Include and pin safe-outputs gh-aw-node image in default container predownload and manifest

[Copilot]

Safe-outputs runs in ghcr.io/github/gh-aw-node, but that image was not part of the default container set used for predownload or recorded in the compiled gh-aw-manifest. This change makes the safe-outputs runtime image first-class in both places so generated workflows prefetch it and lock headers describe it accurately, and it resolves through embedded container pin data for predownload/manifest paths.

• Container collection

  • Add ghcr.io/github/gh-aw-node to the default collected container set whenever safe-outputs is enabled.
  • Preserve existing de-duplication and pinning behavior by flowing the image through the normal container collection path.

• Manifest/header coverage

  • Ensure the same image is emitted into workflowData.DockerImagePins, so compiled lock files include it under gh-aw-manifest.containers.

• Pinned runtime config + MCP gateway compatibility

  • Add an embedded container pin for ghcr.io/github/gh-aw-node.
  • Resolve the safe-outputs MCP container reference through pin lookup, then normalize digest refs to MCP Gateway-compatible image[:tag] format for mcpServers.safeoutputs.container (instead of image@sha256:...).

• Regression coverage

  • Update tests to assert:
    • the generated Download container images step includes the pinned gh-aw-node image
    • the compiled gh-aw-manifest header includes gh-aw-node
    • generated safe-outputs MCP config uses the gateway-compatible gh-aw-node container reference
    • safe-outputs still does not fall back to node:lts-alpine

func resolveContainerImage(image string, data *WorkflowData) string {
	var cache *ActionCache
	if data != nil {
		cache = data.ActionCache
	}
	if pin, ok := lookupContainerPin(image, cache); ok && pin.PinnedImage != "" {
		return pin.PinnedImage
	}
	return image
}

[pelikhan]

@copilot run pr-finisher skill

[Copilot]

@copilot run pr-finisher skill

Ran a finisher pass. No unresolved review threads are open, and local make agent-report-progress, make test, and make recompile all passed. The prior CGO failure (TestHashConsistencyAcrossLockFiles) was not reproducible locally. The remaining blockers are that the PR is still draft and CI on the current head is stale/unverified until a maintainer marks it ready and re-triggers workflows.

[pelikhan]

@copilot make sure the container is versioned or pinned to a hash

[Copilot]

Addressed in 1d493a4. The safe-outputs gh-aw-node image now resolves through an embedded digest pin, and the generated MCP config, predownload step, manifest header, and regenerated lock files all use the pinned reference.

[Copilot]

Pull request overview

This pull request makes the Safe Outputs runtime container (ghcr.io/github/gh-aw-node) a first-class, digest-pinned dependency in gh-aw by (1) collecting it into the default predownload image set when safe-outputs is enabled, (2) emitting it into gh-aw-manifest container pin data, and (3) ensuring generated MCP config references the pinned image.

Changes:

• Add ghcr.io/github/gh-aw-node to Docker image collection when safe-outputs is enabled, and ensure manifest pin data is recorded via the existing pinning pipeline.
• Add an embedded container pin for ghcr.io/github/gh-aw-node and a resolveContainerImage helper; use it when rendering the Safe Outputs MCP container reference.
• Update tests and regenerate workflow .lock.yml files so predownload steps, manifest headers, and MCP config reflect the pinned gh-aw-node image.

Show a summary per file

File	Description
pkg/workflow/action_pins.go	Add resolveContainerImage helper to prefer cached/embedded container pins.
pkg/workflow/docker.go	Collect gh-aw-node into the default Docker predownload set when safe-outputs is enabled.
pkg/workflow/docker_pin_test.go	Add coverage for embedded gh-aw-node pin usage and safe-outputs image collection/manifest pin assertions.
pkg/workflow/docker_predownload_test.go	Assert predownload step includes pinned gh-aw-node and manifest header includes the base image.
pkg/workflow/mcp_renderer_builtin.go	Render Safe Outputs MCP container via pinned image resolution (JSON + TOML paths).
pkg/workflow/mcp_renderer_test.go	Update renderer tests to expect the pinned gh-aw-node container reference.
pkg/workflow/mcp_setup_generator_test.go	Update MCP setup generation expectations to match pinned gh-aw-node container usage.
pkg/workflow/mcp_config_refactor_test.go	Update shared config helper tests to expect pinned gh-aw-node container references.
pkg/workflow/mcp_api_key_masking_test.go	Update safe-outputs MCP config assertions to match pinned container reference.
pkg/workflow/safe_outputs_mcp_integration_test.go	Update integration assertions to validate pinned gh-aw-node in generated lock output.
pkg/workflow/data/action_pins.json	Add embedded container pin entry for ghcr.io/github/gh-aw-node.
pkg/actionpins/data/action_pins.json	Add embedded container pin entry for ghcr.io/github/gh-aw-node.
.github/aw/actions-lock.json	Record gh-aw-node pin in the repo-local pins cache file.
.github/workflows/video-analyzer.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/test-workflow.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/test-dispatcher.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/smoke-pi.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload.
.github/workflows/smoke-copilot-sdk.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/smoke-ci.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/research.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/repo-tree-map.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/issue-triage-agent.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/gpclean.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/github-remote-mcp-auth-test.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/firewall.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/example-permissions-warning.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/daily-team-status.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/daily-syntax-error-quality.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/daily-max-ai-credits-test.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/daily-credit-limit-test.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/daily-byok-ollama-test.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/copilot-pr-merged-report.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/copilot-centralization-optimizer.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/copilot-centralization-drilldown.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/bot-detection.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.
.github/workflows/ace-editor.lock.yml	Regenerated lock file to include pinned gh-aw-node in manifest + predownload + MCP config.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 102/262 changed files
• Comments generated: 0

[pelikhan]

@copilot merge main and recompile

[github-actions]

⚠️ Smoke Antigravity failed. Antigravity encountered unexpected challenges...

[github-actions]

💫 TO BE CONTINUED... Smoke Claude failed! Our hero faces unexpected challenges...

[github-actions]

⚠️ Smoke Gemini failed. Gemini encountered unexpected challenges...

[github-actions]

🚀 Smoke Pi MISSION COMPLETE! Pi delivered. 🥧

[github-actions]

🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation...

[github-actions]

❌ Tool validation failed! Agent Container Smoke Test detected missing tools: failed

[github-actions]

📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing...

[github-actions]

📰 BREAKING: Smoke Copilot - AOAI (apikey) is now investigating this pull request. Sources say the story is developing...

[github-actions]

📰 BREAKING: Smoke Copilot - AOAI (Entra) is now investigating this pull request. Sources say the story is developing...

[pelikhan]

@copilot fix failures at https://github.com/github/gh-aw/actions/runs/27648258427/job/81766058559?pr=39644

[Copilot]

@copilot merge main and recompile

Done in 742d97d. I merged latest main into this branch and recompiled; the regenerated lock file is included.

[Copilot]

@copilot fix failures at https://github.com/github/gh-aw/actions/runs/27648258427/job/81766058559?pr=39644

Fixed in 63bc374. The failure came from MCP Gateway schema validation rejecting digest-form container refs (image@sha256:...) for mcpServers.safeoutputs.container. I updated safe-outputs MCP rendering to normalize pinned refs to MCP-compatible image[:tag] while keeping pin lookup logic intact for predownload/manifest paths, and added/updated tests accordingly.