdf-summary.lock.yml +++ b/.github/workflows/pdf-summary.lock.yml @@ -501,6 +501,11 @@ jobs: with: name: cache-memory path: /tmp/cache-memory + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml index ffe0dd5b5b..acab8e5448 100644 --- a/.github/workflows/poem-bot.lock.yml +++ b/.github/workflows/poem-bot.lock.yml @@ -486,6 +486,11 @@ jobs: name: cache-memory path: /tmp/cache-memory retention-days: 30 + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/scout.lock.yml b/.github/workflows/scout.lock.yml index 85cee61d8d..1d4345c025 100644 --- a/.github/workflows/scout.lock.yml +++ b/.github/workflows/scout.lock.yml @@ -517,6 +517,11 @@ jobs: name: cache-memory path: /tmp/cache-memory retention-days: 7 + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml index a81fedcfc5..e4f1629a41 100644 --- a/.github/workflows/technical-doc-writer.lock.yml +++ b/.github/workflows/technical-doc-writer.lock.yml @@ -163,6 +163,11 @@ jobs: with: name: cache-memory path: /tmp/cache-memory + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml index ad483863f8..2abe336e10 100644 --- a/.github/workflows/tidy.lock.yml +++ b/.github/workflows/tidy.lock.yml @@ -330,6 +330,11 @@ jobs: go-version-file: go.mod - name: Dev dependencies run: make deps-dev + - name: Configure Git credentials + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "${{ github.workflow }}" + echo "Git configured with standard GitHub Actions identity" - name: Setup Node.js uses: actions/setup-node@v4 with: diff --git a/pkg/workflow/compiler.go b/pkg/workflow/compiler.go index 58e0a7fdfa..dccd7b0ce3 100644 --- a/pkg/workflow/compiler.go +++ b/pkg/workflow/compiler.go @@ -2086,8 +2086,11 @@ func (c *Compiler) generateMainJobSteps(yaml *strings.Builder, data *WorkflowDat // Add cache-memory steps if cache-memory configuration is present generateCacheMemorySteps(yaml, data) - // Configure git credentials if git operations will be needed - // Note: Git configuration is handled by token in checkout step when in trial mode + // Configure git credentials for agentic workflows + gitConfigSteps := c.generateGitConfigurationSteps() + for _, line := range gitConfigSteps { + yaml.WriteString(line) + } // Add Node.js setup if the engine requires it and it's not already set up in custom steps engine, err := c.getAgenticEngine(data.AI) diff --git a/pkg/workflow/git_config_test.go b/pkg/workflow/git_config_test.go new file mode 100644 index 0000000000..8e1155551a --- /dev/null +++ b/pkg/workflow/git_config_test.go @@ -0,0 +1,103 @@ +package workflow + +import ( + "os" + "path/filepath" + "strings" + "testing" +) + +// TestGitConfigurationInMainJob verifies that git configuration step is included in the main agentic job +func TestGitConfigurationInMainJob(t *testing.T) { + // Create temporary directory for test files + tmpDir, err := os.MkdirTemp("", "git-config-test") + if err != nil { + t.Fatal(err) + } + defer os.RemoveAll(tmpDir) + + // Create a simple test workflow + testContent := `--- +on: push +permissions: + contents: read +engine: copilot +--- + +# Test Git Configuration + +This is a test workflow to verify git configuration is included. +` + + testFile := filepath.Join(tmpDir, "test-git-config.md") + if err := os.WriteFile(testFile, []byte(testContent), 0644); err != nil { + t.Fatal(err) + } + + // Compile the workflow + compiler := NewCompiler(false, "", "test") + compiler.SetSkipValidation(true) + + workflowData, err := compiler.ParseWorkflowFile(testFile) + if err != nil { + t.Fatalf("Failed to parse workflow file: %v", err) + } + + // Generate YAML content + lockContent, err := compiler.generateYAML(workflowData, testFile) + if err != nil { + t.Fatalf("Failed to generate YAML: %v", err) + } + + // Verify git configuration step is present in the compiled workflow + if !strings.Contains(lockContent, "Configure Git credentials") { + t.Error("Expected 'Configure Git credentials' step to be present in compiled workflow") + } + + // Verify the git config commands are present + if !strings.Contains(lockContent, "git config --global user.email") { + t.Error("Expected git config email command to be present") + } + + if !strings.Contains(lockContent, "git config --global user.name") { + t.Error("Expected git config name command to be present") + } + + if !strings.Contains(lockContent, "github-actions[bot]@users.noreply.github.com") { + t.Error("Expected github-actions bot email to be present") + } +} + +// TestGitConfigurationStepsHelper tests the generateGitConfigurationSteps helper directly +func TestGitConfigurationStepsHelper(t *testing.T) { + compiler := NewCompiler(false, "", "test") + + steps := compiler.generateGitConfigurationSteps() + + // Verify we get expected number of lines + if len(steps) != 5 { + t.Errorf("Expected 5 lines in git configuration steps, got %d", len(steps)) + } + + // Verify the content of the steps + expectedContents := []string{ + "Configure Git credentials", + "run: |", + "git config --global user.email", + "git config --global user.name", + "Git configured with standard GitHub Actions identity", + } + + fullContent := strings.Join(steps, "") + + for _, expected := range expectedContents { + if !strings.Contains(fullContent, expected) { + t.Errorf("Expected git configuration steps to contain '%s'", expected) + } + } + + // Verify proper indentation (should start with 6 spaces for job step level) + if !strings.HasPrefix(steps[0], " - name:") { + t.Error("Expected first line to have proper indentation for job step (6 spaces)") + } +}