Commit 9526e1d
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
Add environment variable mirroring from runner to agent container (#11980)
* Initial plan
* Add environment variable mirroring from runner to agent container (initial plan)
Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
* Add environment variable mirroring from runner to agent container
Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
* chore: regenerate workflows after merge with main
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Merge origin/main and regenerate workflows
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Add changeset [skip-ci]
* Fix PATH ordering to prioritize actions/setup-* versions
The generic `find /opt/hostedtoolcache` command returns directories in
alphabetical order, causing older runtime versions (e.g., Go 1.22.12) to
shadow newer ones (e.g., Go 1.25.6) because "1.22" < "1.25" alphabetically.
This fix prepends specific tool paths from environment variables (set by
actions/setup-go, actions/setup-java, etc.) BEFORE the generic find results:
- GOROOT/bin (Go)
- JAVA_HOME/bin (Java)
- CARGO_HOME/bin (Rust)
- GEM_HOME/bin (Ruby)
- CONDA/bin (Conda)
- PIPX_BIN_DIR (pipx)
- SWIFT_PATH (Swift)
- DOTNET_ROOT (.NET)
This ensures the version configured by setup actions takes precedence over
other versions that may exist in hostedtoolcache.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Fix shell injection risk by computing tool paths on runner side
Instead of using shell variable expansion like ${GOROOT:+$GOROOT/bin:}
inside the container (which could be exploited), compute the tool bin
paths on the runner side and pass them as a literal value via --env.
Changes:
- Add GetToolBinsSetup() to compute GH_AW_TOOL_BINS on the runner
- Add GetToolBinsEnvArg() to pass GH_AW_TOOL_BINS via --env to container
- Update GetHostedToolcachePathSetup() to use $GH_AW_TOOL_BINS
- Update all engines (Claude, Codex, Copilot) to use the safer approach
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* Add changeset [skip-ci]
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
Co-authored-by: Jiaxiao (mossaka) Zhou <duibao55328@gmail.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>1 parent bc6aed9 commit 9526e1d
147 files changed
Lines changed: 1032 additions & 320 deletions
File tree
- .changeset
- .github/workflows
- docs/src/content/docs/reference
- pkg/workflow
Some content is hidden
Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
0 commit comments