Add shallow checkout to activation job for timestamp verification #3013
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Added sparse checkout of .github/workflows in activation job - Uses fetch-depth: 1 for shallow clone to minimize performance impact - Uses sparse-checkout-cone-mode: false for non-cone pattern support - Sets persist-credentials: false for security - Updated tests to check for checkout in agent job specifically - Added new test TestActivationJobCheckoutStep to verify activation checkout - Updated TestActivationAndAddReactionJobsPermissions to expect checkout in activation job - Updated TestTrialModeCompilation to look for checkout in agent job Co-authored-by: pelikhan <[email protected]>
Copilot
AI
changed the title
[WIP] Add shallow git checkout step in activation job
Add shallow checkout to activation job for timestamp verification
Nov 2, 2025
Copilot finished work on behalf of
pelikhan
November 2, 2025 22:43
Contributor
|
@copilot the check time JavaScript is trying to read the wrong file... it seems that it is using the workflow name instead of the actual workflow file. See action run logs at https://github.com/githubnext/gh-aw/actions/runs/19019309841/job/54311838605#step:3:1 |
The check_workflow_timestamp.cjs script was using GITHUB_WORKFLOW which contains the workflow name (e.g., "Dev") instead of the workflow filename. This caused it to try reading the wrong file. Fixed by: - Adding lockFilename parameter to buildActivationJob() - Passing the lock filename as GH_AW_WORKFLOW_FILE environment variable - Updated JavaScript to use GH_AW_WORKFLOW_FILE instead of GITHUB_WORKFLOW - Added quotes around the filename value to handle special characters - Updated tests to use the new environment variable Co-authored-by: pelikhan <[email protected]>
Contributor
Author
Fixed in a63e44b. The script was using |
Copilot finished work on behalf of
pelikhan
November 2, 2025 23:13
pelikhan
approved these changes
Nov 2, 2025
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR refactors the workflow timestamp check mechanism to use a custom environment variable (GH_AW_WORKFLOW_FILE) instead of the GitHub-provided GITHUB_WORKFLOW variable, and adds a sparse checkout step to the activation job for retrieving workflow files needed for timestamp validation.
Key changes:
- Replaced
GITHUB_WORKFLOWenvironment variable with customGH_AW_WORKFLOW_FILE - Renamed internal
workflowFilevariable toworkflowMdFileto avoid naming conflicts - Added sparse checkout of
.github/workflowsdirectory to activation jobs - Updated all test files to use the new environment variable name
Reviewed Changes
Copilot reviewed 73 out of 73 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| pkg/workflow/compiler_jobs.go | Passes lock filename to activation job builder and adds sparse checkout step with environment variable |
| pkg/workflow/js/check_workflow_timestamp.cjs | Refactors to use GH_AW_WORKFLOW_FILE and renames variables to avoid conflicts |
| pkg/workflow/js/check_workflow_timestamp.test.cjs | Updates all test cases to use new environment variable |
| pkg/workflow/task_and_reaction_permissions_test.go | Updates test expectations to verify checkout step exists in activation job |
| pkg/workflow/trial_mode_test.go | Refactors to check for checkout step only within agent job scope |
| pkg/workflow/checkout_optimization_test.go | Extracts agent job section before checking for checkout presence |
| pkg/workflow/activation_checkout_test.go | New test file validating activation job checkout configuration |
| *.lock.yml files | Regenerated workflow files with new checkout step and environment variable |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
github-actions bot
added a commit
that referenced
this pull request
Nov 3, 2025
Synchronized instructions file with documentation changes from the new docs structure added in commit 1c80b2d. ### Changes Made - Added new frontmatter fields: description, source, github-token, roles, strict, features, environment, container, services - Added reaction and manual-approval fields to on: trigger configuration - Added engine.env, engine.args, and engine.error_patterns configuration options - Updated network permissions to include firewall configuration for Copilot engine (AWF support) - Added search toolset to GitHub tools documentation - Added recommendation to prefer toolset over allowed for GitHub tools configuration - Updated engine network permissions section to reflect multi-engine support and AWF ### Documentation Commits Reviewed - 1c80b2d Add shallow checkout to activation job for timestamp verification (#3013) ### Validation - Followed prompting best practices (imperative mood, minimal examples) - Maintained technical tone and brevity - Updated only necessary sections - Verified accuracy against current documentation - Removed outdated content where applicable 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add shallow git checkout step in activation job to enable lock file timestamp check
Problem
The activation job includes a timestamp check that compares the source
.mdworkflow file against the compiled.lock.ymlfile. However, there were two issues:GITHUB_WORKFLOW(workflow name) instead of the actual filenameSolution
.github/workflowsdirectory (sparse checkout)depth: 1for shallow clone to minimize checkout timepersist-credentials: falsefor securitysparse-checkout-cone-mode: falsefor non-cone pattern supportGH_AW_WORKFLOW_FILEenvironment variableGH_AW_WORKFLOW_FILEinstead ofGITHUB_WORKFLOWTestActivationJobCheckoutStepto verify activation checkoutChanges Made
pkg/workflow/compiler_jobs.go:buildActivationJob()functionpkg/workflow/js/check_workflow_timestamp.cjs:GH_AW_WORKFLOW_FILEinstead ofGITHUB_WORKFLOWpkg/workflow/js/check_workflow_timestamp.test.cjs:GH_AW_WORKFLOW_FILEenvironment variablecheckout_optimization_test.go: Check for checkout in agent job specificallytask_and_reaction_permissions_test.go: Expect checkout in activation jobtrial_mode_test.go: Look for token in agent job checkoutpkg/workflow/activation_checkout_test.go: New test to verify activation checkout behaviorTesting
Example Output
The activation job now includes:
Original prompt
✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.