Skip to content

[WIP] Fix CI failure due to runtime-import validation regression #10340

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Copilot wants to merge 1 commit into from
Closed

[WIP] Fix CI failure due to runtime-import validation regression #10340

Copilot wants to merge 1 commit into from

Conversation

Copy link
Contributor

Copilot AI commented Jan 16, 2026

Thanks for assigning this issue to me. I'm starting to work on it and will keep this PR's description up to date as I form a plan and make progress.

Original prompt

This section details on the original issue you should resolve

<issue_title>[CI Failure Doctor] 🏥 CI Failure Investigation - Runtime-import Validation Regression (Run #30032)</issue_title>
<issue_description># 🏥 CI Failure Investigation - Run githubnext/gh-aw#30032

Summary

🚨 CRITICAL: ALL CI BUILDS BLOCKED - PR #10312 introduced compile-time validation for runtime-import expressions that breaks lock file compilation, preventing any PRs from being merged.

Failure Details

Root Cause Analysis

PR #10312 added a new validation step validateRuntimeImportFiles() in the compiler that validates GitHub Actions expressions in runtime-imported markdown files at compile time. This validation is failing when rebuilding lock files, causing the CI build job to fail.

Files Changed in PR #10312

  1. pkg/workflow/compiler.go (+19 lines)

    • Added validateRuntimeImportFiles() call during compilation
    • Calculates workspace directory by going up from .github/workflows/file.md

  2. pkg/workflow/expression_validation.go (+117 lines)

    • New validateRuntimeImportFiles() function
    • New extractRuntimeImportPaths() helper function

  3. pkg/workflow/runtime_import_validation_test.go (+323 lines)

    • Test coverage for the new validation

Suspected Issue

Two workflows use runtime-import to include files from .github/agentics/:

  1. code-simplifier.md: {{#runtime-import agentics/code-simplifier.md}}
  2. repo-audit-analyzer.md: {{#runtime-import agentics/repo-audit-analyzer.md}}

These imported files contain GitHub Actions expressions like:

  • ${{ github.repository }} ✅ In AllowedExpressions list
  • ${{ github.workspace }} ✅ In AllowedExpressions list
  • ${{ inputs.repository || 'FStarLang/FStar' }} ❓ Should be allowed via inputs.* pattern

Possible root causes:

  1. Path Resolution Bug: The validation may not be correctly building the absolute path to .github/agentics/ files
  2. Expression Validation False Positive: The logical OR operator (||) in expressions may not be handled correctly
  3. Workspace Directory Calculation: The compiler's workspace directory calculation may be incorrect in CI environment

Failed Jobs and Errors

Build Job (FAILED)

Subsequent Jobs (CANCELLED)

  • fuzz (60604929427)
  • Integration: CMD Tests (60604929900)

Note: Unable to access full error logs without GitHub API authentication.

Investigation Findings

Validation Logic Flow

// From compiler.go
workflowDir := filepath.Dir(markdownPath)     // .github/workflows
githubDir := filepath.Dir(workflowDir)        // .github
workspaceDir := filepath.Dir(githubDir)       // repo root

validateRuntimeImportFiles(content, workspaceDir)

// From expression_validation.go  
normalizedPath := "agentics/code-simplifier.md"  // After removing .github/, ./
githubFolder := filepath.Join(workspaceDir, ".github")
absolutePath := filepath.Join(githubFolder, normalizedPath)
// Expected: /home/runner/work/gh-aw/gh-aw/.github/agentics/code-simplifier.md

Files That Should Exist

.github/agentics/code-simplifier.md - EXISTS (confirmed)
.github/agentics/repo-audit-analyzer.md - EXISTS (confirmed)

Expressions Found in Imported Files

From code-simplifier.md:

- **Repository**: ${{ github.repository }}
- **Workspace**: ${{ github.workspace }}

From repo-audit-analyzer.md:

${{ inputs.repository || 'FStarLang/FStar' }}

All these expressions should be valid according to the allowlist.

Recommended Actions

🔥 IMMEDIATE (Fix CI)

  1. Reproduce Locally:

    git checkout 75ce58e28a9d3cb12b500deec165c21d659d19d7
make build
make recompile  # Should fail on code-simplifier.md or repo-audit-analyzer.md

  2. Get Actual Error Message: The CI logs will show the exact validation error

  3. Quick Fix Options:

    • Option A: Temporarily disable runtime-import validation (comment out the call)
    • Option B: Skip validation for files in .github/agentics/ subdirectory
    • Option C: Fix the specific validation issue once identified

🔧 ROOT CAUSE FIX

Based on the actual error message, fix one of:

  1. Path Resolution: Ensure workspaceDir calculation works in CI environment
  2. Expression Validation: Handle logical operators in expressions (||, &&)
  3. Inputs Pattern Matching: Verify inputs.* regex matches inputs.repository

✅ V...

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

@pelikhan pelikhan closed this Jan 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@mnkiefer mnkiefer

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[CI Failure Doctor] 🏥 CI Failure Investigation - Runtime-import Validation Regression (Run #30032)

3 participants

@pelikhan @mnkiefer