Fix empty firewall allowlist in Codex external detection job (gh-aw-detection)#41525
Merged
Conversation
… AWF command Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot
AI
changed the title
Fix Codex detection firewall: add AllowedDomains to external detector AWF command
Fix empty firewall allowlist in Codex external detection job (gh-aw-detection)
Jun 25, 2026
Copilot created this pull request from a session on behalf of
pelikhan
June 25, 2026 20:07
View session
Contributor
There was a problem hiding this comment.
Pull request overview
Fixes a regression in the external threat-detection job path where the Agentic Workflow Firewall (AWF) config omitted network.allowDomains for Codex-based detection runs, causing the engine to fail immediately due to blocked required domains.
Changes:
- Populate
AWFCommandConfig.AllowedDomainsfor the external detector execution step usingGetAllowedDomainsForEngine, and extend withengine.api-targetdomains when configured. - Add a Go test ensuring Codex external detection compilation includes required OpenAI/Codex domains in the detection job output.
- Recompile workflow lock files so detection jobs now embed the generated AWF
network.allowDomainslist.
Show a summary per file
| File | Description |
|---|---|
| pkg/workflow/threat_detection_external.go | Ensures external detection AWF config includes computed allowed domains (plus api-target-derived domains). |
| pkg/workflow/threat_detection_isolation_test.go | Adds coverage to confirm Codex external detection output contains required allowed domains. |
| .github/workflows/test-quality-sentinel.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/test-project-url-default.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/test-dispatcher.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/test-create-pr-error-handling.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-workflow-call.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-workflow-call-with-inputs.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-update-cross-repo-pr.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-test-tools.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-temporary-id.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-service-ports.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-project.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-pi.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-otel-backends.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-opencode.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-multi-pr.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-crush.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-create-cross-repo-pr.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-copilot.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-copilot-sdk.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-copilot-arm.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-copilot-aoai-entra.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-copilot-aoai-apikey.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-codex.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-claude.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-call-workflow.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-antigravity.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-agent-scoped-approved.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-agent-public-none.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-agent-public-approved.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-agent-all-none.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/smoke-agent-all-merged.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/github-remote-mcp-auth-test.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/docs-noob-tester.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-testify-uber-super-expert.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-repo-chronicle.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-rendering-scripts-verifier.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-reliability-review.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-performance-summary.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-observability-report.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-news.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-multi-device-docs-tester.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-model-resolution.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-model-inventory.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-mcp-concurrency-analysis.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-max-ai-credits-test.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-issues-report.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-hippo-learn.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-geo-optimizer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-function-namer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-formal-spec-verifier.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-file-diet.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-fact.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-experiment-report.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-doc-updater.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-doc-healer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-credit-limit-test.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-compiler-threat-spec-optimizer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-compiler-quality.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-community-attribution.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-code-metrics.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-cli-tools-tester.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-cli-performance.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-choice-test.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-caveman-optimizer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-cache-strategy-analyzer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-byok-ollama-test.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-awf-spec-compiler-surfacing.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-aw-cross-repo-compile-check.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-astrostylelite-markdown-spellcheck.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-assign-issue-to-user.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-architecture-diagram.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-ambient-context-optimizer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-agentrx-trace-optimizer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/daily-agent-of-the-day-blog-writer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/craft.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/copilot-session-insights.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/copilot-pr-prompt-analysis.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/copilot-pr-nlp-analysis.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/copilot-pr-merged-report.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/copilot-opt.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/copilot-cli-deep-research.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/copilot-agent-analysis.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/contribution-check.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/constraint-solving-potd.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/commit-changes-analyzer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/code-scanning-fixer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/cloclo.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/cli-version-checker.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/cli-consistency-checker.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/claude-code-user-docs-review.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/ci-doctor.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/ci-coach.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/chaos-pr-bundle-fuzzer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/changeset.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/breaking-change-checker.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/brave.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/blog-auditor.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/aw-failure-investigator.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/avenger.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/auto-triage-issues.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/audit-workflows.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/artifacts-summary.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/architecture-guardian.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/archie.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/approach-validator.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/api-consumption-report.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/agent-persona-explorer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/agent-performance-analyzer.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/workflows/ab-testing-advisor.lock.yml | Recompiled lockfile; detection AWF config now includes network.allowDomains. |
| .github/mcp.json | JSON formatting cleanup (inline args/tools arrays). |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 112/112 changed files
- Comments generated: 1
Comment on lines
+439
to
+445
| // The AWF config JSON in the detection job must include Codex's required domains | ||
| // so that the engine can reach api.openai.com and chatgpt.com inside the sandbox. | ||
| for _, domain := range []string{"api.openai.com", "chatgpt.com", "openai.com"} { | ||
| if !strings.Contains(detectionSection, domain) { | ||
| t.Errorf("Codex external detector AWF config must allow domain %q", domain) | ||
| } | ||
| } |
Contributor
|
🚀 Smoke Pi MISSION COMPLETE! Pi delivered. 🥧 |
Contributor
|
🚀 Smoke Gemini MISSION COMPLETE! Gemini has spoken. ✨ |
Contributor
|
✅ All tools validated successfully! Agent Container Smoke Test confirms agent container is ready. |
Contributor
|
🚀 Smoke Antigravity MISSION COMPLETE! Antigravity has spoken. ✨ |
Contributor
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 Caution agentic threat detected DetailsThe threat detection engine failed to produce results. Review the workflow run logs for details. |
Contributor
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
Contributor
|
📰 BREAKING: Smoke Copilot - AOAI (apikey) is now investigating this pull request. Sources say the story is developing... |
Contributor
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
Contributor
|
📰 BREAKING: Smoke Copilot - AOAI (Entra) is now investigating this pull request. Sources say the story is developing... |
Contributor
|
Smoke test FAIL
Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "proxy.golang.org"See Network Configuration for more information.
|
Contributor
Agent Container Tool Check
Result: 12/12 tools available ✅ Overall Status: PASS
|
Contributor
Smoke Test: Gemini - 28199065666\n\n- GitHub MCP Testing: ✅\n- Web Fetch Testing: ✅\n- File Writing Testing: ✅\n- Bash Tool Testing: ✅\n- Build gh-aw: ❌\n\nOverall Status: FAILWarning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "localhost"See Network Configuration for more information.
|
Contributor
|
Caution agentic threat detected DetailsThe threat detection engine failed to produce results. Review the workflow run logs for details. Smoke Test: Codex - 28199066075 Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
Contributor
|
Caution agentic threat detected DetailsThe threat detection engine failed to produce results. Review the workflow run logs for details. Comment MemoryNote This comment is managed by comment memory.It stores persistent context for this thread in the code block at the top of this comment. Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
💥 Automated smoke test review - all systems nominal!
Warning
Firewall blocked 6 domains
The following domains were blocked by the firewall during workflow execution:
accounts.google.comandroid.clients.google.comclients2.google.comcontentautofill.googleapis.comsafebrowsingohttpgateway.googleapis.comwww.google.com
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
💥 [THE END] — Illustrated by Smoke Claude · 77.3 AIC · ⌖ 32.2 AIC · ⊞ 8.7K
| (umask 177 && touch /tmp/gh-aw/threat-detection/detection.log) | ||
| GH_AW_MAX_AI_CREDITS="${{ vars.GH_AW_DEFAULT_DETECTION_MAX_AI_CREDITS || '400' }}" | ||
| printf '%s\n' "{\"\$schema\":\"https://github.com/github/gh-aw-firewall/releases/download/v0.27.10/awf-config.schema.json\",\"apiProxy\":{\"enabled\":true,\"enableTokenSteering\":true,\"maxRuns\":500,\"maxAiCredits\":${GH_AW_MAX_AI_CREDITS},\"maxCacheMisses\":5},\"container\":{\"imageTag\":\"0.27.10,squid=sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98,agent=sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8,api-proxy=sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e\"}}" > "${RUNNER_TEMP}/gh-aw/awf-config.json" | ||
| printf '%s\n' "{\"\$schema\":\"https://github.com/github/gh-aw-firewall/releases/download/v0.27.10/awf-config.schema.json\",\"network\":{\"allowDomains\":[\"api.business.githubcopilot.com\",\"api.enterprise.githubcopilot.com\",\"api.github.com\",\"api.githubcopilot.com\",\"api.individual.githubcopilot.com\",\"github.com\",\"host.docker.internal\",\"raw.githubusercontent.com\",\"registry.npmjs.org\",\"telemetry.enterprise.githubcopilot.com\"]},\"apiProxy\":{\"enabled\":true,\"enableTokenSteering\":true,\"maxRuns\":500,\"maxAiCredits\":${GH_AW_MAX_AI_CREDITS},\"maxCacheMisses\":5},\"container\":{\"imageTag\":\"0.27.10,squid=sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98,agent=sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8,api-proxy=sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e\"}}" > "${RUNNER_TEMP}/gh-aw/awf-config.json" |
Contributor
There was a problem hiding this comment.
Smoke test review: this firewall allowDomains addition looks correct — verifying the JSON is well-formed.
| printf '%s\n' "{\"\$schema\":\"https://github.com/github/gh-aw-firewall/releases/download/v0.27.10/awf-config.schema.json\",\"apiProxy\":{\"enabled\":true,\"enableTokenSteering\":true,\"maxRuns\":500,\"maxAiCredits\":${GH_AW_MAX_AI_CREDITS},\"maxCacheMisses\":5},\"container\":{\"imageTag\":\"0.27.10,squid=sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98,agent=sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8,api-proxy=sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e\"}}" > "${RUNNER_TEMP}/gh-aw/awf-config.json" | ||
| printf '%s\n' "{\"\$schema\":\"https://github.com/github/gh-aw-firewall/releases/download/v0.27.10/awf-config.schema.json\",\"network\":{\"allowDomains\":[\"api.business.githubcopilot.com\",\"api.enterprise.githubcopilot.com\",\"api.github.com\",\"api.githubcopilot.com\",\"api.individual.githubcopilot.com\",\"github.com\",\"host.docker.internal\",\"raw.githubusercontent.com\",\"registry.npmjs.org\",\"telemetry.enterprise.githubcopilot.com\"]},\"apiProxy\":{\"enabled\":true,\"enableTokenSteering\":true,\"maxRuns\":500,\"maxAiCredits\":${GH_AW_MAX_AI_CREDITS},\"maxCacheMisses\":5},\"container\":{\"imageTag\":\"0.27.10,squid=sha256:4d7a79482c47f2390f9fa87663cd9cb728bfb2380d9a9610479fa234c906ea98,agent=sha256:e47878fa4953f5b4d38b4ec12c155aa12ab9befea299ea2d21a8b104de8bcbc8,api-proxy=sha256:4bd2598466928efbd360fd6575b68c6b420a7ec3b7c1be20844c560a0dd2878e\"}}" > "${RUNNER_TEMP}/gh-aw/awf-config.json" | ||
| cp "${RUNNER_TEMP}/gh-aw/awf-config.json" /tmp/gh-aw/awf-config.json | ||
| export GH_AW_MODELS_JSON_PATH="/tmp/gh-aw/models.json" |
Contributor
There was a problem hiding this comment.
Smoke test review: confirm imageTag pins remain consistent across all lock files.
Contributor
Comment MemoryNote This comment is managed by comment memory.It stores persistent context for this thread in the code block at the top of this comment. Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
Contributor
There was a problem hiding this comment.
Smoke test review submission complete.
Warning
Firewall blocked 6 domains
The following domains were blocked by the firewall during workflow execution:
accounts.google.comandroid.clients.google.comclients2.google.comcontentautofill.googleapis.comsafebrowsingohttpgateway.googleapis.comwww.google.com
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
📰 BREAKING: Report filed by Smoke Copilot · 512.9 AIC · ⌖ 12.3 AIC · ⊞ 18.9K
Collaborator
|
@copilot the config is not properly setup for codex. see https://github.com/github/gh-aw/actions/runs/28199066075 |
Collaborator
|
@copilot disable gh-aw-detection feature for all smoke agentic workflows |
This was referenced Jun 25, 2026
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Contributor
Author
Fixed in 8b0cc6d. The Codex detection path now includes tool/runtime-derived allowlist domains plus Codex GitHub defaults ( |
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Contributor
Author
Contributor
|
``
|
Contributor
|
``
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When
features: gh-aw-detection: trueis set with a Codex engine, the detection job's AWF firewall had an emptyallowDomainslist, causing Codex to fail immediately —api.openai.com,chatgpt.com, andapi.github.comwere all blocked.The bug was in
buildExternalDetectorExecutionStep:AWFCommandConfigwas constructed withoutAllowedDomains, soBuildAWFConfigJSONemitted nonetwork.allowDomains. Every other execution path (main agent job, Copilot detection) already sets this correctly.Changes
pkg/workflow/threat_detection_external.go— computeAllowedDomainsviaGetAllowedDomainsForEnginefor the detection engine before buildingAWFCommandConfig; also extend withapi-targetdomains when set, matching the main-agent pathpkg/workflow/threat_detection_isolation_test.go— addTestExternalDetectorCodexFirewallDomainsto assert thatapi.openai.com,chatgpt.com, andopenai.comappear in the compiled detection job's AWF configsmoke-codex.lock.ymlrecompiled; detection job AWF config now includes:✨ PR Review Safe Output Test - Run 28199065644
Warning
Firewall blocked 6 domains
The following domains were blocked by the firewall during workflow execution:
accounts.google.comandroid.clients.google.comclients2.google.comcontentautofill.googleapis.comsafebrowsingohttpgateway.googleapis.comwww.google.comSee Network Configuration for more information.