Enable HTTP MCP server mode for agentic-workflows tool

[Copilot]

Fix: Add agentic-workflows env vars to MCP gateway docker command

• Identify the root cause of CI failure
  • Retrieved workflow logs from failed run
  • Found error: "undefined environment variable referenced: GH_AW_AGENTIC_WORKFLOWS_API_KEY"
  • Identified missing env vars in docker command
• Implement the fix
  • Added -e GH_AW_AGENTIC_WORKFLOWS_PORT to docker command
  • Added -e GH_AW_AGENTIC_WORKFLOWS_API_KEY to docker command
  • Matches pattern used for safe-inputs MCP server
• Test the fix
  • Verified build succeeds
  • Recompiled smoke-copilot workflow
  • Confirmed env vars are in docker command
  • All agentic-workflows tests pass
• Recompile all workflows and commit

Root Cause

The agentic-workflows MCP server uses HTTP mode with URL http://host.docker.internal:$GH_AW_AGENTIC_WORKFLOWS_PORT and Authorization header ${GH_AW_AGENTIC_WORKFLOWS_API_KEY}. The MCP gateway validates and resolves these ${} variable references at configuration load time, so the environment variables must be available in the gateway container's environment.

The environment variables were being set in the workflow step's env: block and collected in collectMCPEnvironmentVariables(), but they weren't being passed to the docker container via -e flags in the docker command.

Fix

Added the environment variables to the docker command in mcp_servers.go:

// Environment variables used by agentic-workflows MCP server (HTTP mode)
if hasAgenticWorkflows {
    containerCmd += " -e GH_AW_AGENTIC_WORKFLOWS_PORT"
    containerCmd += " -e GH_AW_AGENTIC_WORKFLOWS_API_KEY"
}

This matches the existing pattern for safe-inputs MCP server and ensures the variables are available for the gateway to resolve.

Original prompt

The builtin tools.agentic-workflows that enables the gh-aw MCP server into the configuration should add a step to start the MCP-server as a HTTP server and pass the address/api key into the generated MCP server configuration.

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

---

Changeset

• Type: patch
• Description: Enable HTTP MCP server mode for the builtin agentic-workflows tool. The tool now starts gh aw mcp-server as an HTTP server and emits the API key and port so generated MCP configs use an HTTP transport with an Authorization header. Changes include server startup, switching generated configs from stdio to HTTP, and passing GH_AW_AGENTIC_WORKFLOWS_PORT and GH_AW_AGENTIC_WORKFLOWS_API_KEY to the gateway.

Ahoy! This treasure was crafted by 🏴‍☠️ Changeset Generator

---

Changeset

• Type: patch
• Description: Enable HTTP MCP server mode for the builtin agentic-workflows tool. The tool now starts gh aw mcp-server as an HTTP server and emits the API key and port so generated MCP configs use an HTTP transport with an Authorization header. The gateway docker command now passes GH_AW_AGENTIC_WORKFLOWS_PORT and GH_AW_AGENTIC_WORKFLOWS_API_KEY to the container.

Ahoy! This treasure was crafted by 🏴‍☠️ Changeset Generator

[github-actions]

🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨

[github-actions]

🎉 Yo ho ho! Changeset Generator found the treasure and completed successfully! ⚓💰

[github-actions]

📰 DEVELOPING STORY: Smoke Copilot reports failed. Our correspondents are investigating the incident...

[github-actions]

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

[github-actions]

GitHub MCP: ✅ Fix undici security vulnerability (GHSA-g9mf-h72j-4rw9); Use GitHub MCP server with dynamic repo context in code-scanning-fixer workflow
Serena Go: ❌ serena-go tool unavailable
Playwright: ✅ title contains "GitHub"
Tavily: ✅ results returned
File write + cat: ✅
Overall: FAIL

AI generated by Smoke Codex

[pelikhan]

@copilot

See error https://github.com/githubnext/gh-aw/actions/runs/21052610484/job/60542073464#step:19:1

[Copilot]

@copilot

See error https://github.com/githubnext/gh-aw/actions/runs/21052610484/job/60542073464#step:19:1

Fixed in e5d5baf. The issue was that GH_AW_AGENTIC_WORKFLOWS_PORT and GH_AW_AGENTIC_WORKFLOWS_API_KEY environment variables weren't being passed to the MCP gateway docker container, causing the gateway to fail when trying to resolve the ${} variable references in the MCP configuration.

The fix adds these environment variables to the docker command using -e flags, matching the pattern used for safe-inputs MCP server.

[github-actions]

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

[github-actions]

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

[github-actions]

🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨

[github-actions]

🎉 Yo ho ho! Changeset Generator found the treasure and completed successfully! ⚓💰

[github-actions]

GitHub MCP (merged PRs: Fix undici security vulnerability (GHSA-g9mf-h72j-4rw9); Use GitHub MCP server with dynamic repo context in code-scanning-fixer workflow) ✅
Serena Go (serena-go: go version) ❌
Playwright (title contains GitHub) ✅
Tavily search (results returned) ✅
File write (/tmp/gh-aw/agent/smoke-test-codex-21053617122.txt) ✅
Bash cat (readback ok) ✅
Overall: FAIL

AI generated by Smoke Codex

[github-actions]

Claude Engine Smoke Test - PASS ✅

Recent PRs:

• Add workflow: githubnext/agentics/weekly-research #8: Add workflow: githubnext/agentics/weekly-research
• Remove ai-inference, opencode, genaiscript agentic engines for now #10: Remove ai-inference, opencode, genaiscript agentic engines

Test Results:

• ✅ GitHub MCP (list PRs)
• ✅ Serena Go (initialized)
• ✅ Playwright (navigated to github.com, title verified)
• ✅ Tavily Search (5 results for "GitHub Agentic Workflows")
• ✅ File Write (/tmp/gh-aw/agent/smoke-test-claude-21053617125.txt)
• ✅ Bash (file verified)

Status: All systems operational

AI generated by Smoke Claude

[github-actions]

Smoke Test Results - Run #21053617118

Last 2 Merged PRs:

• PR Add comprehensive SDK engine documentation and migration guide #10179: Add comprehensive SDK engine documentation and migration guide
• PR Fix undici security vulnerability (GHSA-g9mf-h72j-4rw9) #10178: Fix undici security vulnerability (GHSA-g9mf-h72j-4rw9)

Test Results:

• ✅ GitHub MCP - Successfully queried last 2 PRs
• ❌ Serena Go - Command not available (go: command not found)
• ✅ Playwright - Navigated to github.com, title: "GitHub · Change is constant. GitHub keeps you ahead. · GitHub"
• ✅ File Writing - Created /tmp/gh-aw/agent/smoke-test-copilot-21053617118.txt
• ✅ Bash Tool - Verified file creation successful

Overall Status: PASS (4/5 tests passed, serena-go unavailable in environment)

cc @pelikhan

AI generated by Smoke Copilot