From 04a6a2d24ea8e541ef22e3a0330adab2ea138bf4 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 30 Dec 2025 02:32:19 +0000 Subject: [PATCH 1/2] Initial plan From 2c21e2addb0d8954c6c1449ffff550ba4d0ce2b5 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 30 Dec 2025 02:50:06 +0000 Subject: [PATCH 2/2] Convert single-value enums to const and add URI format constraints - Converted 17 single-value enum instances to const per JSON Schema best practice: - mcp_config_schema.json: 4 instances (http, stdio type constraints) - included_file_schema.json: 5 instances (http, defaults, disable, stdio) - main_workflow_schema.json: 8 instances (completed, checks_requested, started, read, defaults, disable, all, http) - Added format: uri constraints to appropriate string fields: - MCP server url fields (all 3 schemas) - MCP server registry fields (all 3 schemas) - HTTP mode MCP server url field (main schema) - Updated test expectation for empty URL field to check format validation - Excluded environment.url from format constraint (accepts GitHub expressions) All unit tests passing. Ready for full test suite. Co-authored-by: mnkiefer <8320933+mnkiefer@users.noreply.github.com> --- pkg/parser/schema_test.go | 2 +- pkg/parser/schemas/included_file_schema.json | 11 +++++---- pkg/parser/schemas/main_workflow_schema.json | 24 ++++++++++++-------- pkg/parser/schemas/mcp_config_schema.json | 10 ++++---- 4 files changed, 28 insertions(+), 19 deletions(-) diff --git a/pkg/parser/schema_test.go b/pkg/parser/schema_test.go index 0ce13d1ebf..2a86a681b1 100644 --- a/pkg/parser/schema_test.go +++ b/pkg/parser/schema_test.go @@ -2020,7 +2020,7 @@ func TestValidateMCPConfigWithSchema(t *testing.T) { }, toolName: "test-tool", wantErr: true, - errContains: "minLength", + errContains: "valid uri", // Format validation takes precedence over minLength }, { name: "valid stdio MCP config with container", diff --git a/pkg/parser/schemas/included_file_schema.json b/pkg/parser/schemas/included_file_schema.json index 4d34a6df11..618f281cf8 100644 --- a/pkg/parser/schemas/included_file_schema.json +++ b/pkg/parser/schemas/included_file_schema.json @@ -767,7 +767,7 @@ "properties": { "mode": { "type": "string", - "enum": ["http"], + "const": "http", "default": "http", "description": "Deprecated: Transport mode for the safe-inputs MCP server. This field is ignored as only 'http' mode is supported. The server always starts as a separate step.", "deprecated": true, @@ -829,7 +829,7 @@ "oneOf": [ { "type": "string", - "enum": ["defaults"], + "const": "defaults", "description": "Use default network access" }, { @@ -858,7 +858,7 @@ }, { "type": "string", - "enum": ["disable"], + "const": "disable", "description": "Disable AWF firewall (triggers warning if allowed != *, error in strict mode if allowed is not * or engine does not support firewall)" }, { @@ -998,6 +998,7 @@ }, "registry": { "type": "string", + "format": "uri", "description": "URI to the installation location when MCP is installed from a registry" }, "command": { @@ -1130,15 +1131,17 @@ "properties": { "type": { "type": "string", - "enum": ["http"], + "const": "http", "description": "MCP connection type for HTTP" }, "registry": { "type": "string", + "format": "uri", "description": "URI to the installation location when MCP is installed from a registry" }, "url": { "type": "string", + "format": "uri", "minLength": 1, "description": "URL for HTTP MCP connections" }, diff --git a/pkg/parser/schemas/main_workflow_schema.json b/pkg/parser/schemas/main_workflow_schema.json index 581603c799..5c60f97b34 100644 --- a/pkg/parser/schemas/main_workflow_schema.json +++ b/pkg/parser/schemas/main_workflow_schema.json @@ -794,7 +794,7 @@ "description": "Types of check suite events", "items": { "type": "string", - "enum": ["completed"] + "const": "completed" } } } @@ -902,7 +902,7 @@ "description": "Types of merge group events", "items": { "type": "string", - "enum": ["checks_requested"] + "const": "checks_requested" } } } @@ -1156,7 +1156,7 @@ "description": "Types of watch events", "items": { "type": "string", - "enum": ["started"] + "const": "started" } } } @@ -1406,7 +1406,7 @@ }, "all": { "type": "string", - "enum": ["read"], + "const": "read", "description": "Permission shorthand that applies read access to all permission scopes. Can be combined with specific write permissions to override individual scopes. 'write' is not allowed for all." } } @@ -1950,7 +1950,7 @@ "oneOf": [ { "type": "string", - "enum": ["defaults"], + "const": "defaults", "description": "Use default network permissions (basic infrastructure: certificates, JSON schema, Ubuntu, etc.)" }, { @@ -1981,7 +1981,7 @@ }, { "type": "string", - "enum": ["disable"], + "const": "disable", "description": "Disable AWF firewall (triggers warning if allowed != *, error in strict mode if allowed is not * or engine does not support firewall)" }, { @@ -3185,6 +3185,7 @@ }, "url": { "type": "string", + "format": "uri", "description": "URL for HTTP mode MCP servers" }, "headers": { @@ -4979,8 +4980,8 @@ "oneOf": [ { "type": "string", - "enum": ["all"], - "description": "Allow any authenticated user to trigger the workflow (\u26a0\ufe0f disables permission checking entirely - use with caution)" + "const": "all", + "description": "Allow any authenticated user to trigger the workflow (⚠️ disables permission checking entirely - use with caution)" }, { "type": "array", @@ -5236,7 +5237,7 @@ "properties": { "mode": { "type": "string", - "enum": ["http"], + "const": "http", "default": "http", "description": "Deprecated: Transport mode for the safe-inputs MCP server. This field is ignored as only 'http' mode is supported. The server always starts as a separate step.", "deprecated": true, @@ -5515,6 +5516,7 @@ }, "registry": { "type": "string", + "format": "uri", "description": "URI to the installation location when MCP is installed from a registry" }, "command": { @@ -5651,15 +5653,17 @@ "properties": { "type": { "type": "string", - "enum": ["http"], + "const": "http", "description": "MCP connection type for HTTP" }, "registry": { "type": "string", + "format": "uri", "description": "URI to the installation location when MCP is installed from a registry" }, "url": { "type": "string", + "format": "uri", "minLength": 1, "description": "URL for HTTP MCP connections" }, diff --git a/pkg/parser/schemas/mcp_config_schema.json b/pkg/parser/schemas/mcp_config_schema.json index 609e15fac2..90b62ec36e 100644 --- a/pkg/parser/schemas/mcp_config_schema.json +++ b/pkg/parser/schemas/mcp_config_schema.json @@ -49,10 +49,12 @@ }, "registry": { "type": "string", + "format": "uri", "description": "URI to the installation location when MCP is installed from a registry" }, "url": { "type": "string", + "format": "uri", "minLength": 1, "description": "URL for HTTP MCP connections", "examples": ["http://localhost:8765", "https://api.example.com/mcp"] @@ -200,7 +202,7 @@ "if": { "properties": { "type": { - "enum": ["http"] + "const": "http" } } }, @@ -215,7 +217,7 @@ "if": { "properties": { "type": { - "enum": ["stdio"] + "const": "stdio" } } }, @@ -257,7 +259,7 @@ "then": { "properties": { "type": { - "enum": ["stdio"] + "const": "stdio" } } } @@ -270,7 +272,7 @@ "required": ["container"], "properties": { "type": { - "enum": ["stdio"] + "const": "stdio" } } }