Commit c923b80
feat: add AWF JSON/YAML config ingestion with schema validation and CLI precedence (#2018)
* Initial plan
* feat: add JSON/YAML config file loading and schema docs
Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/dcd77d8b-19a4-4eab-9b64-5772d37fda34
* refactor: tighten config validation helpers and precedence docs
Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/dcd77d8b-19a4-4eab-9b64-5772d37fda34
* docs: clarify config parsing and RFC wording
Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/dcd77d8b-19a4-4eab-9b64-5772d37fda34
* refactor: clarify in-place config option merge behavior
Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/dcd77d8b-19a4-4eab-9b64-5772d37fda34
* Potential fix for pull request finding 'CodeQL / Useless assignment to local variable'
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
* fix: retry apt-get update on transient mirror failures in Dockerfiles
The initial apt-get update can fail with hash mismatches when Ubuntu
mirrors are mid-sync. The existing retry logic only covered apt-get
install failures, not apt-get update failures. This adds a retry with
cache clear for the initial apt-get update in both agent and squid
Dockerfiles.
Fixes: squid-proxy build failure (exit code 100) in --build-local CI
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: set COPILOT_MODEL fallback to claude-sonnet-4.5 for BYOK mode
The byok-copilot feature flag generates an empty COPILOT_MODEL fallback,
but BYOK providers require an explicit model. This patches the lock file
with claude-sonnet-4.5 as the default.
Workaround for: github/gh-aw#26565
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: use retry loop with backoff for apt-get update in Dockerfiles
Replace single-retry apt-get update with a 3-attempt retry loop using
exponential backoff (10s, 20s, 30s). The single retry was insufficient
when Ubuntu mirrors are in prolonged sync states (observed in CI where
mirror hash mismatches persisted across multiple minutes).
The apt_update_retry function clears the apt cache before each attempt,
ensuring a clean state. Applied to all apt-get update calls in both
agent and squid Dockerfiles, including the install-retry fallback paths.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix: use Azure apt mirrors in Dockerfiles for CI reliability
GitHub Actions runners are Azure-hosted, so azure.archive.ubuntu.com
is geographically closer and more reliable than archive.ubuntu.com.
This reduces Hash Sum mismatch failures during Ubuntu mirror syncs.
Handles both traditional sources.list (jammy/22.04) and DEB822 format
(noble/24.04+) used by ubuntu/squid:latest.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Landon Cox <landon.cox@microsoft.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>1 parent 4681e04 commit c923b80
File tree
9 files changed
+879
-14
lines changed- .github/workflows
- containers
- agent
- squid
- docs
- src
9 files changed
+879
-14
lines changedSome generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
34 | 34 | | |
35 | 35 | | |
36 | 36 | | |
| 37 | + | |
| 38 | + | |
37 | 39 | | |
38 | 40 | | |
39 | 41 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
9 | 9 | | |
10 | 10 | | |
11 | 11 | | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
12 | 26 | | |
13 | 27 | | |
14 | | - | |
| 28 | + | |
15 | 29 | | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
16 | 36 | | |
17 | | - | |
| 37 | + | |
18 | 38 | | |
19 | 39 | | |
20 | | - | |
21 | | - | |
| 40 | + | |
22 | 41 | | |
23 | 42 | | |
24 | 43 | | |
| |||
39 | 58 | | |
40 | 59 | | |
41 | 60 | | |
| 61 | + | |
| 62 | + | |
| 63 | + | |
| 64 | + | |
| 65 | + | |
| 66 | + | |
42 | 67 | | |
43 | | - | |
| 68 | + | |
44 | 69 | | |
45 | 70 | | |
46 | | - | |
47 | | - | |
| 71 | + | |
48 | 72 | | |
49 | 73 | | |
50 | 74 | | |
51 | 75 | | |
52 | 76 | | |
53 | 77 | | |
54 | | - | |
| 78 | + | |
| 79 | + | |
| 80 | + | |
| 81 | + | |
| 82 | + | |
| 83 | + | |
| 84 | + | |
| 85 | + | |
55 | 86 | | |
56 | | - | |
57 | | - | |
| 87 | + | |
58 | 88 | | |
59 | 89 | | |
60 | 90 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
3 | 17 | | |
4 | | - | |
| 18 | + | |
5 | 19 | | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
6 | 26 | | |
7 | | - | |
| 27 | + | |
8 | 28 | | |
9 | 29 | | |
10 | | - | |
| 30 | + | |
11 | 31 | | |
12 | 32 | | |
13 | 33 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
| 54 | + | |
| 55 | + | |
| 56 | + | |
| 57 | + | |
| 58 | + | |
| 59 | + | |
| 60 | + | |
| 61 | + | |
| 62 | + | |
| 63 | + | |
| 64 | + | |
| 65 | + | |
| 66 | + | |
| 67 | + | |
| 68 | + | |
| 69 | + | |
| 70 | + | |
| 71 | + | |
| 72 | + | |
| 73 | + | |
| 74 | + | |
| 75 | + | |
| 76 | + | |
| 77 | + | |
| 78 | + | |
| 79 | + | |
| 80 | + | |
| 81 | + | |
| 82 | + | |
| 83 | + | |
| 84 | + | |
| 85 | + | |
| 86 | + | |
| 87 | + | |
| 88 | + | |
| 89 | + | |
| 90 | + | |
| 91 | + | |
| 92 | + | |
| 93 | + | |
| 94 | + | |
| 95 | + | |
| 96 | + | |
| 97 | + | |
| 98 | + | |
| 99 | + | |
| 100 | + | |
| 101 | + | |
| 102 | + | |
| 103 | + | |
| 104 | + | |
| 105 | + | |
| 106 | + | |
| 107 | + | |
| 108 | + | |
| 109 | + | |
| 110 | + | |
| 111 | + | |
| 112 | + | |
| 113 | + | |
| 114 | + | |
| 115 | + | |
| 116 | + | |
0 commit comments