Fix label gates, duplicate title prefixes, allow-all-tools, and image digest pinning#11
Merged
zircote merged 2 commits intofeature/gh-aw-migrationfrom Feb 21, 2026
Merged
Conversation
6 tasks
…improvements Co-authored-by: zircote <307960+zircote@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Migrate workflows to GitHub Agentic Workflow format
Fix label gates, duplicate title prefixes, allow-all-tools, and image digest pinning
Feb 21, 2026
zircote
added a commit
that referenced
this pull request
Feb 21, 2026
* Migrate 4 workflows to GitHub Agentic Workflow (gh-aw) format Replace YAML workflows that assigned copilot-swe-agent or used github-script with unified gh-aw markdown files that combine trigger configuration and agent instructions in a single file. Migrated workflows: - flock-action: NSIP breeding analysis (consolidates .yml + instructions) - eov-enrichment: EOV ecological monitoring (consolidates .yml + instructions) - weekly-reminder: Monday farm checklist creation - eov-seasonal-reminder: Quarterly ecological monitoring reminder Kept as YAML (not agentic): - copilot-setup-steps.yml (infrastructure setup) - dependabot-automerge.yml (CI reusable workflow) Key improvements in gh-aw format: - Read-only permissions with writes gated through safe-outputs - Reaction feedback (eyes) on event-triggered workflows - Restricted bash allowlists (least-privilege) - Lock-for-agent to prevent concurrent processing - Duplicate detection for scheduled workflows - Edge case handling for invalid inputs - Branch-prefix constraints on PR creation * Fix compile errors and add compiled .lock.yml files - Remove unsupported `reaction` and `branch-prefix` fields - Fix bash tool syntax (array format, not object) - Remove unsupported `max`/`discussions` on safe-outputs - Add compiled .lock.yml for all 4 agentic workflows - Add .gitattributes and .github/aw/ from gh-aw compiler * Fix label gates, duplicate title prefixes, allow-all-tools, and image digest pinning (#11) * Initial plan * Fix review comments: label gates, title prefix duplication, security improvements Co-authored-by: zircote <307960+zircote@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: zircote <307960+zircote@users.noreply.github.com> * Fix gh-aw workflow issues: label gates, duplicate title prefixes, security restrictions, and Docker image pinning (#10) * Initial plan * Address review comments: fix duplicate title prefixes, label gates, security restrictions, and Docker image pinning Co-authored-by: zircote <307960+zircote@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: zircote <307960+zircote@users.noreply.github.com> Co-authored-by: Robert Allen <zircote@gmail.com> --------- Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: zircote <307960+zircote@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This pull request fixes four classes of security and quality issues identified during the review of PR #9, which migrated workflows to the gh-aw format. The fixes ensure workflows only trigger on appropriately labeled issues, eliminate duplicate title prefixes, tighten security posture for one workflow, and pin the NSIP MCP Docker image to a specific digest.
Changes:
- Added label gate conditions to flock-action and eov-enrichment workflow activation jobs to prevent execution on unlabeled issues
- Removed redundant
title-prefixconfigurations from weekly-reminder, eov-seasonal-reminder, and flock-action workflows where agent instructions already construct full titles - Replaced
--allow-all-tools --allow-all-pathswith explicit tool and path allowlists in weekly-reminder workflow - Pinned NSIP MCP Docker image to SHA256 digest in flock-action workflow for supply chain security
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
.github/workflows/flock-action.lock.yml |
Added label gate condition, removed title-prefix from PR tool description and config, pinned Docker image to sha256 digest |
.github/workflows/flock-action.md |
Removed title-prefix from safe-outputs config, pinned Docker image to sha256 digest |
.github/workflows/eov-enrichment.lock.yml |
Added multi-label OR gate condition for 5 EOV record/action labels |
.github/workflows/eov-seasonal-reminder.lock.yml |
Removed title-prefix from issue creation tool description and config |
.github/workflows/eov-seasonal-reminder.md |
Removed title-prefix from safe-outputs config |
.github/workflows/weekly-reminder.lock.yml |
Removed title-prefix from issue creation tool description and config, replaced --allow-all-tools --allow-all-paths with explicit allowlists |
.github/workflows/weekly-reminder.md |
Removed title-prefix from safe-outputs config |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Four classes of issues identified in PR #9 review: workflows firing on every issue open (no label gate), agent-prefixed titles getting double-prefixed by safe-outputs,
--allow-all-tools --allow-all-pathsbypassing security posture, and mutable Docker image reference for the NSIP MCP server.Label gates
flock-action.lock.yml: activation job now requirescontains(github.event.issue.labels.*.name, 'flock-action')eov-enrichment.lock.yml: activation job gates on any of the 5 EOV labels (record:eov-*,eov-action)The
names:filter in theon:block was already commented out by the compiler ("Label filtering applied via job conditions") but the conditions were never added.Duplicate title prefixes removed
safe-outputstitle-prefixwas prepending to titles the agent was already constructing in full:weekly-reminder"Weekly Farm Check - ""Weekly Farm Check - Week {N}"eov-seasonal-reminder"EOV ""EOV {Season} {Year} Monitoring"flock-action"[Flock Action] ""[Flock Action] {Action} — {N} animals"Removed from both the
.mdsource frontmatter and the correspondingGH_AW_SAFE_OUTPUTS_HANDLER_CONFIG/ tool description in each.lock.yml.Explicit tool/path allowlist (weekly-reminder)
Replaced
--allow-all-tools --allow-all-pathswith an explicit allowlist scoped to what the workflow actually uses:Docker image digest pinned
Applied in both
flock-action.mdandflock-action.lock.yml.✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.