[WIP] Fix MCP config generation for Copilot CLI

[Copilot]

Plan: Fix sandbox: false MCP config and base_branch issues ✅

All Issues Fixed

• Generate MCP config when sandbox: false: Added RenderJSONMCPConfigDirect function to write /home/runner/.copilot/mcp-config.json directly when sandbox is disabled, enabling Copilot CLI to discover safeoutputs server
• Fix base_branch for pull_request triggers: Updated create_pull_request and push_to_pull_request_branch handlers to use github.event.pull_request.head.ref || github.ref_name instead of just github.ref_name
• Fix safe_outputs checkout ref: Added ref: ${{ github.event.pull_request.head.ref || github.ref }} to safe_outputs checkout step

Implementation Complete ✅

• Explore codebase to understand MCP config generation and safe outputs
• Add MCP config write step when sandbox: false in Copilot engine
• Update base_branch in handler configs for create_pull_request and push_to_pull_request_branch
• Update safe_outputs checkout step to use proper ref for pull_request triggers
• Fix linter warnings
• Improve documentation based on code review feedback
• Run make agent-finish - all tests pass ✅
• Recompile all 147 workflows successfully ✅

Changes Summary

Files Modified:

1. pkg/workflow/compiler_safe_outputs_config.go - Updated base_branch in create_pull_request and push_to_pull_request_branch handlers to use github.event.pull_request.head.ref || github.ref_name
2. pkg/workflow/compiler_safe_outputs_steps.go - Added ref: ${{ github.event.pull_request.head.ref || github.ref }} parameter to checkout step
3. pkg/workflow/copilot_mcp.go - Added logic to call RenderJSONMCPConfigDirect when sandbox is disabled
4. pkg/workflow/mcp_renderer.go - Added new RenderJSONMCPConfigDirect function with comprehensive documentation
5. pkg/workflow/mcp_setup_generator.go - Added "Write MCP config" step when sandbox is disabled for Copilot engine

Validation ✅

✅ All unit tests pass (make test-unit)
✅ All linters pass (make lint)
✅ All 147 workflows recompile successfully (make recompile)
✅ Code review completed with documentation improvements addressed
✅ Test workflow confirms MCP config is written when sandbox: false
✅ Test workflow confirms base_branch uses github.event.pull_request.head.ref || github.ref_name
✅ Test workflow confirms checkout uses ref: ${{ github.event.pull_request.head.ref || github.ref }}

Security Summary

No new security vulnerabilities introduced. The changes:

• Fix proper branch reference resolution for pull_request triggers
• Enable direct MCP config file writing when sandbox is disabled (expected behavior)
• All existing security features (safe outputs, validation) remain intact

Original prompt

---

This section details on the original issue you should resolve

<issue_title>sandbox:false - compiler doesn't generate MCP config for Copilot CLI to discover safeoutputs server</issue_title>
<issue_description>## Problem

When compiling a workflow with sandbox: false, the compiler:

1. Generates steps to start the Safe Outputs MCP HTTP Server ✅
2. Sets GH_AW_MCP_CONFIG: /home/runner/.copilot/mcp-config.json env var ✅
3. Does NOT generate a step to write mcp-config.json ❌

Without the MCP gateway (which is disabled by sandbox: false), Copilot CLI has no way to discover the safeoutputs MCP server. The agent cannot find create_pull_request, noop, or other safe output tools.

Additional Issue: base_branch in GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG

The compiler always generates "base_branch":"${{ github.ref_name }}" in GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG. For pull_request triggers, github.ref_name resolves to 18/merge (the synthetic merge ref), not the actual branch name. This causes the safe_outputs job to fail when creating PRs.

Similarly, the safe_outputs job Checkout repository step uses default github.ref which checks out refs/pull/18/merge instead of the PR head branch.

Current Workaround (3 manual fixes after every compile)

1. Add "Write MCP config" step after "Start Safe Outputs MCP HTTP Server" to write /home/runner/.copilot/mcp-config.json with safeoutputs HTTP server config
2. Fix base_branch in handler config: github.ref_name → github.event.pull_request.head.ref || github.ref_name
3. Fix safe_outputs checkout ref: add ref: ${{ github.event.pull_request.head.ref || github.ref }}

Expected Behavior

The compiler should:

• Generate a step to write mcp-config.json when sandbox: false so Copilot CLI can connect to safe outputs
• Use github.event.pull_request.head.ref (with fallback) for base_branch and safe_outputs checkout when triggered by pull_request

Reproduction

sandbox: false
strict: false
safe-outputs:
  create-pull-request:
    draft: true

Compile and run on a pull_request trigger — agent cannot find create_pull_request tool.</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes sandbox:false - compiler doesn't generate MCP config for Copilot CLI to discover safeoutputs server #14875

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.