diff --git a/.github/workflows/ci-doctor.lock.yml b/.github/workflows/ci-doctor.lock.yml index 1ed0168c4f2..9cbb5f97f17 100644 --- a/.github/workflows/ci-doctor.lock.yml +++ b/.github/workflows/ci-doctor.lock.yml @@ -377,88 +377,84 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - WebFetch - # - WebSearch - # - Write - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,WebFetch,WebSearch,Write,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - claude_env: | - GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - timeout_minutes: 10 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - WebFetch + # - WebSearch + # - Write + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + timeout-minutes: 10 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,WebFetch,WebSearch,Write,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" --debug --verbose --permission-mode bypassPermissions --output-format json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/ci-failure-doctor.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }} - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/ci-failure-doctor.log - else - echo "No execution file output found from Agentic Action" >> /tmp/ci-failure-doctor.log - fi - # Ensure log file exists touch /tmp/ci-failure-doctor.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/ci-failure-doctor.log || echo "No log content available" - name: Print Agent output env: GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }} diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml index be5db7dd8b0..5c6346ba8a2 100644 --- a/.github/workflows/dev.lock.yml +++ b/.github/workflows/dev.lock.yml @@ -289,6 +289,14 @@ jobs: "env": { "GITHUB_PERSONAL_ACCESS_TOKEN": "${{ secrets.GITHUB_TOKEN }}" } + }, + "playwright": { + "command": "npx", + "args": [ + "@playwright/mcp@latest", + "--allowed-origins", + "github.com,*.github.com" + ] } } } @@ -398,91 +406,106 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - Write - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - # - mcp__memory - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,Write,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users,mcp__memory" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - claude_env: | - GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }} - GITHUB_AW_SAFE_OUTPUTS_STAGED: "true" - max_turns: 5 - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - Write + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + # - mcp__memory + # - mcp__playwright__browser_click + # - mcp__playwright__browser_close + # - mcp__playwright__browser_console_messages + # - mcp__playwright__browser_drag + # - mcp__playwright__browser_evaluate + # - mcp__playwright__browser_file_upload + # - mcp__playwright__browser_fill_form + # - mcp__playwright__browser_handle_dialog + # - mcp__playwright__browser_hover + # - mcp__playwright__browser_install + # - mcp__playwright__browser_navigate + # - mcp__playwright__browser_navigate_back + # - mcp__playwright__browser_network_requests + # - mcp__playwright__browser_press_key + # - mcp__playwright__browser_resize + # - mcp__playwright__browser_select_option + # - mcp__playwright__browser_snapshot + # - mcp__playwright__browser_tabs + # - mcp__playwright__browser_take_screenshot + # - mcp__playwright__browser_type + # - mcp__playwright__browser_wait_for + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --max-turns 5 --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,Write,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users,mcp__memory,mcp__playwright__browser_click,mcp__playwright__browser_close,mcp__playwright__browser_console_messages,mcp__playwright__browser_drag,mcp__playwright__browser_evaluate,mcp__playwright__browser_file_upload,mcp__playwright__browser_fill_form,mcp__playwright__browser_handle_dialog,mcp__playwright__browser_hover,mcp__playwright__browser_install,mcp__playwright__browser_navigate,mcp__playwright__browser_navigate_back,mcp__playwright__browser_network_requests,mcp__playwright__browser_press_key,mcp__playwright__browser_resize,mcp__playwright__browser_select_option,mcp__playwright__browser_snapshot,mcp__playwright__browser_tabs,mcp__playwright__browser_take_screenshot,mcp__playwright__browser_type,mcp__playwright__browser_wait_for" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/dev.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }} + GITHUB_AW_SAFE_OUTPUTS_STAGED: "true" GITHUB_AW_MAX_TURNS: 5 - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/dev.log - else - echo "No execution file output found from Agentic Action" >> /tmp/dev.log - fi - # Ensure log file exists touch /tmp/dev.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/dev.log || echo "No log content available" - name: Print Agent output env: GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }} diff --git a/.github/workflows/dev.md b/.github/workflows/dev.md index 880fc5cf859..01c46c7b0c6 100644 --- a/.github/workflows/dev.md +++ b/.github/workflows/dev.md @@ -13,6 +13,8 @@ engine: max-turns: 5 tools: cache-memory: true + playwright: + allowed_domains: ["github.com", "*.github.com"] permissions: read-all concurrency: group: "gh-aw-${{ github.workflow }}-${{ github.ref }}" diff --git a/pkg/cli/workflows/test-ai-inference-github-models.lock.yml b/pkg/cli/workflows/test-ai-inference-github-models.lock.yml index f47ded1eec7..e8ef3351209 100644 --- a/pkg/cli/workflows/test-ai-inference-github-models.lock.yml +++ b/pkg/cli/workflows/test-ai-inference-github-models.lock.yml @@ -216,83 +216,80 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-ai-inference-github-models.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-ai-inference-github-models.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-ai-inference-github-models.log - fi - # Ensure log file exists touch /tmp/test-ai-inference-github-models.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-ai-inference-github-models.log || echo "No log content available" - name: Upload engine output files uses: actions/upload-artifact@v4 with: diff --git a/pkg/cli/workflows/test-claude-add-issue-comment.lock.yml b/pkg/cli/workflows/test-claude-add-issue-comment.lock.yml index b32440ffef8..f1f790bc2c7 100644 --- a/pkg/cli/workflows/test-claude-add-issue-comment.lock.yml +++ b/pkg/cli/workflows/test-claude-add-issue-comment.lock.yml @@ -213,83 +213,80 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-claude-add-issue-comment.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-claude-add-issue-comment.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-claude-add-issue-comment.log - fi - # Ensure log file exists touch /tmp/test-claude-add-issue-comment.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-claude-add-issue-comment.log || echo "No log content available" - name: Upload engine output files uses: actions/upload-artifact@v4 with: diff --git a/pkg/cli/workflows/test-claude-add-issue-labels.lock.yml b/pkg/cli/workflows/test-claude-add-issue-labels.lock.yml index a1291cad4ef..c411b52e4c1 100644 --- a/pkg/cli/workflows/test-claude-add-issue-labels.lock.yml +++ b/pkg/cli/workflows/test-claude-add-issue-labels.lock.yml @@ -213,83 +213,80 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-claude-add-issue-labels.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-claude-add-issue-labels.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-claude-add-issue-labels.log - fi - # Ensure log file exists touch /tmp/test-claude-add-issue-labels.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-claude-add-issue-labels.log || echo "No log content available" - name: Upload engine output files uses: actions/upload-artifact@v4 with: diff --git a/pkg/cli/workflows/test-claude-cache-memory.lock.yml b/pkg/cli/workflows/test-claude-cache-memory.lock.yml index 1dd12e23ef5..8d89b9b642b 100644 --- a/pkg/cli/workflows/test-claude-cache-memory.lock.yml +++ b/pkg/cli/workflows/test-claude-cache-memory.lock.yml @@ -276,85 +276,82 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_repository - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - # - mcp__memory - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_repository,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users,mcp__memory" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_repository + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + # - mcp__memory + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_repository,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users,mcp__memory" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-claude-with-cache-memory-and-custom-docker-image.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-claude-with-cache-memory-and-custom-docker-image.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-claude-with-cache-memory-and-custom-docker-image.log - fi - # Ensure log file exists touch /tmp/test-claude-with-cache-memory-and-custom-docker-image.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-claude-with-cache-memory-and-custom-docker-image.log || echo "No log content available" - name: Upload engine output files uses: actions/upload-artifact@v4 with: diff --git a/pkg/cli/workflows/test-claude-command.lock.yml b/pkg/cli/workflows/test-claude-command.lock.yml index 7ff15e48a67..fc935a595b4 100644 --- a/pkg/cli/workflows/test-claude-command.lock.yml +++ b/pkg/cli/workflows/test-claude-command.lock.yml @@ -213,83 +213,80 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-claude-command.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-claude-command.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-claude-command.log - fi - # Ensure log file exists touch /tmp/test-claude-command.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-claude-command.log || echo "No log content available" - name: Upload engine output files uses: actions/upload-artifact@v4 with: diff --git a/pkg/cli/workflows/test-claude-create-issue.lock.yml b/pkg/cli/workflows/test-claude-create-issue.lock.yml index 3b6fe8af562..cb4651287e8 100644 --- a/pkg/cli/workflows/test-claude-create-issue.lock.yml +++ b/pkg/cli/workflows/test-claude-create-issue.lock.yml @@ -213,83 +213,80 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-claude-create-issue.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-claude-create-issue.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-claude-create-issue.log - fi - # Ensure log file exists touch /tmp/test-claude-create-issue.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-claude-create-issue.log || echo "No log content available" - name: Upload engine output files uses: actions/upload-artifact@v4 with: diff --git a/pkg/cli/workflows/test-claude-create-pull-request-review-comment.lock.yml b/pkg/cli/workflows/test-claude-create-pull-request-review-comment.lock.yml index 659e407da6a..2796376dd4d 100644 --- a/pkg/cli/workflows/test-claude-create-pull-request-review-comment.lock.yml +++ b/pkg/cli/workflows/test-claude-create-pull-request-review-comment.lock.yml @@ -213,83 +213,80 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-claude-create-pull-request-review-comment.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-claude-create-pull-request-review-comment.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-claude-create-pull-request-review-comment.log - fi - # Ensure log file exists touch /tmp/test-claude-create-pull-request-review-comment.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-claude-create-pull-request-review-comment.log || echo "No log content available" - name: Upload engine output files uses: actions/upload-artifact@v4 with: diff --git a/pkg/cli/workflows/test-claude-create-pull-request.lock.yml b/pkg/cli/workflows/test-claude-create-pull-request.lock.yml index 95fad0c316f..b5a26ed222e 100644 --- a/pkg/cli/workflows/test-claude-create-pull-request.lock.yml +++ b/pkg/cli/workflows/test-claude-create-pull-request.lock.yml @@ -218,83 +218,80 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-claude-create-pull-request.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-claude-create-pull-request.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-claude-create-pull-request.log - fi - # Ensure log file exists touch /tmp/test-claude-create-pull-request.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-claude-create-pull-request.log || echo "No log content available" - name: Upload engine output files uses: actions/upload-artifact@v4 with: diff --git a/pkg/cli/workflows/test-claude-create-repository-security-advisory.lock.yml b/pkg/cli/workflows/test-claude-create-repository-security-advisory.lock.yml index aa6a714a97f..1b9c8058cfd 100644 --- a/pkg/cli/workflows/test-claude-create-repository-security-advisory.lock.yml +++ b/pkg/cli/workflows/test-claude-create-repository-security-advisory.lock.yml @@ -216,83 +216,80 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-claude-create-repository-security-advisory.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-claude-create-repository-security-advisory.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-claude-create-repository-security-advisory.log - fi - # Ensure log file exists touch /tmp/test-claude-create-repository-security-advisory.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-claude-create-repository-security-advisory.log || echo "No log content available" - name: Upload engine output files uses: actions/upload-artifact@v4 with: diff --git a/pkg/cli/workflows/test-claude-mcp.lock.yml b/pkg/cli/workflows/test-claude-mcp.lock.yml index f6cb2bbd5cf..0330da402ca 100644 --- a/pkg/cli/workflows/test-claude-mcp.lock.yml +++ b/pkg/cli/workflows/test-claude-mcp.lock.yml @@ -216,83 +216,80 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-claude-mcp.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-claude-mcp.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-claude-mcp.log - fi - # Ensure log file exists touch /tmp/test-claude-mcp.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-claude-mcp.log || echo "No log content available" - name: Upload engine output files uses: actions/upload-artifact@v4 with: diff --git a/pkg/cli/workflows/test-claude-missing-tool.lock.yml b/pkg/cli/workflows/test-claude-missing-tool.lock.yml index 10bfdb5ded1..ce56a8bd624 100644 --- a/pkg/cli/workflows/test-claude-missing-tool.lock.yml +++ b/pkg/cli/workflows/test-claude-missing-tool.lock.yml @@ -330,90 +330,85 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - Write - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_repository - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - # - mcp__memory - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,Write,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_repository,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users,mcp__memory" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - claude_env: | - GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }} - GITHUB_AW_SAFE_OUTPUTS_STAGED: "true" - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - Write + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_repository + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + # - mcp__memory + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,Write,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_repository,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users,mcp__memory" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-claude-with-missing-tool-safe-output-and-cache-memory.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }} - - name: Capture Agentic Action logs + GITHUB_AW_SAFE_OUTPUTS_STAGED: "true" + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-claude-with-missing-tool-safe-output-and-cache-memory.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-claude-with-missing-tool-safe-output-and-cache-memory.log - fi - # Ensure log file exists touch /tmp/test-claude-with-missing-tool-safe-output-and-cache-memory.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-claude-with-missing-tool-safe-output-and-cache-memory.log || echo "No log content available" - name: Print Agent output env: GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }} diff --git a/pkg/cli/workflows/test-claude-push-to-pr-branch.lock.yml b/pkg/cli/workflows/test-claude-push-to-pr-branch.lock.yml index 1edd439bb10..6424ffc0975 100644 --- a/pkg/cli/workflows/test-claude-push-to-pr-branch.lock.yml +++ b/pkg/cli/workflows/test-claude-push-to-pr-branch.lock.yml @@ -218,83 +218,80 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-claude-push-to-pr-branch.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-claude-push-to-pr-branch.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-claude-push-to-pr-branch.log - fi - # Ensure log file exists touch /tmp/test-claude-push-to-pr-branch.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-claude-push-to-pr-branch.log || echo "No log content available" - name: Upload engine output files uses: actions/upload-artifact@v4 with: diff --git a/pkg/cli/workflows/test-claude-update-issue.lock.yml b/pkg/cli/workflows/test-claude-update-issue.lock.yml index 677f52aaec3..9f46ddf0c34 100644 --- a/pkg/cli/workflows/test-claude-update-issue.lock.yml +++ b/pkg/cli/workflows/test-claude-update-issue.lock.yml @@ -216,83 +216,80 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-claude-update-issue.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-claude-update-issue.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-claude-update-issue.log - fi - # Ensure log file exists touch /tmp/test-claude-update-issue.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-claude-update-issue.log || echo "No log content available" - name: Upload engine output files uses: actions/upload-artifact@v4 with: diff --git a/pkg/cli/workflows/test-playwright-accessibility-contrast.lock.yml b/pkg/cli/workflows/test-playwright-accessibility-contrast.lock.yml index 6b925e2f6c5..761c7a0fb87 100644 --- a/pkg/cli/workflows/test-playwright-accessibility-contrast.lock.yml +++ b/pkg/cli/workflows/test-playwright-accessibility-contrast.lock.yml @@ -174,20 +174,12 @@ jobs: } }, "playwright": { - "command": "docker", + "command": "npx", "args": [ - "run", - "-i", - "--rm", - "--shm-size=2gb", - "--cap-add=SYS_ADMIN", - "-e", - "PLAYWRIGHT_ALLOWED_DOMAINS", - "mcr.microsoft.com/playwright:latest" - ], - "env": { - "PLAYWRIGHT_ALLOWED_DOMAINS": "github.com,*.github.com" - } + "@playwright/mcp@latest", + "--allowed-origins", + "github.com,*.github.com" + ] } } } @@ -303,87 +295,103 @@ jobs: name: aw_info.json path: /tmp/aw_info.json if-no-files-found: warn - - name: Execute Claude Code Action + - name: Execute Claude Code CLI id: agentic_execution - uses: anthropics/claude-code-base-action@v0.0.56 - with: - # Allowed tools (sorted): - # - ExitPlanMode - # - Glob - # - Grep - # - LS - # - NotebookRead - # - Read - # - Task - # - TodoWrite - # - Write - # - mcp__github__download_workflow_run_artifact - # - mcp__github__get_code_scanning_alert - # - mcp__github__get_commit - # - mcp__github__get_dependabot_alert - # - mcp__github__get_discussion - # - mcp__github__get_discussion_comments - # - mcp__github__get_file_contents - # - mcp__github__get_issue - # - mcp__github__get_issue_comments - # - mcp__github__get_job_logs - # - mcp__github__get_me - # - mcp__github__get_notification_details - # - mcp__github__get_pull_request - # - mcp__github__get_pull_request_comments - # - mcp__github__get_pull_request_diff - # - mcp__github__get_pull_request_files - # - mcp__github__get_pull_request_reviews - # - mcp__github__get_pull_request_status - # - mcp__github__get_secret_scanning_alert - # - mcp__github__get_tag - # - mcp__github__get_workflow_run - # - mcp__github__get_workflow_run_logs - # - mcp__github__get_workflow_run_usage - # - mcp__github__list_branches - # - mcp__github__list_code_scanning_alerts - # - mcp__github__list_commits - # - mcp__github__list_dependabot_alerts - # - mcp__github__list_discussion_categories - # - mcp__github__list_discussions - # - mcp__github__list_issues - # - mcp__github__list_notifications - # - mcp__github__list_pull_requests - # - mcp__github__list_secret_scanning_alerts - # - mcp__github__list_tags - # - mcp__github__list_workflow_jobs - # - mcp__github__list_workflow_run_artifacts - # - mcp__github__list_workflow_runs - # - mcp__github__list_workflows - # - mcp__github__search_code - # - mcp__github__search_issues - # - mcp__github__search_orgs - # - mcp__github__search_pull_requests - # - mcp__github__search_repositories - # - mcp__github__search_users - allowed_tools: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,Write,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users" - anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} - claude_env: | - GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }} - mcp_config: /tmp/mcp-config/mcp-servers.json - prompt_file: /tmp/aw-prompts/prompt.txt - settings: /tmp/.claude/settings.json - timeout_minutes: 5 + # Allowed tools (sorted): + # - ExitPlanMode + # - Glob + # - Grep + # - LS + # - NotebookRead + # - Read + # - Task + # - TodoWrite + # - Write + # - mcp__github__download_workflow_run_artifact + # - mcp__github__get_code_scanning_alert + # - mcp__github__get_commit + # - mcp__github__get_dependabot_alert + # - mcp__github__get_discussion + # - mcp__github__get_discussion_comments + # - mcp__github__get_file_contents + # - mcp__github__get_issue + # - mcp__github__get_issue_comments + # - mcp__github__get_job_logs + # - mcp__github__get_me + # - mcp__github__get_notification_details + # - mcp__github__get_pull_request + # - mcp__github__get_pull_request_comments + # - mcp__github__get_pull_request_diff + # - mcp__github__get_pull_request_files + # - mcp__github__get_pull_request_reviews + # - mcp__github__get_pull_request_status + # - mcp__github__get_secret_scanning_alert + # - mcp__github__get_tag + # - mcp__github__get_workflow_run + # - mcp__github__get_workflow_run_logs + # - mcp__github__get_workflow_run_usage + # - mcp__github__list_branches + # - mcp__github__list_code_scanning_alerts + # - mcp__github__list_commits + # - mcp__github__list_dependabot_alerts + # - mcp__github__list_discussion_categories + # - mcp__github__list_discussions + # - mcp__github__list_issues + # - mcp__github__list_notifications + # - mcp__github__list_pull_requests + # - mcp__github__list_secret_scanning_alerts + # - mcp__github__list_tags + # - mcp__github__list_workflow_jobs + # - mcp__github__list_workflow_run_artifacts + # - mcp__github__list_workflow_runs + # - mcp__github__list_workflows + # - mcp__github__search_code + # - mcp__github__search_issues + # - mcp__github__search_orgs + # - mcp__github__search_pull_requests + # - mcp__github__search_repositories + # - mcp__github__search_users + # - mcp__playwright__browser_click + # - mcp__playwright__browser_close + # - mcp__playwright__browser_console_messages + # - mcp__playwright__browser_drag + # - mcp__playwright__browser_evaluate + # - mcp__playwright__browser_file_upload + # - mcp__playwright__browser_fill_form + # - mcp__playwright__browser_handle_dialog + # - mcp__playwright__browser_hover + # - mcp__playwright__browser_install + # - mcp__playwright__browser_navigate + # - mcp__playwright__browser_navigate_back + # - mcp__playwright__browser_network_requests + # - mcp__playwright__browser_press_key + # - mcp__playwright__browser_resize + # - mcp__playwright__browser_select_option + # - mcp__playwright__browser_snapshot + # - mcp__playwright__browser_tabs + # - mcp__playwright__browser_take_screenshot + # - mcp__playwright__browser_type + # - mcp__playwright__browser_wait_for + timeout-minutes: 5 + run: | + set -o pipefail + # Execute Claude Code CLI with prompt from file + npx @anthropic-ai/claude-code@latest --print --mcp-config /tmp/mcp-config/mcp-servers.json --allowed-tools "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,Write,mcp__github__download_workflow_run_artifact,mcp__github__get_code_scanning_alert,mcp__github__get_commit,mcp__github__get_dependabot_alert,mcp__github__get_discussion,mcp__github__get_discussion_comments,mcp__github__get_file_contents,mcp__github__get_issue,mcp__github__get_issue_comments,mcp__github__get_job_logs,mcp__github__get_me,mcp__github__get_notification_details,mcp__github__get_pull_request,mcp__github__get_pull_request_comments,mcp__github__get_pull_request_diff,mcp__github__get_pull_request_files,mcp__github__get_pull_request_reviews,mcp__github__get_pull_request_status,mcp__github__get_secret_scanning_alert,mcp__github__get_tag,mcp__github__get_workflow_run,mcp__github__get_workflow_run_logs,mcp__github__get_workflow_run_usage,mcp__github__list_branches,mcp__github__list_code_scanning_alerts,mcp__github__list_commits,mcp__github__list_dependabot_alerts,mcp__github__list_discussion_categories,mcp__github__list_discussions,mcp__github__list_issues,mcp__github__list_notifications,mcp__github__list_pull_requests,mcp__github__list_secret_scanning_alerts,mcp__github__list_tags,mcp__github__list_workflow_jobs,mcp__github__list_workflow_run_artifacts,mcp__github__list_workflow_runs,mcp__github__list_workflows,mcp__github__search_code,mcp__github__search_issues,mcp__github__search_orgs,mcp__github__search_pull_requests,mcp__github__search_repositories,mcp__github__search_users,mcp__playwright__browser_click,mcp__playwright__browser_close,mcp__playwright__browser_console_messages,mcp__playwright__browser_drag,mcp__playwright__browser_evaluate,mcp__playwright__browser_file_upload,mcp__playwright__browser_fill_form,mcp__playwright__browser_handle_dialog,mcp__playwright__browser_hover,mcp__playwright__browser_install,mcp__playwright__browser_navigate,mcp__playwright__browser_navigate_back,mcp__playwright__browser_network_requests,mcp__playwright__browser_press_key,mcp__playwright__browser_resize,mcp__playwright__browser_select_option,mcp__playwright__browser_snapshot,mcp__playwright__browser_tabs,mcp__playwright__browser_take_screenshot,mcp__playwright__browser_type,mcp__playwright__browser_wait_for" --debug --verbose --permission-mode bypassPermissions --output-format json --settings /tmp/.claude/settings.json "$(cat /tmp/aw-prompts/prompt.txt)" 2>&1 | tee /tmp/test-playwright-accessibility-contrast.log env: + ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }} + DISABLE_TELEMETRY: "1" + DISABLE_ERROR_REPORTING: "1" + DISABLE_BUG_COMMAND: "1" GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }} - - name: Capture Agentic Action logs + - name: Ensure log file exists if: always() run: | - # Copy the detailed execution file from Agentic Action if available - if [ -n "${{ steps.agentic_execution.outputs.execution_file }}" ] && [ -f "${{ steps.agentic_execution.outputs.execution_file }}" ]; then - cp ${{ steps.agentic_execution.outputs.execution_file }} /tmp/test-playwright-accessibility-contrast.log - else - echo "No execution file output found from Agentic Action" >> /tmp/test-playwright-accessibility-contrast.log - fi - # Ensure log file exists touch /tmp/test-playwright-accessibility-contrast.log + # Show last few lines for debugging + echo "=== Last 10 lines of Claude execution log ===" + tail -10 /tmp/test-playwright-accessibility-contrast.log || echo "No log content available" - name: Print Agent output env: GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }} diff --git a/pkg/workflow/agentic_engine.go b/pkg/workflow/agentic_engine.go index 814f0572c4b..bea157ae86b 100644 --- a/pkg/workflow/agentic_engine.go +++ b/pkg/workflow/agentic_engine.go @@ -207,6 +207,42 @@ func (r *EngineRegistry) GetAllEngines() []CodingAgentEngine { return engines } +// GetCopilotAgentPlaywrightTools returns the list of playwright tools available in the copilot agent +// This matches the tools available in the copilot agent MCP server configuration +// This is a shared function used by all engines for consistent playwright tool configuration +func GetCopilotAgentPlaywrightTools() []any { + tools := []string{ + "browser_click", + "browser_close", + "browser_console_messages", + "browser_drag", + "browser_evaluate", + "browser_file_upload", + "browser_fill_form", + "browser_handle_dialog", + "browser_hover", + "browser_install", + "browser_navigate", + "browser_navigate_back", + "browser_network_requests", + "browser_press_key", + "browser_resize", + "browser_select_option", + "browser_snapshot", + "browser_tabs", + "browser_take_screenshot", + "browser_type", + "browser_wait_for", + } + + // Convert []string to []any for compatibility with the configuration system + result := make([]any, len(tools)) + for i, tool := range tools { + result[i] = tool + } + return result +} + // ConvertStepToYAML converts a step map to YAML string with proper indentation // This is a shared utility function used by all engines and the compiler func ConvertStepToYAML(stepMap map[string]any) (string, error) { diff --git a/pkg/workflow/claude_engine.go b/pkg/workflow/claude_engine.go index 5384008c4cf..02599ace685 100644 --- a/pkg/workflow/claude_engine.go +++ b/pkg/workflow/claude_engine.go @@ -9,11 +9,6 @@ import ( "time" ) -const ( - // DefaultClaudeActionVersion is the default version of the Claude Code base action - DefaultClaudeActionVersion = "v0.0.56" -) - // ClaudeEngine represents the Claude Code agentic engine type ClaudeEngine struct { BaseEngine @@ -77,128 +72,124 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str } } - // Determine the action version to use - actionVersion := DefaultClaudeActionVersion // Default version - if workflowData.EngineConfig != nil && workflowData.EngineConfig.Version != "" { - actionVersion = workflowData.EngineConfig.Version - } + // Build claude CLI arguments based on configuration + var claudeArgs []string - // Build claude_env based on hasOutput parameter and custom env vars - hasOutput := workflowData.SafeOutputs != nil - claudeEnv := "" - if hasOutput { - claudeEnv += " GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }}" + // Add print flag for non-interactive mode + claudeArgs = append(claudeArgs, "--print") - // Add staged flag if specified - if workflowData.SafeOutputs.Staged != nil { - if *workflowData.SafeOutputs.Staged { - if claudeEnv != "" { - claudeEnv += "\n" - } - claudeEnv += " GITHUB_AW_SAFE_OUTPUTS_STAGED: \"true\"" - } - } + // Add model if specified + if workflowData.EngineConfig != nil && workflowData.EngineConfig.Model != "" { + claudeArgs = append(claudeArgs, "--model", workflowData.EngineConfig.Model) } - // Add custom environment variables from engine config - if workflowData.EngineConfig != nil && len(workflowData.EngineConfig.Env) > 0 { - for key, value := range workflowData.EngineConfig.Env { - if claudeEnv != "" { - claudeEnv += "\n" - } - claudeEnv += " " + key + ": " + value - } + // Add max_turns if specified (in CLI it's max-turns) + if workflowData.EngineConfig != nil && workflowData.EngineConfig.MaxTurns != "" { + claudeArgs = append(claudeArgs, "--max-turns", workflowData.EngineConfig.MaxTurns) } - inputs := map[string]string{ - "prompt_file": "/tmp/aw-prompts/prompt.txt", - "anthropic_api_key": "${{ secrets.ANTHROPIC_API_KEY }}", - "mcp_config": "/tmp/mcp-config/mcp-servers.json", - "allowed_tools": "", // Will be filled in during generation - "timeout_minutes": "", // Will be filled in during generation - } + // Add MCP configuration + claudeArgs = append(claudeArgs, "--mcp-config", "/tmp/mcp-config/mcp-servers.json") - // Only add max_turns if it's actually specified - if workflowData.EngineConfig != nil && workflowData.EngineConfig.MaxTurns != "" { - inputs["max_turns"] = workflowData.EngineConfig.MaxTurns - } - if claudeEnv != "" { - inputs["claude_env"] = "|\n" + claudeEnv + // Add allowed tools configuration + allowedTools := e.computeAllowedClaudeToolsString(workflowData.Tools, workflowData.SafeOutputs) + if allowedTools != "" { + claudeArgs = append(claudeArgs, "--allowed-tools", allowedTools) } - // Add model configuration if specified - if workflowData.EngineConfig != nil && workflowData.EngineConfig.Model != "" { - inputs["model"] = workflowData.EngineConfig.Model - } + // Add debug flag + claudeArgs = append(claudeArgs, "--debug") - // Add settings parameter if network permissions are configured + // Always add verbose flag for enhanced debugging output + claudeArgs = append(claudeArgs, "--verbose") + + // Add permission mode for non-interactive execution (bypass permissions) + claudeArgs = append(claudeArgs, "--permission-mode", "bypassPermissions") + + // Add output format for structured output + claudeArgs = append(claudeArgs, "--output-format", "json") + + // Add network settings if configured if workflowData.EngineConfig != nil && workflowData.EngineConfig.ID == "claude" && ShouldEnforceNetworkPermissions(workflowData.NetworkPermissions) { - inputs["settings"] = "/tmp/.claude/settings.json" + claudeArgs = append(claudeArgs, "--settings", "/tmp/.claude/settings.json") } - // Apply default Claude tools - allowedTools := e.computeAllowedClaudeToolsString(workflowData.Tools, workflowData.SafeOutputs) - var stepLines []string - stepName := "Execute Claude Code Action" - action := fmt.Sprintf("anthropics/claude-code-base-action@%s", actionVersion) + stepName := "Execute Claude Code CLI" stepLines = append(stepLines, fmt.Sprintf(" - name: %s", stepName)) stepLines = append(stepLines, " id: agentic_execution") - stepLines = append(stepLines, fmt.Sprintf(" uses: %s", action)) - stepLines = append(stepLines, " with:") - - // Add inputs in alphabetical order by key - keys := make([]string, 0, len(inputs)) - for key := range inputs { - keys = append(keys, key) - } - sort.Strings(keys) - - for _, key := range keys { - value := inputs[key] - if key == "allowed_tools" { - if allowedTools != "" { - // Add comment listing all allowed tools for readability - comment := e.generateAllowedToolsComment(allowedTools, " ") - commentLines := strings.Split(comment, "\n") - // Filter out empty lines to avoid breaking test logic - for _, line := range commentLines { - if line != "" { - stepLines = append(stepLines, line) - } - } - stepLines = append(stepLines, fmt.Sprintf(" %s: \"%s\"", key, allowedTools)) - } - } else if key == "timeout_minutes" { - // Always include timeout_minutes field - if workflowData.TimeoutMinutes != "" { - // TimeoutMinutes contains the full YAML line (e.g. "timeout_minutes: 5") - stepLines = append(stepLines, " "+workflowData.TimeoutMinutes) - } else { - stepLines = append(stepLines, " timeout_minutes: 5") // Default timeout - } - } else if key == "max_turns" { - // max_turns is only in the map when it should be included - stepLines = append(stepLines, fmt.Sprintf(" max_turns: %s", value)) - } else if value != "" { - if strings.HasPrefix(value, "|") { - stepLines = append(stepLines, fmt.Sprintf(" %s: %s", key, value)) - } else { - stepLines = append(stepLines, fmt.Sprintf(" %s: %s", key, value)) - } + + // Add allowed tools comment before the run section + allowedToolsComment := e.generateAllowedToolsComment(e.computeAllowedClaudeToolsString(workflowData.Tools, workflowData.SafeOutputs), " ") + if allowedToolsComment != "" { + // Split the comment into lines and add each line + commentLines := strings.Split(strings.TrimSuffix(allowedToolsComment, "\n"), "\n") + stepLines = append(stepLines, commentLines...) + } + + // Add timeout at step level (GitHub Actions standard) + if workflowData.TimeoutMinutes != "" { + stepLines = append(stepLines, fmt.Sprintf(" timeout-minutes: %s", strings.TrimPrefix(workflowData.TimeoutMinutes, "timeout_minutes: "))) + } else { + stepLines = append(stepLines, " timeout-minutes: 5") // Default timeout + } + + // Build the run command + stepLines = append(stepLines, " run: |") + stepLines = append(stepLines, " set -o pipefail") + stepLines = append(stepLines, " # Execute Claude Code CLI with prompt from file") + + // Build the command string with proper argument formatting + // Use version from engine config if provided, otherwise default to latest + version := "latest" + if workflowData.EngineConfig != nil && workflowData.EngineConfig.Version != "" { + version = workflowData.EngineConfig.Version + } + + commandParts := []string{"npx", fmt.Sprintf("@anthropic-ai/claude-code@%s", version)} + commandParts = append(commandParts, claudeArgs...) + commandParts = append(commandParts, "$(cat /tmp/aw-prompts/prompt.txt)") + + // Join command parts with proper escaping for complex arguments + command := "" + for i, part := range commandParts { + if i > 0 { + command += " " + } + // For complex arguments that contain spaces or special characters, quote them + if strings.Contains(part, " ") || strings.Contains(part, ",") { + command += "\"" + part + "\"" + } else { + command += part } } + // Add the command with proper indentation and tee output (preserves exit code with pipefail) + stepLines = append(stepLines, fmt.Sprintf(" %s 2>&1 | tee %s", command, logFile)) + // Add environment section - always include environment section for GITHUB_AW_PROMPT stepLines = append(stepLines, " env:") + // Add Anthropic API key + stepLines = append(stepLines, " ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}") + + // Disable telemetry, error reporting, and bug command for privacy and security + stepLines = append(stepLines, " DISABLE_TELEMETRY: \"1\"") + stepLines = append(stepLines, " DISABLE_ERROR_REPORTING: \"1\"") + stepLines = append(stepLines, " DISABLE_BUG_COMMAND: \"1\"") + // Always add GITHUB_AW_PROMPT for agentic workflows stepLines = append(stepLines, " GITHUB_AW_PROMPT: /tmp/aw-prompts/prompt.txt") if workflowData.SafeOutputs != nil { stepLines = append(stepLines, " GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }}") + + // Add staged flag if specified + if workflowData.SafeOutputs.Staged != nil && *workflowData.SafeOutputs.Staged { + stepLines = append(stepLines, " GITHUB_AW_SAFE_OUTPUTS_STAGED: \"true\"") + } } if workflowData.EngineConfig != nil && workflowData.EngineConfig.MaxTurns != "" { @@ -213,20 +204,16 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str steps = append(steps, GitHubActionStep(stepLines)) - // Add the log capture step + // Add the log capture step (simplified since we're already writing to logFile) logCaptureLines := []string{ - " - name: Capture Agentic Action logs", + " - name: Ensure log file exists", " if: always()", " run: |", - " # Copy the detailed execution file from Agentic Action if available", - " if [ -n \"${{ steps.agentic_execution.outputs.execution_file }}\" ] && [ -f \"${{ steps.agentic_execution.outputs.execution_file }}\" ]; then", - " cp ${{ steps.agentic_execution.outputs.execution_file }} " + logFile, - " else", - " echo \"No execution file output found from Agentic Action\" >> " + logFile, - " fi", - " ", " # Ensure log file exists", " touch " + logFile, + " # Show last few lines for debugging", + " echo \"=== Last 10 lines of Claude execution log ===\"", + " tail -10 " + logFile + " || echo \"No log content available\"", } steps = append(steps, GitHubActionStep(logCaptureLines)) @@ -310,6 +297,15 @@ func (e *ClaudeEngine) expandNeutralToolsToClaudeTools(tools map[string]any) map _ = editTool } + // Handle playwright tool by converting it to an MCP tool configuration + if _, hasPlaywright := tools["playwright"]; hasPlaywright { + // Create playwright as an MCP tool with the same tools available as copilot agent + playwrightMCP := map[string]any{ + "allowed": GetCopilotAgentPlaywrightTools(), + } + result["playwright"] = playwrightMCP + } + // Update claude section claudeSection["allowed"] = claudeAllowed result["claude"] = claudeSection @@ -468,8 +464,8 @@ func (e *ClaudeEngine) computeAllowedClaudeToolsString(tools map[string]any, saf isCustomMCP = true } - // Handle standard MCP tools (github) or tools with MCP-compatible type - if toolName == "github" || isCustomMCP { + // Handle standard MCP tools (github, playwright) or tools with MCP-compatible type + if toolName == "github" || toolName == "playwright" || isCustomMCP { if allowed, hasAllowed := mcpConfig["allowed"]; hasAllowed { if allowedSlice, ok := allowed.([]any); ok { // Check for wildcard access first @@ -604,34 +600,19 @@ func (e *ClaudeEngine) renderGitHubClaudeMCPConfig(yaml *strings.Builder, github } // renderPlaywrightMCPConfig generates the Playwright MCP server configuration -// Always uses Docker-based containerized setup in GitHub Actions +// Uses npx to launch Playwright MCP instead of Docker for better performance and simplicity func (e *ClaudeEngine) renderPlaywrightMCPConfig(yaml *strings.Builder, playwrightTool any, isLast bool, networkPermissions *NetworkPermissions) { args := generatePlaywrightDockerArgs(playwrightTool, networkPermissions) yaml.WriteString(" \"playwright\": {\n") - yaml.WriteString(" \"command\": \"docker\",\n") + yaml.WriteString(" \"command\": \"npx\",\n") yaml.WriteString(" \"args\": [\n") - yaml.WriteString(" \"run\",\n") - yaml.WriteString(" \"-i\",\n") - yaml.WriteString(" \"--rm\",\n") - yaml.WriteString(" \"--shm-size=2gb\",\n") - yaml.WriteString(" \"--cap-add=SYS_ADMIN\",\n") - yaml.WriteString(" \"-e\",\n") - yaml.WriteString(" \"PLAYWRIGHT_ALLOWED_DOMAINS\",\n") - if len(args.AllowedDomains) == 0 { - yaml.WriteString(" \"-e\",\n") - yaml.WriteString(" \"PLAYWRIGHT_BLOCK_ALL_DOMAINS\",\n") + yaml.WriteString(" \"@playwright/mcp@latest\",\n") + if len(args.AllowedDomains) > 0 { + yaml.WriteString(" \"--allowed-origins\",\n") + yaml.WriteString(" \"" + strings.Join(args.AllowedDomains, ",") + "\"\n") } - yaml.WriteString(" \"mcr.microsoft.com/playwright:" + args.ImageVersion + "\"\n") - yaml.WriteString(" ],\n") - yaml.WriteString(" \"env\": {\n") - yaml.WriteString(" \"PLAYWRIGHT_ALLOWED_DOMAINS\": \"" + strings.Join(args.AllowedDomains, ",") + "\"") - if len(args.AllowedDomains) == 0 { - yaml.WriteString(",\n") - yaml.WriteString(" \"PLAYWRIGHT_BLOCK_ALL_DOMAINS\": \"true\"") - } - yaml.WriteString("\n") - yaml.WriteString(" }\n") + yaml.WriteString(" ]\n") if isLast { yaml.WriteString(" }\n") diff --git a/pkg/workflow/claude_engine_network_test.go b/pkg/workflow/claude_engine_network_test.go index 6945419f6f6..4b6678555b0 100644 --- a/pkg/workflow/claude_engine_network_test.go +++ b/pkg/workflow/claude_engine_network_test.go @@ -82,12 +82,12 @@ func TestClaudeEngineNetworkPermissions(t *testing.T) { stepYAML := strings.Join(steps[0], "\n") // Verify settings parameter is not present - if strings.Contains(stepYAML, "settings:") { + if strings.Contains(stepYAML, "--settings") { t.Error("Settings parameter should not be present without network permissions") } - // Verify model parameter is present - if !strings.Contains(stepYAML, "model: claude-3-5-sonnet-20241022") { + // Verify model parameter is present in claude_args + if !strings.Contains(stepYAML, "--model claude-3-5-sonnet-20241022") { t.Error("Expected model 'claude-3-5-sonnet-20241022' in step YAML") } }) @@ -113,12 +113,12 @@ func TestClaudeEngineNetworkPermissions(t *testing.T) { stepYAML := strings.Join(steps[0], "\n") // Verify settings parameter is present - if !strings.Contains(stepYAML, "settings: /tmp/.claude/settings.json") { + if !strings.Contains(stepYAML, "--settings /tmp/.claude/settings.json") { t.Error("Settings parameter should be present with network permissions") } - // Verify model parameter is present - if !strings.Contains(stepYAML, "model: claude-3-5-sonnet-20241022") { + // Verify model parameter is present in claude_args + if !strings.Contains(stepYAML, "--model claude-3-5-sonnet-20241022") { t.Error("Expected model 'claude-3-5-sonnet-20241022' in step YAML") } }) @@ -142,7 +142,7 @@ func TestClaudeEngineNetworkPermissions(t *testing.T) { stepYAML := strings.Join(steps[0], "\n") // Verify settings parameter is present even with deny-all policy - if !strings.Contains(stepYAML, "settings: /tmp/.claude/settings.json") { + if !strings.Contains(stepYAML, "--settings /tmp/.claude/settings.json") { t.Error("Settings parameter should be present with deny-all network permissions") } }) @@ -209,7 +209,7 @@ func TestNetworkPermissionsIntegration(t *testing.T) { stepYAML := strings.Join(execSteps[0], "\n") // Verify settings is configured - if !strings.Contains(stepYAML, "settings: /tmp/.claude/settings.json") { + if !strings.Contains(stepYAML, "--settings /tmp/.claude/settings.json") { t.Error("Settings parameter should be present") } diff --git a/pkg/workflow/claude_engine_test.go b/pkg/workflow/claude_engine_test.go index a3ec70f8c1d..fa84e330aa9 100644 --- a/pkg/workflow/claude_engine_test.go +++ b/pkg/workflow/claude_engine_test.go @@ -1,7 +1,6 @@ package workflow import ( - "fmt" "strings" "testing" ) @@ -52,59 +51,56 @@ func TestClaudeEngine(t *testing.T) { // Check step name found := false for _, line := range stepLines { - if strings.Contains(line, "name: Execute Claude Code Action") { + if strings.Contains(line, "name: Execute Claude Code CLI") { found = true break } } if !found { - t.Errorf("Expected step name 'Execute Claude Code Action' in step lines: %v", stepLines) + t.Errorf("Expected step name 'Execute Claude Code CLI' in step lines: %v", stepLines) } - // Check action usage + // Check npx usage instead of GitHub Action found = false - expectedAction := fmt.Sprintf("anthropics/claude-code-base-action@%s", DefaultClaudeActionVersion) for _, line := range stepLines { - if strings.Contains(line, "uses: "+expectedAction) { + if strings.Contains(line, "npx @anthropic-ai/claude-code@latest") { found = true break } } if !found { - t.Errorf("Expected action '%s' in step lines: %v", expectedAction, stepLines) + t.Errorf("Expected npx @anthropic-ai/claude-code@latest in step lines: %v", stepLines) } - // Check that required inputs are present + // Check that required CLI arguments are present stepContent := strings.Join(stepLines, "\n") - if !strings.Contains(stepContent, "prompt_file: /tmp/aw-prompts/prompt.txt") { - t.Errorf("Expected prompt_file input in step: %s", stepContent) + if !strings.Contains(stepContent, "--print") { + t.Errorf("Expected --print flag in step: %s", stepContent) } - if !strings.Contains(stepContent, "anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}") { - t.Errorf("Expected anthropic_api_key input in step: %s", stepContent) + if !strings.Contains(stepContent, "--permission-mode bypassPermissions") { + t.Errorf("Expected --permission-mode bypassPermissions in CLI args: %s", stepContent) } - if !strings.Contains(stepContent, "mcp_config: /tmp/mcp-config/mcp-servers.json") { - t.Errorf("Expected mcp_config input in step: %s", stepContent) + if !strings.Contains(stepContent, "--output-format json") { + t.Errorf("Expected --output-format json in CLI args: %s", stepContent) } - // claude_env should not be present when hasOutput=false (security improvement) - if strings.Contains(stepContent, "claude_env:") { - t.Errorf("Expected no claude_env input for security reasons, but got it in step: %s", stepContent) + if !strings.Contains(stepContent, "ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}") { + t.Errorf("Expected ANTHROPIC_API_KEY environment variable in step: %s", stepContent) } - // Check that special fields are present but empty (will be filled during generation) - if !strings.Contains(stepContent, "allowed_tools:") { - t.Error("Expected allowed_tools input to be present in step") + if !strings.Contains(stepContent, "--mcp-config /tmp/mcp-config/mcp-servers.json") { + t.Errorf("Expected MCP config in CLI args: %s", stepContent) } - if !strings.Contains(stepContent, "timeout_minutes:") { - t.Error("Expected timeout_minutes input to be present in step") + if !strings.Contains(stepContent, "--allowed-tools") { + t.Errorf("Expected allowed-tools in CLI args: %s", stepContent) } - // max_turns should NOT be present when not specified in engine config - if strings.Contains(stepContent, "max_turns:") { - t.Error("Expected max_turns input to NOT be present when not specified in engine config") + // timeout should now be at step level, not input level + if !strings.Contains(stepContent, "timeout-minutes:") { + t.Errorf("Expected timeout-minutes at step level: %s", stepContent) } } @@ -125,10 +121,9 @@ func TestClaudeEngineWithOutput(t *testing.T) { executionStep := steps[0] stepContent := strings.Join([]string(executionStep), "\n") - // Should include GITHUB_AW_SAFE_OUTPUTS when hasOutput=true, but no GH_TOKEN for security - expectedClaudeEnv := "claude_env: |\n GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }}" - if !strings.Contains(stepContent, expectedClaudeEnv) { - t.Errorf("Expected claude_env input with output '%s' in step content:\n%s", expectedClaudeEnv, stepContent) + // Should include GITHUB_AW_SAFE_OUTPUTS when hasOutput=true in environment section + if !strings.Contains(stepContent, "GITHUB_AW_SAFE_OUTPUTS: ${{ env.GITHUB_AW_SAFE_OUTPUTS }}") { + t.Errorf("Expected GITHUB_AW_SAFE_OUTPUTS in env section when hasOutput=true in step content:\n%s", stepContent) } } @@ -160,27 +155,25 @@ func TestClaudeEngineConfiguration(t *testing.T) { stepContent := strings.Join([]string(executionStep), "\n") // Verify the step contains expected content regardless of input - if !strings.Contains(stepContent, "name: Execute Claude Code Action") { - t.Errorf("Expected step name 'Execute Claude Code Action' in step content") + if !strings.Contains(stepContent, "name: Execute Claude Code CLI") { + t.Errorf("Expected step name 'Execute Claude Code CLI' in step content") } - expectedAction := fmt.Sprintf("anthropics/claude-code-base-action@%s", DefaultClaudeActionVersion) - if !strings.Contains(stepContent, "uses: "+expectedAction) { - t.Errorf("Expected action '%s' in step content", expectedAction) + if !strings.Contains(stepContent, "npx @anthropic-ai/claude-code@latest") { + t.Errorf("Expected npx @anthropic-ai/claude-code@latest in step content") } - // Verify all required inputs are present (except claude_env when hasOutput=false for security) - // max_turns is only present when specified in engine config - requiredInputs := []string{"prompt_file", "anthropic_api_key", "mcp_config", "allowed_tools", "timeout_minutes"} - for _, input := range requiredInputs { - if !strings.Contains(stepContent, input+":") { - t.Errorf("Expected input '%s' to be present in step content", input) + // Verify all required CLI elements are present + requiredElements := []string{"--print", "ANTHROPIC_API_KEY", "--mcp-config", "--permission-mode", "--output-format"} + for _, element := range requiredElements { + if !strings.Contains(stepContent, element) { + t.Errorf("Expected element '%s' to be present in step content", element) } } - // claude_env should not be present when hasOutput=false (security improvement) - if strings.Contains(stepContent, "claude_env:") { - t.Errorf("Expected no claude_env input for security reasons when hasOutput=false") + // timeout should be at step level, not input level + if !strings.Contains(stepContent, "timeout-minutes:") { + t.Errorf("Expected timeout-minutes at step level") } }) } @@ -210,15 +203,14 @@ func TestClaudeEngineWithVersion(t *testing.T) { executionStep := steps[0] stepContent := strings.Join([]string(executionStep), "\n") - // Check that the version is correctly used in the action - expectedAction := "anthropics/claude-code-base-action@v1.2.3" - if !strings.Contains(stepContent, "uses: "+expectedAction) { - t.Errorf("Expected action '%s' in step content:\n%s", expectedAction, stepContent) + // Check that npx uses the custom version specified in engine config + if !strings.Contains(stepContent, "npx @anthropic-ai/claude-code@v1.2.3") { + t.Errorf("Expected npx @anthropic-ai/claude-code@v1.2.3 in step content:\n%s", stepContent) } - // Check that model is set - if !strings.Contains(stepContent, "model: claude-3-5-sonnet-20241022") { - t.Errorf("Expected model 'claude-3-5-sonnet-20241022' in step content:\n%s", stepContent) + // Check that model is set in CLI args + if !strings.Contains(stepContent, "--model claude-3-5-sonnet-20241022") { + t.Errorf("Expected model 'claude-3-5-sonnet-20241022' in CLI args:\n%s", stepContent) } } @@ -245,10 +237,33 @@ func TestClaudeEngineWithoutVersion(t *testing.T) { executionStep := steps[0] stepContent := strings.Join([]string(executionStep), "\n") - // Check that default version is used - expectedAction := fmt.Sprintf("anthropics/claude-code-base-action@%s", DefaultClaudeActionVersion) - if !strings.Contains(stepContent, "uses: "+expectedAction) { - t.Errorf("Expected action '%s' in step content:\n%s", expectedAction, stepContent) + // Check that npx uses the default latest version when no version specified + if !strings.Contains(stepContent, "npx @anthropic-ai/claude-code@latest") { + t.Errorf("Expected npx @anthropic-ai/claude-code@latest when no version specified in step content:\n%s", stepContent) + } +} + +func TestClaudeEngineWithNilConfig(t *testing.T) { + engine := NewClaudeEngine() + + // Test with nil engine config (should use default latest) + workflowData := &WorkflowData{ + Name: "test-workflow", + EngineConfig: nil, + } + + steps := engine.GetExecutionSteps(workflowData, "test-log") + if len(steps) != 2 { + t.Fatalf("Expected 2 steps (execution + log capture), got %d", len(steps)) + } + + // Check the main execution step + executionStep := steps[0] + stepContent := strings.Join([]string(executionStep), "\n") + + // Check that npx uses the default latest version when no engine config + if !strings.Contains(stepContent, "npx @anthropic-ai/claude-code@latest") { + t.Errorf("Expected npx @anthropic-ai/claude-code@latest when no engine config in step content:\n%s", stepContent) } } diff --git a/pkg/workflow/claude_engine_tools_test.go b/pkg/workflow/claude_engine_tools_test.go index c756ef290b3..de422665c77 100644 --- a/pkg/workflow/claude_engine_tools_test.go +++ b/pkg/workflow/claude_engine_tools_test.go @@ -227,6 +227,13 @@ func TestClaudeEngineComputeAllowedTools(t *testing.T) { }, expected: "Bash,BashOutput,ExitPlanMode,Glob,Grep,KillBash,LS,NotebookRead,Read,Task,TodoWrite", }, + { + name: "neutral playwright tool", + tools: map[string]any{ + "playwright": nil, + }, + expected: "ExitPlanMode,Glob,Grep,LS,NotebookRead,Read,Task,TodoWrite,mcp__playwright__browser_click,mcp__playwright__browser_close,mcp__playwright__browser_console_messages,mcp__playwright__browser_drag,mcp__playwright__browser_evaluate,mcp__playwright__browser_file_upload,mcp__playwright__browser_fill_form,mcp__playwright__browser_handle_dialog,mcp__playwright__browser_hover,mcp__playwright__browser_install,mcp__playwright__browser_navigate,mcp__playwright__browser_navigate_back,mcp__playwright__browser_network_requests,mcp__playwright__browser_press_key,mcp__playwright__browser_resize,mcp__playwright__browser_select_option,mcp__playwright__browser_snapshot,mcp__playwright__browser_tabs,mcp__playwright__browser_take_screenshot,mcp__playwright__browser_type,mcp__playwright__browser_wait_for", + }, } for _, tt := range tests { diff --git a/pkg/workflow/claude_settings_tmp_test.go b/pkg/workflow/claude_settings_tmp_test.go index cb101c5cedb..9b7a8c3d18c 100644 --- a/pkg/workflow/claude_settings_tmp_test.go +++ b/pkg/workflow/claude_settings_tmp_test.go @@ -65,7 +65,7 @@ This workflow tests that .claude/settings.json is generated in /tmp directory. } // Test 3: Verify settings parameter points to /tmp/.claude/settings.json - if !strings.Contains(lockStr, "settings: /tmp/.claude/settings.json") { + if !strings.Contains(lockStr, "--settings /tmp/.claude/settings.json") { t.Error("Expected settings parameter to be '/tmp/.claude/settings.json' in generated workflow") } diff --git a/pkg/workflow/codex_engine.go b/pkg/workflow/codex_engine.go index af8c8c3e6fb..bc270d930cc 100644 --- a/pkg/workflow/codex_engine.go +++ b/pkg/workflow/codex_engine.go @@ -169,6 +169,37 @@ func (e *CodexEngine) convertStepToYAML(stepMap map[string]any) (string, error) return ConvertStepToYAML(stepMap) } +// expandNeutralToolsToCodexTools converts neutral tools to Codex-specific tools format +// This ensures that playwright tools get the same allowlist as the copilot agent +func (e *CodexEngine) expandNeutralToolsToCodexTools(tools map[string]any) map[string]any { + result := make(map[string]any) + + // Copy all existing tools + for key, value := range tools { + result[key] = value + } + + // Handle playwright tool by converting it to an MCP tool configuration with copilot agent tools + if _, hasPlaywright := tools["playwright"]; hasPlaywright { + // Create playwright as an MCP tool with the same tools available as copilot agent + playwrightMCP := map[string]any{ + "allowed": GetCopilotAgentPlaywrightTools(), + } + // If the original playwright tool has additional configuration (like docker_image_version), + // preserve it while adding the allowed tools + if playwrightConfig, ok := tools["playwright"].(map[string]any); ok { + for key, value := range playwrightConfig { + playwrightMCP[key] = value + } + } + // Always set the allowed tools to match copilot agent + playwrightMCP["allowed"] = GetCopilotAgentPlaywrightTools() + result["playwright"] = playwrightMCP + } + + return result +} + func (e *CodexEngine) RenderMCPConfig(yaml *strings.Builder, tools map[string]any, mcpTools []string, workflowData *WorkflowData) { yaml.WriteString(" cat > /tmp/mcp-config/config.toml << EOF\n") @@ -176,18 +207,21 @@ func (e *CodexEngine) RenderMCPConfig(yaml *strings.Builder, tools map[string]an yaml.WriteString(" [history]\n") yaml.WriteString(" persistence = \"none\"\n") + // Expand neutral tools (like playwright: null) to include the copilot agent tools + expandedTools := e.expandNeutralToolsToCodexTools(tools) + // Generate [mcp_servers] section for _, toolName := range mcpTools { switch toolName { case "github": - githubTool := tools["github"] + githubTool := expandedTools["github"] e.renderGitHubCodexMCPConfig(yaml, githubTool, workflowData) case "playwright": - playwrightTool := tools["playwright"] + playwrightTool := expandedTools["playwright"] e.renderPlaywrightCodexMCPConfig(yaml, playwrightTool, workflowData.NetworkPermissions) default: // Handle custom MCP tools (those with MCP-compatible type) - if toolConfig, ok := tools[toolName].(map[string]any); ok { + if toolConfig, ok := expandedTools[toolName].(map[string]any); ok { if hasMcp, _ := hasMCPConfig(toolConfig); hasMcp { if err := e.renderCodexMCPConfig(yaml, toolName, toolConfig); err != nil { fmt.Printf("Error generating custom MCP configuration for %s: %v\n", toolName, err) @@ -418,31 +452,22 @@ func (e *CodexEngine) renderGitHubCodexMCPConfig(yaml *strings.Builder, githubTo } // renderPlaywrightCodexMCPConfig generates Playwright MCP server configuration for codex config.toml -// Always uses Docker-based containerized setup in GitHub Actions +// Uses npx to launch Playwright MCP instead of Docker for better performance and simplicity func (e *CodexEngine) renderPlaywrightCodexMCPConfig(yaml *strings.Builder, playwrightTool any, networkPermissions *NetworkPermissions) { args := generatePlaywrightDockerArgs(playwrightTool, networkPermissions) yaml.WriteString(" \n") yaml.WriteString(" [mcp_servers.playwright]\n") - yaml.WriteString(" command = \"docker\"\n") + yaml.WriteString(" command = \"npx\"\n") yaml.WriteString(" args = [\n") - yaml.WriteString(" \"run\",\n") - yaml.WriteString(" \"-i\",\n") - yaml.WriteString(" \"--rm\",\n") - yaml.WriteString(" \"--shm-size=2gb\",\n") - yaml.WriteString(" \"--cap-add=SYS_ADMIN\",\n") - yaml.WriteString(" \"-e\",\n") - yaml.WriteString(" \"PLAYWRIGHT_ALLOWED_DOMAINS\",\n") - if len(args.AllowedDomains) == 0 { - yaml.WriteString(" \"-e\",\n") - yaml.WriteString(" \"PLAYWRIGHT_BLOCK_ALL_DOMAINS\",\n") + yaml.WriteString(" \"@playwright/mcp@latest\"") + if len(args.AllowedDomains) > 0 { + yaml.WriteString(",\n") + yaml.WriteString(" \"--allowed-origins\",\n") + yaml.WriteString(" \"" + strings.Join(args.AllowedDomains, ",") + "\"") } - yaml.WriteString(" \"mcr.microsoft.com/playwright:" + args.ImageVersion + "\"\n") + yaml.WriteString("\n") yaml.WriteString(" ]\n") - yaml.WriteString(" env.PLAYWRIGHT_ALLOWED_DOMAINS = \"" + strings.Join(args.AllowedDomains, ",") + "\"\n") - if len(args.AllowedDomains) == 0 { - yaml.WriteString(" env.PLAYWRIGHT_BLOCK_ALL_DOMAINS = \"true\"\n") - } } // renderCodexMCPConfig generates custom MCP server configuration for a single tool in codex workflow config.toml diff --git a/pkg/workflow/codex_playwright_test.go b/pkg/workflow/codex_playwright_test.go new file mode 100644 index 00000000000..28db90d6e17 --- /dev/null +++ b/pkg/workflow/codex_playwright_test.go @@ -0,0 +1,102 @@ +package workflow + +import ( + "strings" + "testing" +) + +func TestCodexEnginePlaywrightToolsExpansion(t *testing.T) { + engine := NewCodexEngine() + + tests := []struct { + name string + input map[string]any + expected int // Expected number of playwright tools + }{ + { + name: "playwright null expands to copilot agent tools", + input: map[string]any{"playwright": nil}, + expected: 21, // Should expand to all 21 copilot agent playwright tools + }, + { + name: "playwright with config preserves config and adds tools", + input: map[string]any{ + "playwright": map[string]any{ + "docker_image_version": "v1.40.0", + }, + }, + expected: 21, // Should still expand to all 21 tools + }, + { + name: "no playwright tool", + input: map[string]any{"github": nil}, + expected: 0, // No playwright tools expected + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + result := engine.expandNeutralToolsToCodexTools(tt.input) + + if tt.expected == 0 { + // Should not have playwright in result + if _, hasPlaywright := result["playwright"]; hasPlaywright { + t.Error("Expected no playwright tool in result") + } + } else { + // Should have playwright with correct number of allowed tools + playwrightTool, hasPlaywright := result["playwright"] + if !hasPlaywright { + t.Error("Expected playwright tool in result") + return + } + + playwrightConfig, ok := playwrightTool.(map[string]any) + if !ok { + t.Error("Expected playwright tool to be a map") + return + } + + allowed, hasAllowed := playwrightConfig["allowed"] + if !hasAllowed { + t.Error("Expected playwright tool to have 'allowed' field") + return + } + + allowedSlice, ok := allowed.([]any) + if !ok { + t.Error("Expected 'allowed' field to be a slice") + return + } + + if len(allowedSlice) != tt.expected { + t.Errorf("Expected %d playwright tools, got %d", tt.expected, len(allowedSlice)) + } + + // Verify that all expected copilot agent tools are present + expectedTools := GetCopilotAgentPlaywrightTools() + if len(allowedSlice) != len(expectedTools) { + t.Errorf("Expected %d tools to match copilot agent tools, got %d", len(expectedTools), len(allowedSlice)) + } + + // Check that some key tools are present + toolsStr := strings.Join(func() []string { + var tools []string + for _, tool := range allowedSlice { + if str, ok := tool.(string); ok { + tools = append(tools, str) + } + } + return tools + }(), ",") + + expectedKeyTools := []string{"browser_click", "browser_navigate", "browser_type", "browser_snapshot"} + for _, keyTool := range expectedKeyTools { + if !strings.Contains(toolsStr, keyTool) { + t.Errorf("Expected key tool '%s' to be present in allowed tools: %s", keyTool, toolsStr) + } + } + } + }) + } +} diff --git a/pkg/workflow/codex_test.go b/pkg/workflow/codex_test.go index f20b2e2f62f..ce09e06496c 100644 --- a/pkg/workflow/codex_test.go +++ b/pkg/workflow/codex_test.go @@ -1,7 +1,6 @@ package workflow import ( - "fmt" "os" "path/filepath" "strings" @@ -163,12 +162,12 @@ This is a test workflow. t.Errorf("Expected lock file to NOT contain 'Execute Claude Code Action' step when using codex.\nContent:\n%s", lockContent) } } else { - // Check that Claude Code is present - if !strings.Contains(lockContent, "Execute Claude Code Action") { - t.Errorf("Expected lock file to contain 'Execute Claude Code Action' step but it didn't.\nContent:\n%s", lockContent) + // Check that Claude Code CLI is present + if !strings.Contains(lockContent, "Execute Claude Code CLI") { + t.Errorf("Expected lock file to contain 'Execute Claude Code CLI' step but it didn't.\nContent:\n%s", lockContent) } - if !strings.Contains(lockContent, fmt.Sprintf("anthropics/claude-code-base-action@%s", DefaultClaudeActionVersion)) { - t.Errorf("Expected lock file to contain Claude Code action but it didn't.\nContent:\n%s", lockContent) + if !strings.Contains(lockContent, "npx @anthropic-ai/claude-code@latest") { + t.Errorf("Expected lock file to contain Claude Code npx command but it didn't.\nContent:\n%s", lockContent) } // Check that prompt printing step is present if !strings.Contains(lockContent, "Print prompt to step summary") { @@ -424,12 +423,12 @@ This is a test workflow for MCP configuration with different AI engines. if !strings.Contains(lockContent, "codex exec") { t.Errorf("Expected codex exec command but didn't find it in:\n%s", lockContent) } - if strings.Contains(lockContent, "claude-code-base-action") { - t.Errorf("Expected NO claude action but found it in:\n%s", lockContent) + if strings.Contains(lockContent, "npx @anthropic-ai/claude-code") { + t.Errorf("Expected NO claude CLI but found it in:\n%s", lockContent) } } else { - if !strings.Contains(lockContent, "claude-code-base-action") { - t.Errorf("Expected claude action but didn't find it in:\n%s", lockContent) + if !strings.Contains(lockContent, "npx @anthropic-ai/claude-code") { + t.Errorf("Expected claude CLI but didn't find it in:\n%s", lockContent) } if strings.Contains(lockContent, "codex exec") { t.Errorf("Expected NO codex exec but found it in:\n%s", lockContent) diff --git a/pkg/workflow/compiler_test.go b/pkg/workflow/compiler_test.go index 32fae70ed68..506ea949f44 100644 --- a/pkg/workflow/compiler_test.go +++ b/pkg/workflow/compiler_test.go @@ -1113,18 +1113,18 @@ This is a simple test workflow with Bash tools. } } - // Verify that 'ls' appears only once in the allowed_tools line (no duplicates in functionality) - // We need to check specifically in the allowed_tools line, not in comments - allowedToolsLinePattern := `allowed_tools: "([^"]+)"` + // Verify that 'ls' appears only once in the allowed-tools line (no duplicates in functionality) + // We need to check specifically in the --allowed-tools line in CLI args, not in comments + allowedToolsLinePattern := `--allowed-tools ([^\n]+)` re := regexp.MustCompile(allowedToolsLinePattern) matches := re.FindStringSubmatch(lockContent) if len(matches) < 2 { - t.Errorf("Could not find allowed_tools line in lock file") + t.Errorf("Could not find --allowed-tools line in lock file") } else { allowedToolsValue := matches[1] bashLsCount := strings.Count(allowedToolsValue, "Bash(ls)") if bashLsCount != 1 { - t.Errorf("Expected 'Bash(ls)' to appear exactly once in allowed_tools value, but found %d occurrences in: %s", bashLsCount, allowedToolsValue) + t.Errorf("Expected 'Bash(ls)' to appear exactly once in allowed-tools value, but found %d occurrences in: %s", bashLsCount, allowedToolsValue) } } } @@ -1618,18 +1618,18 @@ This should succeed and merge the allowed arrays. } } - // Verify that get_data appears only once in the allowed_tools line (no duplicates) - // We need to check specifically in the allowed_tools line, not in comments - allowedToolsLinePattern := `allowed_tools: "([^"]+)"` + // Verify that get_data appears only once in the allowed-tools line (no duplicates) + // We need to check specifically in the --allowed-tools line in CLI args, not in comments + allowedToolsLinePattern := `--allowed-tools ([^\n]+)` re := regexp.MustCompile(allowedToolsLinePattern) matches := re.FindStringSubmatch(lockContent) if len(matches) < 2 { - t.Errorf("Could not find allowed_tools line in lock file") + t.Errorf("Could not find --allowed-tools line in lock file") } else { allowedToolsValue := matches[1] allowedToolsMatch := strings.Count(allowedToolsValue, "mcp__apiServer__get_data") if allowedToolsMatch != 1 { - t.Errorf("Expected 'mcp__apiServer__get_data' to appear exactly once in allowed_tools value, but found %d occurrences", allowedToolsMatch) + t.Errorf("Expected 'mcp__apiServer__get_data' to appear exactly once in allowed-tools value, but found %d occurrences", allowedToolsMatch) } } @@ -4061,7 +4061,7 @@ This workflow tests the post-steps functionality. // Verify the order: pre-steps should come before AI execution, post-steps after preStepIndex := strings.Index(lockContent, "- name: Pre AI Step") - aiStepIndex := strings.Index(lockContent, "- name: Execute Claude Code Action") + aiStepIndex := strings.Index(lockContent, "- name: Execute Claude Code CLI") postStepIndex := strings.Index(lockContent, "- name: Post AI Step") if preStepIndex == -1 || aiStepIndex == -1 || postStepIndex == -1 { @@ -4141,7 +4141,7 @@ This workflow tests post-steps without pre-steps. } // Verify the order: AI execution should come before post-steps - aiStepIndex := strings.Index(lockContent, "- name: Execute Claude Code Action") + aiStepIndex := strings.Index(lockContent, "- name: Execute Claude Code CLI") postStepIndex := strings.Index(lockContent, "- name: Only Post Step") if aiStepIndex == -1 || postStepIndex == -1 { diff --git a/pkg/workflow/custom_engine.go b/pkg/workflow/custom_engine.go index 210da7f4bed..77616f9dc08 100644 --- a/pkg/workflow/custom_engine.go +++ b/pkg/workflow/custom_engine.go @@ -190,34 +190,19 @@ func (e *CustomEngine) renderGitHubMCPConfig(yaml *strings.Builder, githubTool a } // renderPlaywrightMCPConfig generates the Playwright MCP server configuration using shared logic -// Always uses Docker-based containerized setup in GitHub Actions +// Uses npx to launch Playwright MCP instead of Docker for better performance and simplicity func (e *CustomEngine) renderPlaywrightMCPConfig(yaml *strings.Builder, playwrightTool any, isLast bool, networkPermissions *NetworkPermissions) { args := generatePlaywrightDockerArgs(playwrightTool, networkPermissions) yaml.WriteString(" \"playwright\": {\n") - yaml.WriteString(" \"command\": \"docker\",\n") + yaml.WriteString(" \"command\": \"npx\",\n") yaml.WriteString(" \"args\": [\n") - yaml.WriteString(" \"run\",\n") - yaml.WriteString(" \"-i\",\n") - yaml.WriteString(" \"--rm\",\n") - yaml.WriteString(" \"--shm-size=2gb\",\n") - yaml.WriteString(" \"--cap-add=SYS_ADMIN\",\n") - yaml.WriteString(" \"-e\",\n") - yaml.WriteString(" \"PLAYWRIGHT_ALLOWED_DOMAINS\",\n") - if len(args.AllowedDomains) == 0 { - yaml.WriteString(" \"-e\",\n") - yaml.WriteString(" \"PLAYWRIGHT_BLOCK_ALL_DOMAINS\",\n") + yaml.WriteString(" \"@playwright/mcp@latest\",\n") + if len(args.AllowedDomains) > 0 { + yaml.WriteString(" \"--allowed-origins\",\n") + yaml.WriteString(" \"" + strings.Join(args.AllowedDomains, ",") + "\"\n") } - yaml.WriteString(" \"mcr.microsoft.com/playwright:" + args.ImageVersion + "\"\n") - yaml.WriteString(" ],\n") - yaml.WriteString(" \"env\": {\n") - yaml.WriteString(" \"PLAYWRIGHT_ALLOWED_DOMAINS\": \"" + strings.Join(args.AllowedDomains, ",") + "\"") - if len(args.AllowedDomains) == 0 { - yaml.WriteString(",\n") - yaml.WriteString(" \"PLAYWRIGHT_BLOCK_ALL_DOMAINS\": \"true\"") - } - yaml.WriteString("\n") - yaml.WriteString(" }\n") + yaml.WriteString(" ]\n") if isLast { yaml.WriteString(" }\n") diff --git a/pkg/workflow/custom_engine_test.go b/pkg/workflow/custom_engine_test.go index 0f6446e31a5..d8a3667b5df 100644 --- a/pkg/workflow/custom_engine_test.go +++ b/pkg/workflow/custom_engine_test.go @@ -234,19 +234,24 @@ func TestCustomEngineRenderPlaywrightMCPConfigWithDomainConfiguration(t *testing t.Errorf("Expected Playwright configuration in output") } - // Check that it contains Playwright domain environment variables - if !strings.Contains(output, "PLAYWRIGHT_ALLOWED_DOMAINS") { - t.Errorf("Expected PLAYWRIGHT_ALLOWED_DOMAINS environment variable in output") + // Check that it contains Playwright MCP npx configuration + if !strings.Contains(output, "@playwright/mcp@latest") { + t.Errorf("Expected Playwright MCP npx package in output") } - // Check that it contains the Playwright-specific domains, not network domains + // Check that it contains --allowed-origins flag when domains are configured + if !strings.Contains(output, "--allowed-origins") { + t.Errorf("Expected --allowed-origins flag in npx args") + } + + // Check that it contains the specified domains if !strings.Contains(output, "example.com,*.github.com") { - t.Errorf("Expected Playwright allowed domains to be included in environment variable") + t.Errorf("Expected configured domains in --allowed-origins value") } - // Check that it does NOT contain the network permission domains - if strings.Contains(output, "external.example.com") { - t.Errorf("Expected Playwright config to ignore network permissions, but found external.example.com") + // Check that it does NOT contain the old format environment variables + if strings.Contains(output, "PLAYWRIGHT_ALLOWED_DOMAINS") { + t.Errorf("Expected new simplified format without environment variables") } } @@ -280,19 +285,24 @@ func TestCustomEngineRenderPlaywrightMCPConfigDefaultDomains(t *testing.T) { t.Errorf("Expected Playwright configuration in output") } - // Check that it contains Playwright domain environment variables - if !strings.Contains(output, "PLAYWRIGHT_ALLOWED_DOMAINS") { - t.Errorf("Expected PLAYWRIGHT_ALLOWED_DOMAINS environment variable in output") + // Check that it contains Playwright MCP npx configuration + if !strings.Contains(output, "@playwright/mcp@latest") { + t.Errorf("Expected Playwright MCP npx package in output") + } + + // Check that it contains --allowed-origins flag for default domains + if !strings.Contains(output, "--allowed-origins") { + t.Errorf("Expected --allowed-origins flag in npx args") } - // Check that it defaults to localhost domains + // Check that it contains default domains (localhost, 127.0.0.1) if !strings.Contains(output, "localhost,127.0.0.1") { - t.Errorf("Expected Playwright to default to localhost domains when not configured") + t.Errorf("Expected default domains in --allowed-origins value") } - // Check that it does NOT contain the network permission domains - if strings.Contains(output, "external.example.com") { - t.Errorf("Expected Playwright config to ignore network permissions, but found external.example.com") + // Check that it does NOT contain the old format environment variables + if strings.Contains(output, "PLAYWRIGHT_ALLOWED_DOMAINS") { + t.Errorf("Expected new simplified format without environment variables") } } diff --git a/pkg/workflow/engine_config_test.go b/pkg/workflow/engine_config_test.go index ebac167d340..c1e344d0c89 100644 --- a/pkg/workflow/engine_config_test.go +++ b/pkg/workflow/engine_config_test.go @@ -457,7 +457,7 @@ func TestEngineConfigurationWithModel(t *testing.T) { switch tt.engine.GetID() { case "claude": if tt.expectedModel != "" { - expectedModelLine := "model: " + tt.expectedModel + expectedModelLine := "--model " + tt.expectedModel if !strings.Contains(stepContent, expectedModelLine) { t.Errorf("Expected step to contain model %s, got step content:\n%s", tt.expectedModel, stepContent) } diff --git a/pkg/workflow/engine_includes_test.go b/pkg/workflow/engine_includes_test.go index 1faa99b7fbd..27fc77a3652 100644 --- a/pkg/workflow/engine_includes_test.go +++ b/pkg/workflow/engine_includes_test.go @@ -244,9 +244,9 @@ This should use the default engine. } lockStr := string(lockContent) - // Should contain references to claude action (default engine) - if !strings.Contains(lockStr, "anthropics/claude-code-base-action") { - t.Error("Expected lock file to contain claude action reference") + // Should contain references to claude CLI (default engine) + if !strings.Contains(lockStr, "npx @anthropic-ai/claude-code") { + t.Error("Expected lock file to contain claude CLI reference") } } @@ -288,9 +288,9 @@ This workflow specifies claude engine directly without any includes. } lockStr := string(lockContent) - // Should contain references to claude action - if !strings.Contains(lockStr, "anthropics/claude-code-base-action") { - t.Error("Expected lock file to contain claude action reference") + // Should contain references to claude CLI + if !strings.Contains(lockStr, "npx @anthropic-ai/claude-code") { + t.Error("Expected lock file to contain claude CLI reference") } } diff --git a/pkg/workflow/git_patch_test.go b/pkg/workflow/git_patch_test.go index 3b9aaa1688c..a24c5c90b58 100644 --- a/pkg/workflow/git_patch_test.go +++ b/pkg/workflow/git_patch_test.go @@ -160,7 +160,7 @@ Please do the following tasks: agenticIndex := strings.Index(lockContent, "Execute Claude Code") if agenticIndex == -1 { // Try alternative agentic step names - agenticIndex = strings.Index(lockContent, "uses: anthropics/claude-code-base-action") + agenticIndex = strings.Index(lockContent, "npx @anthropic-ai/claude-code") if agenticIndex == -1 { agenticIndex = strings.Index(lockContent, "uses: githubnext/claude-action") } diff --git a/pkg/workflow/logs_test.go b/pkg/workflow/logs_test.go index 1ddcc211cd2..a91d1ec1200 100644 --- a/pkg/workflow/logs_test.go +++ b/pkg/workflow/logs_test.go @@ -48,7 +48,8 @@ This is a test workflow.` result := string(lockContent) expected := []string{ - "cp ${{ steps.agentic_execution.outputs.execution_file }}", + "touch /tmp/test-workflow.log", + "tail -10 /tmp/test-workflow.log", } for _, expected := range expected { diff --git a/pkg/workflow/max_turns_test.go b/pkg/workflow/max_turns_test.go index acccaecd9a9..df489581ef9 100644 --- a/pkg/workflow/max_turns_test.go +++ b/pkg/workflow/max_turns_test.go @@ -32,7 +32,7 @@ tools: # Test Max Turns This workflow tests the max-turns feature.`, - expectedMaxTurns: "max_turns: 3", + expectedMaxTurns: "--max-turns 3", shouldInclude: true, }, { @@ -73,7 +73,7 @@ tools: # Test Max Turns and Timeout This workflow tests max-turns with timeout.`, - expectedMaxTurns: "max_turns: 10", + expectedMaxTurns: "--max-turns 10", shouldInclude: true, }, } @@ -115,38 +115,38 @@ This workflow tests max-turns with timeout.`, } // Verify GITHUB_AW_MAX_TURNS environment variable is set - expectedEnvVar := "GITHUB_AW_MAX_TURNS: " + strings.TrimPrefix(tt.expectedMaxTurns, "max_turns: ") + expectedEnvVar := "GITHUB_AW_MAX_TURNS: " + strings.TrimPrefix(tt.expectedMaxTurns, "--max-turns ") if !strings.Contains(lockContentStr, expectedEnvVar) { t.Errorf("Expected GITHUB_AW_MAX_TURNS environment variable to be set. Expected: %s\nActual content:\n%s", expectedEnvVar, lockContentStr) } - // Verify it's in the correct context (under the Claude action inputs) - if !strings.Contains(lockContentStr, "anthropics/claude-code-base-action") { - t.Error("Expected to find Claude action in generated workflow") + // Verify it's in the correct context (under the Claude CLI execution) + if !strings.Contains(lockContentStr, "npx @anthropic-ai/claude-code") { + t.Error("Expected to find Claude CLI in generated workflow") } - // Look for max_turns in the inputs section + // Look for max_turns in the claude_args section (v1.0 format) lines := strings.Split(lockContentStr, "\n") foundAction := false foundMaxTurns := false - for i, line := range lines { - if strings.Contains(line, "anthropics/claude-code-base-action") { + for _, line := range lines { + if strings.Contains(line, "npx @anthropic-ai/claude-code") { foundAction = true - } - if foundAction && strings.Contains(line, "with:") { - // Look for max_turns in the subsequent lines - for j := i + 1; j < len(lines) && strings.HasPrefix(lines[j], " "); j++ { - if strings.Contains(lines[j], "max_turns:") { - foundMaxTurns = true - break - } + // Check if --max-turns is in the same line or subsequent run lines + if strings.Contains(line, "--max-turns") { + foundMaxTurns = true + break } + } + // Also check in run command lines that might span multiple lines + if foundAction && strings.Contains(line, "--max-turns") { + foundMaxTurns = true break } } if !foundMaxTurns { - t.Error("Expected to find max_turns in the action inputs section") + t.Error("Expected to find --max-turns in the CLI command") } } else { // Verify max_turns is NOT included when not specified diff --git a/pkg/workflow/neutral_tools_test.go b/pkg/workflow/neutral_tools_test.go index ad8b4dd6cd3..d0f7d7b0e53 100644 --- a/pkg/workflow/neutral_tools_test.go +++ b/pkg/workflow/neutral_tools_test.go @@ -98,6 +98,31 @@ func TestExpandNeutralToolsToClaudeTools(t *testing.T) { "claude": map[string]any{ "allowed": map[string]any{}, }, + "playwright": map[string]any{ + "allowed": []any{ + "browser_click", + "browser_close", + "browser_console_messages", + "browser_drag", + "browser_evaluate", + "browser_file_upload", + "browser_fill_form", + "browser_handle_dialog", + "browser_hover", + "browser_install", + "browser_navigate", + "browser_navigate_back", + "browser_network_requests", + "browser_press_key", + "browser_resize", + "browser_select_option", + "browser_snapshot", + "browser_tabs", + "browser_take_screenshot", + "browser_type", + "browser_wait_for", + }, + }, }, }, { @@ -121,6 +146,31 @@ func TestExpandNeutralToolsToClaudeTools(t *testing.T) { "Write": nil, }, }, + "playwright": map[string]any{ + "allowed": []any{ + "browser_click", + "browser_close", + "browser_console_messages", + "browser_drag", + "browser_evaluate", + "browser_file_upload", + "browser_fill_form", + "browser_handle_dialog", + "browser_hover", + "browser_install", + "browser_navigate", + "browser_navigate_back", + "browser_network_requests", + "browser_press_key", + "browser_resize", + "browser_select_option", + "browser_snapshot", + "browser_tabs", + "browser_take_screenshot", + "browser_type", + "browser_wait_for", + }, + }, }, }, {