Updat gh aw and rebuild actions#8604
Conversation
There was a problem hiding this comment.
Pull request overview
This pull request updates the repository’s agentic workflow infrastructure by reverting gh aw-related action pins and container images to earlier versions, and by aligning multiple agentic workflow sources/locks with the regenerated output from that toolchain.
Changes:
- Downgrades
github/gh-aw-actions/*and gh-aw firewall / MCP gateway container images across multiple compiled*.lock.ymlworkflows. - Adds
safe-outputs.noop.report-as-issue: falseto several agentic workflow source (*.md) frontmatters. - Adjusts a few workflow behaviors/config fields (e.g.,
title-prefixhandling in safe-outputs, and aneeds.*.resultcondition inlink-checker.lock.yml).
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/weekly-issue-activity.md | Adds safe-outputs.noop configuration. |
| .github/workflows/test-improver.md | Adds safe-outputs.noop and updates push-to-pull-request-branch safe-output config fields. |
| .github/workflows/sub-issue-closer.md | Adds safe-outputs.noop configuration. |
| .github/workflows/repository-quality-improver.md | Adds safe-outputs.noop configuration. |
| .github/workflows/repo-chronicle.md | Adds safe-outputs.noop configuration. |
| .github/workflows/pr-fix.md | Adds safe-outputs.noop configuration. |
| .github/workflows/perf-improver.md | Adds safe-outputs.noop and updates push-to-pull-request-branch safe-output config fields. |
| .github/workflows/msbuild-quality-review.lock.yml | Regenerates lock file with downgraded gh-aw action/container versions and updated metadata/env. |
| .github/workflows/malicious-code-scan.md | Adds safe-outputs.noop configuration. |
| .github/workflows/link-checker.lock.yml | Regenerates lock file; updates versions and relaxes update_cache_memory gating to allow detection job being skipped. |
| .github/workflows/issue-arborist.lock.yml | Regenerates lock file with downgraded gh-aw action/container versions and updated metadata/env. |
| .github/workflows/efficiency-improver.md | Adds safe-outputs.noop and updates push-to-pull-request-branch safe-output config fields. |
| .github/workflows/duplicate-code-detector.md | Adds safe-outputs.noop configuration. |
| .github/workflows/dependabot-pr-bundler.md | Adds safe-outputs.noop configuration. |
| .github/workflows/dependabot-issue-bundler.md | Adds safe-outputs.noop configuration. |
| .github/workflows/daily-file-diet.lock.yml | Regenerates lock file with downgraded gh-aw action/container versions and updated metadata/env. |
| .github/workflows/code-simplifier.md | Adds safe-outputs.noop configuration. |
| .github/workflows/build-failure-analysis.lock.yml | Regenerates lock file with downgraded gh-aw action/container versions and updated metadata/env. |
| .github/workflows/agentics-maintenance.yml | Updates generated maintenance workflow to use downgraded gh-aw action/CLI version. |
| .github/workflows/agentic_commands.yml | Updates command router payload/compiler version and gh-aw setup action version. |
| .github/workflows/adhoc-qa.md | Adds safe-outputs.noop configuration. |
| .github/workflows/address-review.agent.lock.yml | Regenerates lock file with downgraded gh-aw action/container versions and updated metadata/env. |
| .github/workflows/add-tests.lock.yml | Regenerates lock file with downgraded gh-aw action/container versions and updates agent output ingestion env (GH_AW_COMMAND). |
| .github/aw/actions-lock.json | Updates the gh-aw actions lock entries to the downgraded versions and SHAs. |
Copilot's findings
- Files reviewed: 45/45 changed files
- Comments generated: 2
|
|
||
| - name: Setup Scripts | ||
| uses: github/gh-aw-actions/setup@v0.75.0 | ||
| uses: github/gh-aw-actions/setup@v0.74.8 | ||
| with: |
| safe-outputs: | ||
| noop: | ||
| report-as-issue: false |
Evangelink
left a comment
Evangelink
left a comment
There was a problem hiding this comment.
PR #8604 Review: GitHub Actions Workflow Infrastructure Downgrade
Summary
This PR downgrades GitHub Actions agentic workflow (gh-aw) dependencies and updates workflow configurations. All 45 changed files are in .github/ — no MSTest, Microsoft.Testing.Platform, analyzer, or production code changes are present.
✅ All 21 code quality dimensions are N/A — this PR contains only build/CI infrastructure configuration.
Changes Overview
Version Downgrades:
github/gh-aw-actions/setupandsetup-cli:v0.75.0→v0.74.8gh-aw-firewallcontainers (agent, api-proxy, squid):0.25.51→0.25.49gh-aw-mcpgcontainer:v0.3.17→v0.3.9
Configuration Changes:
- Environment variable rename:
GH_AW_COMMANDS(array) →GH_AW_COMMAND(string) - Firewall config model definitions updated (removed
antigravity,robotics,computer-usemodel types; adjustedminiandsonnet-6xmodel mappings)
Observations
-
Downgrade Rationale Not Documented: The PR description mentions "compatibility or stability reasons" but doesn't specify what issue prompted the downgrade. Consider documenting:
- Was there a regression in v0.75.0 or 0.25.51?
- Is this a temporary rollback or permanent change?
- Link to related issues/incidents
-
Breaking Change in Environment Variable: The change from
GH_AW_COMMANDS(array) toGH_AW_COMMAND(string) is a breaking change for any workflow that expects the array format. Since this appears to be auto-generated bygh aw compile, it's likely intentional and backward-compatible with the v0.74.8 CLI. -
Consistent Application: All 45 workflow files are updated consistently with matching versions and SHA hashes — this indicates proper use of the
gh aw compiletooling. -
No Test Coverage Impact: Since no production code is changed, existing test coverage remains valid.
Recommendation
This PR is mechanically correct — the changes are consistent, properly auto-generated, and don't affect the testfx codebase itself. However, I recommend:
- Add context to the PR description explaining why the downgrade is necessary
- Verify the trigger: Confirm that the workflows work correctly with the downgraded versions in CI
- Plan for upgrade: Document when/if you plan to upgrade back to v0.75.0 or newer
Since this is infrastructure-only and doesn't impact MSTest/MTP code quality, correctness, or API surface, no blocking issues identified.
Generated by Expert Code Review (on open) for issue #8604 · ● 4.6M
This pull request downgrades several dependencies and container images used in the
.github/workflows/add-tests.lock.ymlworkflow and the.github/aw/actions-lock.jsonlock file, reverting them to earlier versions. The changes affect both the GitHub Actions used and the Docker images referenced in the workflow.The most important changes are:
GitHub Actions and CLI version downgrades:
github/gh-aw-actions/setupandgithub/gh-aw-actions/setup-clifrom versionv0.75.0tov0.74.8in both.github/aw/actions-lock.jsonand.github/workflows/add-tests.lock.yml, including all references and metadata. [1] [2] [3] [4] [5] [6] [7] [8]Container image downgrades:
gh-aw-firewall/agent,api-proxy,squid,gh-aw-mcpg) from versions0.25.51and0.3.17to0.25.49and0.3.9respectively, in both the workflow steps and documentation comments. [1] [2] [3] [4]Workflow metadata and environment variable updates:
GH_AW_INFO_CLI_VERSION,GH_AW_INFO_AWF_VERSION, andGH_AW_COMPILED_VERSION. [1] [2]These changes ensure that the workflow and its dependencies are consistent with the specified earlier versions, which may be necessary for compatibility or stability reasons.