diff --git a/.github/workflows/ace-editor.lock.yml b/.github/workflows/ace-editor.lock.yml index e0f67ce2cd4..2c86a7bbd63 100644 --- a/.github/workflows/ace-editor.lock.yml +++ b/.github/workflows/ace-editor.lock.yml @@ -89,7 +89,7 @@ jobs: issues: write pull-requests: write env: - GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "100000000" + GH_AW_MAX_DAILY_AI_CREDITS: "100000000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -125,7 +125,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "ACE Editor Session" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/ace-editor.lock.yml@${{ github.ref }} @@ -162,7 +162,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "ACE Editor Session" @@ -170,7 +170,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "100000000" + GH_AW_MAX_DAILY_AI_CREDITS: "100000000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/agentic-token-audit.lock.yml b/.github/workflows/agentic-token-audit.lock.yml index 3265d56178d..fbf874e46a1 100644 --- a/.github/workflows/agentic-token-audit.lock.yml +++ b/.github/workflows/agentic-token-audit.lock.yml @@ -78,6 +78,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -106,7 +108,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Agentic Workflow Token Usage Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-audit.lock.yml@${{ github.ref }} @@ -143,7 +145,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Agentic Workflow Token Usage Audit" @@ -151,6 +153,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/agentic-token-optimizer.lock.yml b/.github/workflows/agentic-token-optimizer.lock.yml index e1e12395b4b..a59c0d36318 100644 --- a/.github/workflows/agentic-token-optimizer.lock.yml +++ b/.github/workflows/agentic-token-optimizer.lock.yml @@ -74,6 +74,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -102,7 +104,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-optimizer.lock.yml@${{ github.ref }} @@ -139,7 +141,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Agentic Workflow Token Usage Optimizer" @@ -147,6 +149,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/agentic-token-trend-audit.lock.yml b/.github/workflows/agentic-token-trend-audit.lock.yml index 04228522114..ec130019bbe 100644 --- a/.github/workflows/agentic-token-trend-audit.lock.yml +++ b/.github/workflows/agentic-token-trend-audit.lock.yml @@ -78,6 +78,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -106,7 +108,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "On-Demand Agentic Workflow Token Trend Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/agentic-token-trend-audit.lock.yml@${{ github.ref }} @@ -140,7 +142,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "On-Demand Agentic Workflow Token Trend Audit" @@ -148,6 +150,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/agentic_commands.yml b/.github/workflows/agentic_commands.yml index 268c957f646..03d87fa4430 100644 --- a/.github/workflows/agentic_commands.yml +++ b/.github/workflows/agentic_commands.yml @@ -1,12 +1,7 @@ -# gh-aw-commands: {"payload_version":"v1","schema_version":"v1","compiler_version":"dev","commands":["ace","approach-validator","archie","brave","cloclo","craft","grumpy","matt","mergefest","nit","plan","poem-bot","review","ruflo","scout","security-review","smoke-agent-all-merged","smoke-agent-all-none","smoke-agent-public-approved","smoke-agent-public-none","smoke-agent-scoped-approved","smoke-antigravity","smoke-call-workflow","smoke-claude","smoke-codex","smoke-copilot","smoke-copilot-arm","smoke-copilot-sdk","smoke-create-cross-repo-pr","smoke-crush","smoke-gemini","smoke-multi-pr","smoke-opencode","smoke-otel-backends","smoke-pi","smoke-project","smoke-service-ports","smoke-temporary-id","smoke-test-tools","smoke-update-cross-repo-pr","summarize","tidy","unbloat"],"workflows":["ace-editor","approach-validator","archie","brave","ci-doctor","cloclo","craft","design-decision-gate","dev","grumpy-reviewer","mattpocock-skills-reviewer","mergefest","necromancer","pdf-summary","plan","poem-bot","pr-code-quality-reviewer","pr-nitpick-reviewer","ruflo-backed-task","scout","security-review","smoke-agent-all-merged","smoke-agent-all-none","smoke-agent-public-approved","smoke-agent-public-none","smoke-agent-scoped-approved","smoke-antigravity","smoke-call-workflow","smoke-claude","smoke-codex","smoke-copilot","smoke-copilot-arm","smoke-copilot-sdk","smoke-create-cross-repo-pr","smoke-crush","smoke-gemini","smoke-multi-pr","smoke-opencode","smoke-otel-backends","smoke-pi","smoke-project","smoke-service-ports","smoke-temporary-id","smoke-test-tools","smoke-update-cross-repo-pr","test-quality-sentinel","tidy","unbloat-docs"]} +# gh-aw-commands: {"payload_version":"v1","schema_version":"v1","compiler_version":"dev","commands":["ace","grumpy","matt","mergefest","nit","plan","poem-bot","review","ruflo","scout","security-review","smoke-agent-all-merged","smoke-agent-all-none","smoke-agent-public-approved","smoke-agent-public-none","smoke-agent-scoped-approved","smoke-antigravity","smoke-call-workflow","smoke-claude","smoke-codex","smoke-copilot","smoke-copilot-arm","smoke-copilot-sdk","smoke-create-cross-repo-pr","smoke-crush","smoke-gemini","smoke-multi-pr","smoke-opencode","smoke-otel-backends","smoke-pi","smoke-project","smoke-service-ports","smoke-temporary-id","smoke-test-tools","smoke-update-cross-repo-pr","summarize","tidy","unbloat"],"workflows":["ace-editor","design-decision-gate","dev","grumpy-reviewer","mattpocock-skills-reviewer","mergefest","necromancer","pdf-summary","plan","poem-bot","pr-code-quality-reviewer","pr-nitpick-reviewer","ruflo-backed-task","scout","security-review","smoke-agent-all-merged","smoke-agent-all-none","smoke-agent-public-approved","smoke-agent-public-none","smoke-agent-scoped-approved","smoke-antigravity","smoke-call-workflow","smoke-claude","smoke-codex","smoke-copilot","smoke-copilot-arm","smoke-copilot-sdk","smoke-create-cross-repo-pr","smoke-crush","smoke-gemini","smoke-multi-pr","smoke-opencode","smoke-otel-backends","smoke-pi","smoke-project","smoke-service-ports","smoke-temporary-id","smoke-test-tools","smoke-update-cross-repo-pr","test-quality-sentinel","tidy","unbloat-docs"]} # Routing summary (sorted): # slash commands: # /ace -> ace-editor [pull_request_comment] reaction=eyes -# /approach-validator -> approach-validator [issue_comment,pull_request_comment] reaction=eyes -# /archie -> archie [issue_comment,issues,pull_request,pull_request_comment] reaction=eyes -# /brave -> brave [issue_comment] reaction=eyes -# /cloclo -> cloclo [discussion,discussion_comment,issue_comment,issues,pull_request,pull_request_comment,pull_request_review_comment] reaction=eyes -# /craft -> craft [issues] reaction=eyes # /grumpy -> grumpy-reviewer [pull_request_comment,pull_request_review_comment] reaction=eyes # /matt -> mattpocock-skills-reviewer [pull_request_comment,pull_request_review_comment] reaction=eyes # /mergefest -> mergefest [pull_request_comment] reaction=eyes @@ -47,12 +42,8 @@ # /tidy -> tidy [pull_request_comment] reaction=eyes # /unbloat -> unbloat-docs [pull_request_comment] reaction=eyes # labels: -# approach-proposal -> approach-validator [issues,pull_request] reaction=eyes -# ci-doctor -> ci-doctor [pull_request] reaction=eyes -# cloclo -> cloclo [discussion,issues,pull_request] reaction=eyes # dev -> dev [discussion,issues,pull_request] reaction=eyes # necromancer -> necromancer [pull_request] reaction=eyes -# needs-design -> approach-validator [issues,pull_request] reaction=eyes # smoke -> smoke-copilot [pull_request] reaction=eyes # smoke -> smoke-otel-backends [pull_request] reaction=eyes # smoke-sdk -> smoke-copilot-sdk [pull_request] reaction=eyes @@ -119,8 +110,8 @@ jobs: - name: Route slash command uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: - GH_AW_SLASH_ROUTING: '{"ace":[{"workflow":"ace-editor","events":["pull_request_comment"],"ai_reaction":"eyes"}],"approach-validator":[{"workflow":"approach-validator","events":["issue_comment","pull_request_comment"],"ai_reaction":"eyes"}],"archie":[{"workflow":"archie","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"brave":[{"workflow":"brave","events":["issue_comment"],"ai_reaction":"eyes"}],"cloclo":[{"workflow":"cloclo","events":["discussion","discussion_comment","issue_comment","issues","pull_request","pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"craft":[{"workflow":"craft","events":["issues"],"ai_reaction":"eyes"}],"grumpy":[{"workflow":"grumpy-reviewer","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"matt":[{"workflow":"mattpocock-skills-reviewer","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"mergefest":[{"workflow":"mergefest","events":["pull_request_comment"],"ai_reaction":"eyes"}],"nit":[{"workflow":"pr-nitpick-reviewer","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"plan":[{"workflow":"plan","events":["discussion_comment","issue_comment"],"ai_reaction":"eyes"}],"poem-bot":[{"workflow":"poem-bot","events":["issues"],"ai_reaction":"eyes"}],"review":[{"workflow":"design-decision-gate","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"},{"workflow":"pr-code-quality-reviewer","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"},{"workflow":"test-quality-sentinel","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"ruflo":[{"workflow":"ruflo-backed-task","events":["issue_comment"],"ai_reaction":"eyes"}],"scout":[{"workflow":"scout","events":["discussion","discussion_comment","issue_comment","issues","pull_request","pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"security-review":[{"workflow":"security-review","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"smoke-agent-all-merged":[{"workflow":"smoke-agent-all-merged","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-agent-all-none":[{"workflow":"smoke-agent-all-none","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-agent-public-approved":[{"workflow":"smoke-agent-public-approved","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-agent-public-none":[{"workflow":"smoke-agent-public-none","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-agent-scoped-approved":[{"workflow":"smoke-agent-scoped-approved","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-antigravity":[{"workflow":"smoke-antigravity","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"rocket"}],"smoke-call-workflow":[{"workflow":"smoke-call-workflow","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-claude":[{"workflow":"smoke-claude","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"heart"}],"smoke-codex":[{"workflow":"smoke-codex","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"hooray"}],"smoke-copilot":[{"workflow":"smoke-copilot","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-copilot-arm":[{"workflow":"smoke-copilot-arm","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-copilot-sdk":[{"workflow":"smoke-copilot-sdk","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-create-cross-repo-pr":[{"workflow":"smoke-create-cross-repo-pr","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-crush":[{"workflow":"smoke-crush","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-gemini":[{"workflow":"smoke-gemini","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"rocket"}],"smoke-multi-pr":[{"workflow":"smoke-multi-pr","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-opencode":[{"workflow":"smoke-opencode","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"rocket"}],"smoke-otel-backends":[{"workflow":"smoke-otel-backends","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-pi":[{"workflow":"smoke-pi","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"rocket"}],"smoke-project":[{"workflow":"smoke-project","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-service-ports":[{"workflow":"smoke-service-ports","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-temporary-id":[{"workflow":"smoke-temporary-id","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-test-tools":[{"workflow":"smoke-test-tools","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-update-cross-repo-pr":[{"workflow":"smoke-update-cross-repo-pr","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"summarize":[{"workflow":"pdf-summary","events":["issue_comment","issues"],"ai_reaction":"eyes"}],"tidy":[{"workflow":"tidy","events":["pull_request_comment"],"ai_reaction":"eyes"}],"unbloat":[{"workflow":"unbloat-docs","events":["pull_request_comment"],"ai_reaction":"eyes"}]}' - GH_AW_LABEL_ROUTING: '{"approach-proposal":[{"workflow":"approach-validator","events":["issues","pull_request"],"ai_reaction":"eyes"}],"ci-doctor":[{"workflow":"ci-doctor","events":["pull_request"],"ai_reaction":"eyes"}],"cloclo":[{"workflow":"cloclo","events":["discussion","issues","pull_request"],"ai_reaction":"eyes"}],"dev":[{"workflow":"dev","events":["discussion","issues","pull_request"],"ai_reaction":"eyes"}],"necromancer":[{"workflow":"necromancer","events":["pull_request"],"ai_reaction":"eyes"}],"needs-design":[{"workflow":"approach-validator","events":["issues","pull_request"],"ai_reaction":"eyes"}],"smoke":[{"workflow":"smoke-copilot","events":["pull_request"],"ai_reaction":"eyes"},{"workflow":"smoke-otel-backends","events":["pull_request"],"ai_reaction":"eyes"}],"smoke-sdk":[{"workflow":"smoke-copilot-sdk","events":["pull_request"],"ai_reaction":"eyes"}]}' + GH_AW_SLASH_ROUTING: '{"ace":[{"workflow":"ace-editor","events":["pull_request_comment"],"ai_reaction":"eyes"}],"grumpy":[{"workflow":"grumpy-reviewer","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"matt":[{"workflow":"mattpocock-skills-reviewer","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"mergefest":[{"workflow":"mergefest","events":["pull_request_comment"],"ai_reaction":"eyes"}],"nit":[{"workflow":"pr-nitpick-reviewer","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"plan":[{"workflow":"plan","events":["discussion_comment","issue_comment"],"ai_reaction":"eyes"}],"poem-bot":[{"workflow":"poem-bot","events":["issues"],"ai_reaction":"eyes"}],"review":[{"workflow":"design-decision-gate","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"},{"workflow":"pr-code-quality-reviewer","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"},{"workflow":"test-quality-sentinel","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"ruflo":[{"workflow":"ruflo-backed-task","events":["issue_comment"],"ai_reaction":"eyes"}],"scout":[{"workflow":"scout","events":["discussion","discussion_comment","issue_comment","issues","pull_request","pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"security-review":[{"workflow":"security-review","events":["pull_request_comment","pull_request_review_comment"],"ai_reaction":"eyes"}],"smoke-agent-all-merged":[{"workflow":"smoke-agent-all-merged","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-agent-all-none":[{"workflow":"smoke-agent-all-none","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-agent-public-approved":[{"workflow":"smoke-agent-public-approved","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-agent-public-none":[{"workflow":"smoke-agent-public-none","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-agent-scoped-approved":[{"workflow":"smoke-agent-scoped-approved","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-antigravity":[{"workflow":"smoke-antigravity","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"rocket"}],"smoke-call-workflow":[{"workflow":"smoke-call-workflow","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-claude":[{"workflow":"smoke-claude","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"heart"}],"smoke-codex":[{"workflow":"smoke-codex","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"hooray"}],"smoke-copilot":[{"workflow":"smoke-copilot","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-copilot-arm":[{"workflow":"smoke-copilot-arm","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-copilot-sdk":[{"workflow":"smoke-copilot-sdk","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-create-cross-repo-pr":[{"workflow":"smoke-create-cross-repo-pr","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-crush":[{"workflow":"smoke-crush","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-gemini":[{"workflow":"smoke-gemini","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"rocket"}],"smoke-multi-pr":[{"workflow":"smoke-multi-pr","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-opencode":[{"workflow":"smoke-opencode","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"rocket"}],"smoke-otel-backends":[{"workflow":"smoke-otel-backends","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-pi":[{"workflow":"smoke-pi","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"rocket"}],"smoke-project":[{"workflow":"smoke-project","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-service-ports":[{"workflow":"smoke-service-ports","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-temporary-id":[{"workflow":"smoke-temporary-id","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-test-tools":[{"workflow":"smoke-test-tools","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"smoke-update-cross-repo-pr":[{"workflow":"smoke-update-cross-repo-pr","events":["issue_comment","issues","pull_request","pull_request_comment"],"ai_reaction":"eyes"}],"summarize":[{"workflow":"pdf-summary","events":["issue_comment","issues"],"ai_reaction":"eyes"}],"tidy":[{"workflow":"tidy","events":["pull_request_comment"],"ai_reaction":"eyes"}],"unbloat":[{"workflow":"unbloat-docs","events":["pull_request_comment"],"ai_reaction":"eyes"}]}' + GH_AW_LABEL_ROUTING: '{"dev":[{"workflow":"dev","events":["discussion","issues","pull_request"],"ai_reaction":"eyes"}],"necromancer":[{"workflow":"necromancer","events":["pull_request"],"ai_reaction":"eyes"}],"smoke":[{"workflow":"smoke-copilot","events":["pull_request"],"ai_reaction":"eyes"},{"workflow":"smoke-otel-backends","events":["pull_request"],"ai_reaction":"eyes"}],"smoke-sdk":[{"workflow":"smoke-copilot-sdk","events":["pull_request"],"ai_reaction":"eyes"}]}' with: script: | const { setupGlobals } = require('${{ runner.temp }}/gh-aw/actions/setup_globals.cjs'); diff --git a/.github/workflows/blog-auditor.lock.yml b/.github/workflows/blog-auditor.lock.yml index e5a89c0355d..34fb18d9e52 100644 --- a/.github/workflows/blog-auditor.lock.yml +++ b/.github/workflows/blog-auditor.lock.yml @@ -92,7 +92,7 @@ jobs: actions: read contents: read env: - GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "100000000" + GH_AW_MAX_DAILY_AI_CREDITS: "100000000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +123,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Blog Auditor" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/blog-auditor.lock.yml@${{ github.ref }} @@ -160,7 +160,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Blog Auditor" @@ -168,7 +168,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "100000000" + GH_AW_MAX_DAILY_AI_CREDITS: "100000000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/cli-consistency-checker.lock.yml b/.github/workflows/cli-consistency-checker.lock.yml index 883c27c8866..c156e92e442 100644 --- a/.github/workflows/cli-consistency-checker.lock.yml +++ b/.github/workflows/cli-consistency-checker.lock.yml @@ -88,7 +88,7 @@ jobs: actions: read contents: read env: - GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "100000000" + GH_AW_MAX_DAILY_AI_CREDITS: "100000000" outputs: comment_id: "" comment_repo: "" @@ -116,7 +116,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "CLI Consistency Checker" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/cli-consistency-checker.lock.yml@${{ github.ref }} @@ -153,7 +153,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "CLI Consistency Checker" @@ -161,7 +161,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "100000000" + GH_AW_MAX_DAILY_AI_CREDITS: "100000000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/cli-version-checker.lock.yml b/.github/workflows/cli-version-checker.lock.yml index bcc265c311a..18f558f4ab6 100644 --- a/.github/workflows/cli-version-checker.lock.yml +++ b/.github/workflows/cli-version-checker.lock.yml @@ -93,7 +93,7 @@ jobs: actions: read contents: read env: - GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "100000000" + GH_AW_MAX_DAILY_AI_CREDITS: "100000000" outputs: comment_id: "" comment_repo: "" @@ -122,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "CLI Version Checker" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/cli-version-checker.lock.yml@${{ github.ref }} @@ -159,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "CLI Version Checker" @@ -167,7 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "100000000" + GH_AW_MAX_DAILY_AI_CREDITS: "100000000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/copilot-pr-merged-report.lock.yml b/.github/workflows/copilot-pr-merged-report.lock.yml index 6bf7a918482..f1d7a2071da 100644 --- a/.github/workflows/copilot-pr-merged-report.lock.yml +++ b/.github/workflows/copilot-pr-merged-report.lock.yml @@ -95,7 +95,7 @@ jobs: actions: read contents: read env: - GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "100000000" + GH_AW_MAX_DAILY_AI_CREDITS: "100000000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +123,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Copilot PR Merged Report" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/copilot-pr-merged-report.lock.yml@${{ github.ref }} @@ -160,7 +160,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Copilot PR Merged Report" @@ -168,7 +168,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "100000000" + GH_AW_MAX_DAILY_AI_CREDITS: "100000000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-model-inventory.lock.yml b/.github/workflows/daily-model-inventory.lock.yml index 785b8b7e47e..d3795479f51 100644 --- a/.github/workflows/daily-model-inventory.lock.yml +++ b/.github/workflows/daily-model-inventory.lock.yml @@ -91,6 +91,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -119,7 +121,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Model Inventory Checker" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-model-inventory.lock.yml@${{ github.ref }} @@ -156,7 +158,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Model Inventory Checker" @@ -164,6 +166,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-multi-device-docs-tester.lock.yml b/.github/workflows/daily-multi-device-docs-tester.lock.yml index 355fac5a21b..a765ecc3387 100644 --- a/.github/workflows/daily-multi-device-docs-tester.lock.yml +++ b/.github/workflows/daily-multi-device-docs-tester.lock.yml @@ -95,6 +95,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +125,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Multi-Device Docs Tester" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-multi-device-docs-tester.lock.yml@${{ github.ref }} @@ -160,7 +162,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Multi-Device Docs Tester" @@ -168,6 +170,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-news.lock.yml b/.github/workflows/daily-news.lock.yml index 725f5f46329..fec4912d6f2 100644 --- a/.github/workflows/daily-news.lock.yml +++ b/.github/workflows/daily-news.lock.yml @@ -99,6 +99,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -128,7 +130,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily News" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-news.lock.yml@${{ github.ref }} @@ -165,7 +167,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily News" @@ -173,6 +175,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-observability-report.lock.yml b/.github/workflows/daily-observability-report.lock.yml index 74981eef984..2d31f70d83b 100644 --- a/.github/workflows/daily-observability-report.lock.yml +++ b/.github/workflows/daily-observability-report.lock.yml @@ -97,6 +97,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -125,7 +127,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Observability Report for AWF Firewall and MCP Gateway" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-observability-report.lock.yml@${{ github.ref }} @@ -162,7 +164,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Observability Report for AWF Firewall and MCP Gateway" @@ -170,6 +172,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -1448,18 +1451,18 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_0a8006bfb0fe5c73_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_bb1f0cafbbe1cb1d_EOF [history] persistence = "none" [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_MCP_CONFIG_0a8006bfb0fe5c73_EOF + GH_AW_MCP_CONFIG_bb1f0cafbbe1cb1d_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_941b56183c443bb3_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_842b86814d3951b5_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { }, @@ -1470,11 +1473,11 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_941b56183c443bb3_EOF + GH_AW_MCP_CONFIG_842b86814d3951b5_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_a33ef72f76e00fb2_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_437b3a290a0b2bfc_EOF model_provider = "openai-proxy" [model_providers.openai-proxy] name = "OpenAI AWF proxy" @@ -1484,7 +1487,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_CODEX_SHELL_POLICY_a33ef72f76e00fb2_EOF + GH_AW_CODEX_SHELL_POLICY_437b3a290a0b2bfc_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } diff --git a/.github/workflows/daily-otel-instrumentation-advisor.lock.yml b/.github/workflows/daily-otel-instrumentation-advisor.lock.yml index 4d191dc1d19..39a44a3cca6 100644 --- a/.github/workflows/daily-otel-instrumentation-advisor.lock.yml +++ b/.github/workflows/daily-otel-instrumentation-advisor.lock.yml @@ -100,6 +100,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -128,7 +130,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily OTel Instrumentation Advisor" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-otel-instrumentation-advisor.lock.yml@${{ github.ref }} @@ -165,7 +167,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily OTel Instrumentation Advisor" @@ -173,6 +175,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-performance-summary.lock.yml b/.github/workflows/daily-performance-summary.lock.yml index 7539b3aeedd..6ec770f49ff 100644 --- a/.github/workflows/daily-performance-summary.lock.yml +++ b/.github/workflows/daily-performance-summary.lock.yml @@ -98,6 +98,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -126,7 +128,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using MCP Scripts)" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-performance-summary.lock.yml@${{ github.ref }} @@ -163,7 +165,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Project Performance Summary Generator (Using MCP Scripts)" @@ -171,6 +173,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-regulatory.lock.yml b/.github/workflows/daily-regulatory.lock.yml index 7b20ab2ea8e..0af1efe6ddb 100644 --- a/.github/workflows/daily-regulatory.lock.yml +++ b/.github/workflows/daily-regulatory.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -120,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Regulatory Report Generator" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-regulatory.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Regulatory Report Generator" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-reliability-review.lock.yml b/.github/workflows/daily-reliability-review.lock.yml index cff6892c214..dd23e117cb1 100644 --- a/.github/workflows/daily-reliability-review.lock.yml +++ b/.github/workflows/daily-reliability-review.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -120,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Reliability Review" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-reliability-review.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Reliability Review" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-rendering-scripts-verifier.lock.yml b/.github/workflows/daily-rendering-scripts-verifier.lock.yml index 9f9634a5bc9..cfeee83d5db 100644 --- a/.github/workflows/daily-rendering-scripts-verifier.lock.yml +++ b/.github/workflows/daily-rendering-scripts-verifier.lock.yml @@ -104,6 +104,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -134,7 +136,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Rendering Scripts Verifier" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-rendering-scripts-verifier.lock.yml@${{ github.ref }} @@ -171,7 +173,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Rendering Scripts Verifier" @@ -179,6 +181,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-repo-chronicle.lock.yml b/.github/workflows/daily-repo-chronicle.lock.yml index a3cb87cadbe..3a6662ed6c4 100644 --- a/.github/workflows/daily-repo-chronicle.lock.yml +++ b/.github/workflows/daily-repo-chronicle.lock.yml @@ -96,6 +96,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +125,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "The Daily Repository Chronicle" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-repo-chronicle.lock.yml@${{ github.ref }} @@ -160,7 +162,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "The Daily Repository Chronicle" @@ -168,6 +170,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-safe-output-integrator.lock.yml b/.github/workflows/daily-safe-output-integrator.lock.yml index 9904ccc7906..c2120069ec4 100644 --- a/.github/workflows/daily-safe-output-integrator.lock.yml +++ b/.github/workflows/daily-safe-output-integrator.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -119,7 +121,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Safe Output Integrator" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-safe-output-integrator.lock.yml@${{ github.ref }} @@ -156,7 +158,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Safe Output Integrator" @@ -164,6 +166,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-safe-output-optimizer.lock.yml b/.github/workflows/daily-safe-output-optimizer.lock.yml index db3f8464b82..a4a50355801 100644 --- a/.github/workflows/daily-safe-output-optimizer.lock.yml +++ b/.github/workflows/daily-safe-output-optimizer.lock.yml @@ -102,6 +102,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -132,7 +134,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Safe Output Tool Optimizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-safe-output-optimizer.lock.yml@${{ github.ref }} @@ -169,7 +171,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Safe Output Tool Optimizer" @@ -177,6 +179,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-safe-outputs-conformance.lock.yml b/.github/workflows/daily-safe-outputs-conformance.lock.yml index 0f3a5bce21d..873f8fa4b4c 100644 --- a/.github/workflows/daily-safe-outputs-conformance.lock.yml +++ b/.github/workflows/daily-safe-outputs-conformance.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -120,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Safe Outputs Conformance Checker" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-safe-outputs-conformance.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Safe Outputs Conformance Checker" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-secrets-analysis.lock.yml b/.github/workflows/daily-secrets-analysis.lock.yml index 2cf8e8b357e..80075dd426c 100644 --- a/.github/workflows/daily-secrets-analysis.lock.yml +++ b/.github/workflows/daily-secrets-analysis.lock.yml @@ -91,6 +91,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -118,7 +120,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Secrets Analysis Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-secrets-analysis.lock.yml@${{ github.ref }} @@ -155,7 +157,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Secrets Analysis Agent" @@ -163,6 +165,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-security-observability.lock.yml b/.github/workflows/daily-security-observability.lock.yml index 57239bc24b3..1729902bb6c 100644 --- a/.github/workflows/daily-security-observability.lock.yml +++ b/.github/workflows/daily-security-observability.lock.yml @@ -106,6 +106,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -134,7 +136,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Security Observability Report" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-security-observability.lock.yml@${{ github.ref }} @@ -171,7 +173,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Security Observability Report" @@ -179,6 +181,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-security-red-team.lock.yml b/.github/workflows/daily-security-red-team.lock.yml index ef6a21496dd..2dcb92c9230 100644 --- a/.github/workflows/daily-security-red-team.lock.yml +++ b/.github/workflows/daily-security-red-team.lock.yml @@ -95,6 +95,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -125,7 +127,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Security Red Team Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-security-red-team.lock.yml@${{ github.ref }} @@ -162,7 +164,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Security Red Team Agent" @@ -170,6 +172,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-semgrep-scan.lock.yml b/.github/workflows/daily-semgrep-scan.lock.yml index 11f02a20ae1..f0ff0c40eae 100644 --- a/.github/workflows/daily-semgrep-scan.lock.yml +++ b/.github/workflows/daily-semgrep-scan.lock.yml @@ -91,6 +91,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -120,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Semgrep Scan" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-semgrep-scan.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Semgrep Scan" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-sentrux-report.lock.yml b/.github/workflows/daily-sentrux-report.lock.yml index bbc84104abb..85127280f86 100644 --- a/.github/workflows/daily-sentrux-report.lock.yml +++ b/.github/workflows/daily-sentrux-report.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -120,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Sentrux Report" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-sentrux-report.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Sentrux Report" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-skill-optimizer.lock.yml b/.github/workflows/daily-skill-optimizer.lock.yml index 0b764369b4e..5464d287da9 100644 --- a/.github/workflows/daily-skill-optimizer.lock.yml +++ b/.github/workflows/daily-skill-optimizer.lock.yml @@ -89,6 +89,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -117,7 +119,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Skill Optimizer Improvements" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-skill-optimizer.lock.yml@${{ github.ref }} @@ -154,7 +156,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Skill Optimizer Improvements" @@ -162,6 +164,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-spdd-spec-planner.lock.yml b/.github/workflows/daily-spdd-spec-planner.lock.yml index 7927b694474..715640df92c 100644 --- a/.github/workflows/daily-spdd-spec-planner.lock.yml +++ b/.github/workflows/daily-spdd-spec-planner.lock.yml @@ -94,6 +94,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -121,7 +123,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily SPDD Spec Planner" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-spdd-spec-planner.lock.yml@${{ github.ref }} @@ -158,7 +160,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily SPDD Spec Planner" @@ -166,6 +168,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-syntax-error-quality.lock.yml b/.github/workflows/daily-syntax-error-quality.lock.yml index ee680a83a0c..8d1b0fc3103 100644 --- a/.github/workflows/daily-syntax-error-quality.lock.yml +++ b/.github/workflows/daily-syntax-error-quality.lock.yml @@ -88,6 +88,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -115,7 +117,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Syntax Error Quality Check" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-syntax-error-quality.lock.yml@${{ github.ref }} @@ -152,7 +154,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Syntax Error Quality Check" @@ -160,6 +162,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-team-evolution-insights.lock.yml b/.github/workflows/daily-team-evolution-insights.lock.yml index b9738c35d02..0362d03f878 100644 --- a/.github/workflows/daily-team-evolution-insights.lock.yml +++ b/.github/workflows/daily-team-evolution-insights.lock.yml @@ -91,6 +91,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -119,7 +121,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Team Evolution Insights" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-team-evolution-insights.lock.yml@${{ github.ref }} @@ -156,7 +158,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Team Evolution Insights" @@ -164,6 +166,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-team-status.lock.yml b/.github/workflows/daily-team-status.lock.yml index d08accb0798..fb8ee73f96f 100644 --- a/.github/workflows/daily-team-status.lock.yml +++ b/.github/workflows/daily-team-status.lock.yml @@ -100,6 +100,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -130,7 +132,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Team Status" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-team-status.lock.yml@${{ github.ref }} @@ -170,7 +172,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Team Status" @@ -178,6 +180,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-testify-uber-super-expert.lock.yml b/.github/workflows/daily-testify-uber-super-expert.lock.yml index a7a2bc15b7e..226b9271e68 100644 --- a/.github/workflows/daily-testify-uber-super-expert.lock.yml +++ b/.github/workflows/daily-testify-uber-super-expert.lock.yml @@ -99,6 +99,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -128,7 +130,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Testify Uber Super Expert" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-testify-uber-super-expert.lock.yml@${{ github.ref }} @@ -165,7 +167,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Testify Uber Super Expert" @@ -173,6 +175,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-token-consumption-report.lock.yml b/.github/workflows/daily-token-consumption-report.lock.yml index daf82242523..db14001376c 100644 --- a/.github/workflows/daily-token-consumption-report.lock.yml +++ b/.github/workflows/daily-token-consumption-report.lock.yml @@ -94,6 +94,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -122,7 +124,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Token Consumption Report (Sentry OTel)" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-token-consumption-report.lock.yml@${{ github.ref }} @@ -159,7 +161,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Token Consumption Report (Sentry OTel)" @@ -167,6 +169,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/daily-workflow-updater.lock.yml b/.github/workflows/daily-workflow-updater.lock.yml index 24864909546..a8a31c60c84 100644 --- a/.github/workflows/daily-workflow-updater.lock.yml +++ b/.github/workflows/daily-workflow-updater.lock.yml @@ -89,6 +89,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -116,7 +118,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Daily Workflow Updater" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/daily-workflow-updater.lock.yml@${{ github.ref }} @@ -153,7 +155,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Daily Workflow Updater" @@ -161,6 +163,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/dataflow-pr-discussion-dataset.lock.yml b/.github/workflows/dataflow-pr-discussion-dataset.lock.yml index 91ccfab57d8..cb13400aa62 100644 --- a/.github/workflows/dataflow-pr-discussion-dataset.lock.yml +++ b/.github/workflows/dataflow-pr-discussion-dataset.lock.yml @@ -95,6 +95,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +125,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "DataFlow PR & Discussion Dataset Builder" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/dataflow-pr-discussion-dataset.lock.yml@${{ github.ref }} @@ -160,7 +162,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "DataFlow PR & Discussion Dataset Builder" @@ -168,6 +170,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/dead-code-remover.lock.yml b/.github/workflows/dead-code-remover.lock.yml index a542bb62719..799a96b2b89 100644 --- a/.github/workflows/dead-code-remover.lock.yml +++ b/.github/workflows/dead-code-remover.lock.yml @@ -98,6 +98,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -127,7 +129,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Dead Code Removal Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/dead-code-remover.lock.yml@${{ github.ref }} @@ -164,7 +166,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Dead Code Removal Agent" @@ -172,6 +174,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/deep-report.lock.yml b/.github/workflows/deep-report.lock.yml index 53bbebc01c7..8403c181fa6 100644 --- a/.github/workflows/deep-report.lock.yml +++ b/.github/workflows/deep-report.lock.yml @@ -100,6 +100,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -130,7 +132,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "DeepReport - Intelligence Gathering Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/deep-report.lock.yml@${{ github.ref }} @@ -167,7 +169,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "DeepReport - Intelligence Gathering Agent" @@ -175,6 +177,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/delight.lock.yml b/.github/workflows/delight.lock.yml index 3137df5ea26..b9abec3d3cc 100644 --- a/.github/workflows/delight.lock.yml +++ b/.github/workflows/delight.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -119,7 +121,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Delight" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/delight.lock.yml@${{ github.ref }} @@ -156,7 +158,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Delight" @@ -164,6 +166,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/dependabot-burner.lock.yml b/.github/workflows/dependabot-burner.lock.yml index 94582b0b8e4..d909f8c6489 100644 --- a/.github/workflows/dependabot-burner.lock.yml +++ b/.github/workflows/dependabot-burner.lock.yml @@ -88,6 +88,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -116,7 +118,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Dependabot Burner" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/dependabot-burner.lock.yml@${{ github.ref }} @@ -153,7 +155,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Dependabot Burner" @@ -161,6 +163,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/dependabot-campaign.lock.yml b/.github/workflows/dependabot-campaign.lock.yml index dc36d32b0dc..c53af4f0fa6 100644 --- a/.github/workflows/dependabot-campaign.lock.yml +++ b/.github/workflows/dependabot-campaign.lock.yml @@ -96,6 +96,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -124,7 +126,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Dependabot Campaign" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/dependabot-campaign.lock.yml@${{ github.ref }} @@ -161,7 +163,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Dependabot Campaign" @@ -169,6 +171,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/dependabot-go-checker.lock.yml b/.github/workflows/dependabot-go-checker.lock.yml index 28b8ccb2e10..b601940f65b 100644 --- a/.github/workflows/dependabot-go-checker.lock.yml +++ b/.github/workflows/dependabot-go-checker.lock.yml @@ -88,6 +88,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -118,7 +120,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Dependabot Dependency Checker" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/dependabot-go-checker.lock.yml@${{ github.ref }} @@ -155,7 +157,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Dependabot Dependency Checker" @@ -163,6 +165,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/dependabot-repair.lock.yml b/.github/workflows/dependabot-repair.lock.yml index 1badd300ce9..26ae83ab173 100644 --- a/.github/workflows/dependabot-repair.lock.yml +++ b/.github/workflows/dependabot-repair.lock.yml @@ -90,6 +90,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -123,7 +125,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Dependabot Local Repair" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/dependabot-repair.lock.yml@${{ github.ref }} @@ -163,7 +165,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Dependabot Local Repair" @@ -171,6 +173,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/dependabot-worker.lock.yml b/.github/workflows/dependabot-worker.lock.yml index d40b6b1e805..7b1ad61f8ed 100644 --- a/.github/workflows/dependabot-worker.lock.yml +++ b/.github/workflows/dependabot-worker.lock.yml @@ -154,6 +154,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: artifact_prefix: ${{ steps.artifact-prefix.outputs.prefix }} comment_id: "" @@ -189,7 +191,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Dependabot Worker" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/dependabot-worker.lock.yml@${{ github.ref }} @@ -247,7 +249,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Dependabot Worker" @@ -255,6 +257,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/deployment-incident-monitor.lock.yml b/.github/workflows/deployment-incident-monitor.lock.yml index 865ad25095a..1ff5db129ab 100644 --- a/.github/workflows/deployment-incident-monitor.lock.yml +++ b/.github/workflows/deployment-incident-monitor.lock.yml @@ -89,6 +89,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -119,7 +121,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Deployment Incident Monitor" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/deployment-incident-monitor.lock.yml@${{ github.ref }} @@ -156,7 +158,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Deployment Incident Monitor" @@ -164,6 +166,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/design-decision-gate.lock.yml b/.github/workflows/design-decision-gate.lock.yml index 932c4465dfa..c43c1db2db5 100644 --- a/.github/workflows/design-decision-gate.lock.yml +++ b/.github/workflows/design-decision-gate.lock.yml @@ -104,6 +104,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -139,7 +141,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Design Decision Gate 🏗️" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/design-decision-gate.lock.yml@${{ github.ref }} @@ -176,7 +178,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Design Decision Gate 🏗️" @@ -184,6 +186,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/designer-drift-audit.lock.yml b/.github/workflows/designer-drift-audit.lock.yml index a632a3f9160..61af24d4544 100644 --- a/.github/workflows/designer-drift-audit.lock.yml +++ b/.github/workflows/designer-drift-audit.lock.yml @@ -73,6 +73,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -101,7 +103,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Designer Drift Audit" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/designer-drift-audit.lock.yml@${{ github.ref }} @@ -136,7 +138,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Designer Drift Audit" @@ -144,6 +146,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/dev-hawk.lock.yml b/.github/workflows/dev-hawk.lock.yml index 8bcaef81527..da7e5002f65 100644 --- a/.github/workflows/dev-hawk.lock.yml +++ b/.github/workflows/dev-hawk.lock.yml @@ -97,6 +97,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -126,7 +128,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Dev Hawk" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/dev-hawk.lock.yml@${{ github.ref }} @@ -163,7 +165,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Dev Hawk" @@ -171,6 +173,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/dev.lock.yml b/.github/workflows/dev.lock.yml index ec039709dc4..bb2d5b63024 100644 --- a/.github/workflows/dev.lock.yml +++ b/.github/workflows/dev.lock.yml @@ -103,6 +103,8 @@ jobs: contents: read discussions: write issues: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: ${{ steps.add-comment.outputs.comment-id }} comment_repo: ${{ steps.add-comment.outputs.comment-repo }} @@ -135,7 +137,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Dev" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/dev.lock.yml@${{ github.ref }} @@ -172,7 +174,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Dev" @@ -180,6 +182,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -1417,18 +1420,18 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_72303743ce961b72_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_86c81fcfb5192d66_EOF [history] persistence = "none" [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_MCP_CONFIG_72303743ce961b72_EOF + GH_AW_MCP_CONFIG_86c81fcfb5192d66_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_a29d40eb949c81ff_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_1490c4cb63515fe5_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { }, @@ -1439,11 +1442,11 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_a29d40eb949c81ff_EOF + GH_AW_MCP_CONFIG_1490c4cb63515fe5_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_749347536f9bd0ab_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_45e656bf5518fa87_EOF model_provider = "openai-proxy" [model_providers.openai-proxy] name = "OpenAI AWF proxy" @@ -1453,7 +1456,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_CODEX_SHELL_POLICY_749347536f9bd0ab_EOF + GH_AW_CODEX_SHELL_POLICY_45e656bf5518fa87_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } diff --git a/.github/workflows/developer-docs-consolidator.lock.yml b/.github/workflows/developer-docs-consolidator.lock.yml index 9adac88b672..be3c2342fb4 100644 --- a/.github/workflows/developer-docs-consolidator.lock.yml +++ b/.github/workflows/developer-docs-consolidator.lock.yml @@ -98,6 +98,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -126,7 +128,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Developer Documentation Consolidator" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/developer-docs-consolidator.lock.yml@${{ github.ref }} @@ -163,7 +165,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Developer Documentation Consolidator" @@ -171,6 +173,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/dictation-prompt.lock.yml b/.github/workflows/dictation-prompt.lock.yml index f68c24b4897..bdc01068c06 100644 --- a/.github/workflows/dictation-prompt.lock.yml +++ b/.github/workflows/dictation-prompt.lock.yml @@ -90,6 +90,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -117,7 +119,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Dictation Prompt Generator" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/dictation-prompt.lock.yml@${{ github.ref }} @@ -154,7 +156,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Dictation Prompt Generator" @@ -162,6 +164,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/discussion-task-miner.lock.yml b/.github/workflows/discussion-task-miner.lock.yml index f1286a4e61b..90ffdd850b1 100644 --- a/.github/workflows/discussion-task-miner.lock.yml +++ b/.github/workflows/discussion-task-miner.lock.yml @@ -91,6 +91,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -118,7 +120,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Discussion Task Miner - Code Quality Improvement Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/discussion-task-miner.lock.yml@${{ github.ref }} @@ -155,7 +157,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Discussion Task Miner - Code Quality Improvement Agent" @@ -163,6 +165,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/docs-noob-tester.lock.yml b/.github/workflows/docs-noob-tester.lock.yml index 61bf5a11c0b..33275c9f9ea 100644 --- a/.github/workflows/docs-noob-tester.lock.yml +++ b/.github/workflows/docs-noob-tester.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -119,7 +121,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Documentation Noob Tester" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/docs-noob-tester.lock.yml@${{ github.ref }} @@ -156,7 +158,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Documentation Noob Tester" @@ -164,6 +166,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/draft-pr-cleanup.lock.yml b/.github/workflows/draft-pr-cleanup.lock.yml index 033aac12d57..d22fad8c494 100644 --- a/.github/workflows/draft-pr-cleanup.lock.yml +++ b/.github/workflows/draft-pr-cleanup.lock.yml @@ -88,6 +88,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -115,7 +117,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Draft PR Cleanup" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/draft-pr-cleanup.lock.yml@${{ github.ref }} @@ -152,7 +154,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Draft PR Cleanup" @@ -160,6 +162,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/duplicate-code-detector.lock.yml b/.github/workflows/duplicate-code-detector.lock.yml index 5b23369aa9b..f402a7d94ac 100644 --- a/.github/workflows/duplicate-code-detector.lock.yml +++ b/.github/workflows/duplicate-code-detector.lock.yml @@ -95,6 +95,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +125,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Duplicate Code Detector" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/duplicate-code-detector.lock.yml@${{ github.ref }} @@ -160,7 +162,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Duplicate Code Detector" @@ -168,6 +170,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -1442,18 +1445,18 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_eb0efc3c73cd8f3a_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_4ef6d36f9d9ff019_EOF [history] persistence = "none" [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_MCP_CONFIG_eb0efc3c73cd8f3a_EOF + GH_AW_MCP_CONFIG_4ef6d36f9d9ff019_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_9b24e0d3059a5d99_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_58471b4a558a5361_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { }, @@ -1464,11 +1467,11 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_9b24e0d3059a5d99_EOF + GH_AW_MCP_CONFIG_58471b4a558a5361_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_cc98310a623d1344_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_df273923202dd37e_EOF model_provider = "openai-proxy" [model_providers.openai-proxy] name = "OpenAI AWF proxy" @@ -1478,7 +1481,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_CODEX_SHELL_POLICY_cc98310a623d1344_EOF + GH_AW_CODEX_SHELL_POLICY_df273923202dd37e_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } diff --git a/.github/workflows/example-permissions-warning.lock.yml b/.github/workflows/example-permissions-warning.lock.yml index ab2da0b7d0b..2ea4d2c6d94 100644 --- a/.github/workflows/example-permissions-warning.lock.yml +++ b/.github/workflows/example-permissions-warning.lock.yml @@ -84,6 +84,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -112,7 +114,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Example: Properly Provisioned Permissions" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/example-permissions-warning.lock.yml@${{ github.ref }} @@ -149,7 +151,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Example: Properly Provisioned Permissions" @@ -157,6 +159,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/example-workflow-analyzer.lock.yml b/.github/workflows/example-workflow-analyzer.lock.yml index 2e5c4cb95c9..143096da918 100644 --- a/.github/workflows/example-workflow-analyzer.lock.yml +++ b/.github/workflows/example-workflow-analyzer.lock.yml @@ -96,6 +96,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -124,7 +126,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Weekly Workflow Analysis" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/example-workflow-analyzer.lock.yml@${{ github.ref }} @@ -161,7 +163,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Weekly Workflow Analysis" @@ -169,6 +171,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/firewall-escape.lock.yml b/.github/workflows/firewall-escape.lock.yml index f8b85b0e1e5..80ac1138697 100644 --- a/.github/workflows/firewall-escape.lock.yml +++ b/.github/workflows/firewall-escape.lock.yml @@ -100,6 +100,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -132,7 +134,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "The Great Escapi" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/firewall-escape.lock.yml@${{ github.ref }} @@ -169,7 +171,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "The Great Escapi" @@ -177,6 +179,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/firewall.lock.yml b/.github/workflows/firewall.lock.yml index 92287763955..edf9cfd75c0 100644 --- a/.github/workflows/firewall.lock.yml +++ b/.github/workflows/firewall.lock.yml @@ -84,6 +84,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -112,7 +114,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Firewall Test Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/firewall.lock.yml@${{ github.ref }} @@ -149,7 +151,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Firewall Test Agent" @@ -157,6 +159,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/functional-pragmatist.lock.yml b/.github/workflows/functional-pragmatist.lock.yml index 990df7ae157..68e35c17021 100644 --- a/.github/workflows/functional-pragmatist.lock.yml +++ b/.github/workflows/functional-pragmatist.lock.yml @@ -89,6 +89,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -117,7 +119,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Functional Pragmatist" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/functional-pragmatist.lock.yml@${{ github.ref }} @@ -154,7 +156,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Functional Pragmatist" @@ -162,6 +164,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/github-mcp-structural-analysis.lock.yml b/.github/workflows/github-mcp-structural-analysis.lock.yml index 9848c1d390c..e867146ca11 100644 --- a/.github/workflows/github-mcp-structural-analysis.lock.yml +++ b/.github/workflows/github-mcp-structural-analysis.lock.yml @@ -95,6 +95,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +125,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "GitHub MCP Structural Analysis" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/github-mcp-structural-analysis.lock.yml@${{ github.ref }} @@ -160,7 +162,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "GitHub MCP Structural Analysis" @@ -168,6 +170,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/github-mcp-tools-report.lock.yml b/.github/workflows/github-mcp-tools-report.lock.yml index f7ec01cda89..6ef5608b246 100644 --- a/.github/workflows/github-mcp-tools-report.lock.yml +++ b/.github/workflows/github-mcp-tools-report.lock.yml @@ -93,6 +93,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -121,7 +123,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "GitHub MCP Remote Server Tools Report Generator" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/github-mcp-tools-report.lock.yml@${{ github.ref }} @@ -158,7 +160,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "GitHub MCP Remote Server Tools Report Generator" @@ -166,6 +168,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/github-remote-mcp-auth-test.lock.yml b/.github/workflows/github-remote-mcp-auth-test.lock.yml index 56f0333390d..69cdfa30b42 100644 --- a/.github/workflows/github-remote-mcp-auth-test.lock.yml +++ b/.github/workflows/github-remote-mcp-auth-test.lock.yml @@ -90,6 +90,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -118,7 +120,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "GitHub Remote MCP Authentication Test" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/github-remote-mcp-auth-test.lock.yml@${{ github.ref }} @@ -155,7 +157,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "GitHub Remote MCP Authentication Test" @@ -163,6 +165,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/glossary-maintainer.lock.yml b/.github/workflows/glossary-maintainer.lock.yml index 807158c985f..2ea1aca6378 100644 --- a/.github/workflows/glossary-maintainer.lock.yml +++ b/.github/workflows/glossary-maintainer.lock.yml @@ -97,6 +97,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -125,7 +127,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Glossary Maintainer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/glossary-maintainer.lock.yml@${{ github.ref }} @@ -162,7 +164,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Glossary Maintainer" @@ -170,6 +172,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/go-fan.lock.yml b/.github/workflows/go-fan.lock.yml index 265a4b2042c..627c9e0d277 100644 --- a/.github/workflows/go-fan.lock.yml +++ b/.github/workflows/go-fan.lock.yml @@ -98,6 +98,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -126,7 +128,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Go Fan" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/go-fan.lock.yml@${{ github.ref }} @@ -163,7 +165,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Go Fan" @@ -171,6 +173,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/go-logger.lock.yml b/.github/workflows/go-logger.lock.yml index b95c842341d..04511fe7f52 100644 --- a/.github/workflows/go-logger.lock.yml +++ b/.github/workflows/go-logger.lock.yml @@ -94,6 +94,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -122,7 +124,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Go Logger Enhancement" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/go-logger.lock.yml@${{ github.ref }} @@ -159,7 +161,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Go Logger Enhancement" @@ -167,6 +169,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/go-pattern-detector.lock.yml b/.github/workflows/go-pattern-detector.lock.yml index 052cf83942b..2520a38650a 100644 --- a/.github/workflows/go-pattern-detector.lock.yml +++ b/.github/workflows/go-pattern-detector.lock.yml @@ -91,6 +91,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -119,7 +121,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Go Pattern Detector" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/go-pattern-detector.lock.yml@${{ github.ref }} @@ -156,7 +158,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Go Pattern Detector" @@ -164,6 +166,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/gpclean.lock.yml b/.github/workflows/gpclean.lock.yml index f624103eaed..2918e84fef1 100644 --- a/.github/workflows/gpclean.lock.yml +++ b/.github/workflows/gpclean.lock.yml @@ -91,6 +91,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -121,7 +123,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "GPL Dependency Cleaner (gpclean)" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/gpclean.lock.yml@${{ github.ref }} @@ -158,7 +160,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "GPL Dependency Cleaner (gpclean)" @@ -166,6 +168,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/grumpy-reviewer.lock.yml b/.github/workflows/grumpy-reviewer.lock.yml index 8c4fee8a8bd..23ca9a82bca 100644 --- a/.github/workflows/grumpy-reviewer.lock.yml +++ b/.github/workflows/grumpy-reviewer.lock.yml @@ -92,6 +92,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -127,7 +129,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Grumpy Code Reviewer 🔥" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/grumpy-reviewer.lock.yml@${{ github.ref }} @@ -164,7 +166,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Grumpy Code Reviewer 🔥" @@ -172,6 +174,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -1474,18 +1477,18 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_1973083e51e79276_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_1107f089055c28d7_EOF [history] persistence = "none" [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_MCP_CONFIG_1973083e51e79276_EOF + GH_AW_MCP_CONFIG_1107f089055c28d7_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_c16ef4da91c90d7e_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_f8d8ff5335541afb_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { }, @@ -1496,11 +1499,11 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_c16ef4da91c90d7e_EOF + GH_AW_MCP_CONFIG_f8d8ff5335541afb_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_3e8f94fa91ed12a1_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_5c37ecb7611ff873_EOF model_provider = "openai-proxy" [model_providers.openai-proxy] name = "OpenAI AWF proxy" @@ -1510,7 +1513,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_CODEX_SHELL_POLICY_3e8f94fa91ed12a1_EOF + GH_AW_CODEX_SHELL_POLICY_5c37ecb7611ff873_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } diff --git a/.github/workflows/hippo-embed.lock.yml b/.github/workflows/hippo-embed.lock.yml index 515412c03ef..36b6f1990fb 100644 --- a/.github/workflows/hippo-embed.lock.yml +++ b/.github/workflows/hippo-embed.lock.yml @@ -88,6 +88,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -115,7 +117,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Hippo Embed" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/hippo-embed.lock.yml@${{ github.ref }} @@ -152,7 +154,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Hippo Embed" @@ -160,6 +162,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/hourly-ci-cleaner.lock.yml b/.github/workflows/hourly-ci-cleaner.lock.yml index c5150c83671..549812f6db6 100644 --- a/.github/workflows/hourly-ci-cleaner.lock.yml +++ b/.github/workflows/hourly-ci-cleaner.lock.yml @@ -91,6 +91,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -119,7 +121,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "CI Cleaner" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/hourly-ci-cleaner.lock.yml@${{ github.ref }} @@ -156,7 +158,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "CI Cleaner" @@ -164,6 +166,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/instructions-janitor.lock.yml b/.github/workflows/instructions-janitor.lock.yml index 7430c4eaf92..53ba37144fa 100644 --- a/.github/workflows/instructions-janitor.lock.yml +++ b/.github/workflows/instructions-janitor.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -120,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Instructions Janitor" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/instructions-janitor.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Instructions Janitor" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/issue-arborist.lock.yml b/.github/workflows/issue-arborist.lock.yml index 9f926e28cba..7fc1f905b93 100644 --- a/.github/workflows/issue-arborist.lock.yml +++ b/.github/workflows/issue-arborist.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -122,7 +124,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Issue Arborist" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/issue-arborist.lock.yml@${{ github.ref }} @@ -158,7 +160,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Issue Arborist" @@ -166,6 +168,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -1490,18 +1493,18 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_58a0280c553063ba_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_bbd2600f3fdded20_EOF [history] persistence = "none" [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_MCP_CONFIG_58a0280c553063ba_EOF + GH_AW_MCP_CONFIG_bbd2600f3fdded20_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_aa123ada17b7d618_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_5d7bc464a1da67c6_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { }, @@ -1512,11 +1515,11 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_aa123ada17b7d618_EOF + GH_AW_MCP_CONFIG_5d7bc464a1da67c6_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_c935d5544a857023_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_f07054cccd7f67e7_EOF model_provider = "openai-proxy" [model_providers.openai-proxy] name = "OpenAI AWF proxy" @@ -1526,7 +1529,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_CODEX_SHELL_POLICY_c935d5544a857023_EOF + GH_AW_CODEX_SHELL_POLICY_f07054cccd7f67e7_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml index df3fd508299..0538571d28d 100644 --- a/.github/workflows/issue-monster.lock.yml +++ b/.github/workflows/issue-monster.lock.yml @@ -477,6 +477,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -507,7 +509,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Issue Monster" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/issue-monster.lock.yml@${{ github.ref }} @@ -544,7 +546,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Issue Monster" @@ -552,6 +554,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/issue-triage-agent.lock.yml b/.github/workflows/issue-triage-agent.lock.yml index c62dbb13d56..9cb58daa62b 100644 --- a/.github/workflows/issue-triage-agent.lock.yml +++ b/.github/workflows/issue-triage-agent.lock.yml @@ -88,6 +88,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -116,7 +118,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Issue Triage Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/issue-triage-agent.lock.yml@${{ github.ref }} @@ -153,7 +155,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Issue Triage Agent" @@ -161,6 +163,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/jsweep.lock.yml b/.github/workflows/jsweep.lock.yml index 5b317c4d4b8..913c436c701 100644 --- a/.github/workflows/jsweep.lock.yml +++ b/.github/workflows/jsweep.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -120,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "jsweep - JavaScript Unbloater" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/jsweep.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "jsweep - JavaScript Unbloater" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/layout-spec-maintainer.lock.yml b/.github/workflows/layout-spec-maintainer.lock.yml index b8dc7bef384..9e4a158c719 100644 --- a/.github/workflows/layout-spec-maintainer.lock.yml +++ b/.github/workflows/layout-spec-maintainer.lock.yml @@ -93,6 +93,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -121,7 +123,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Layout Specification Maintainer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/layout-spec-maintainer.lock.yml@${{ github.ref }} @@ -158,7 +160,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Layout Specification Maintainer" @@ -166,6 +168,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/lint-monster.lock.yml b/.github/workflows/lint-monster.lock.yml index 6c6e9702d60..37bc924c9bf 100644 --- a/.github/workflows/lint-monster.lock.yml +++ b/.github/workflows/lint-monster.lock.yml @@ -90,6 +90,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -118,7 +120,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "LintMonster" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/lint-monster.lock.yml@${{ github.ref }} @@ -155,7 +157,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "LintMonster" @@ -163,6 +165,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/linter-miner.lock.yml b/.github/workflows/linter-miner.lock.yml index c79b8b20623..626a060a35a 100644 --- a/.github/workflows/linter-miner.lock.yml +++ b/.github/workflows/linter-miner.lock.yml @@ -94,6 +94,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -121,7 +123,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Linter Miner" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/linter-miner.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Linter Miner" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/lockfile-stats.lock.yml b/.github/workflows/lockfile-stats.lock.yml index 86f65b125a0..a8baadf9298 100644 --- a/.github/workflows/lockfile-stats.lock.yml +++ b/.github/workflows/lockfile-stats.lock.yml @@ -93,6 +93,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -121,7 +123,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Lockfile Statistics Analysis Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/lockfile-stats.lock.yml@${{ github.ref }} @@ -158,7 +160,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Lockfile Statistics Analysis Agent" @@ -166,6 +168,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/mattpocock-skills-reviewer.lock.yml b/.github/workflows/mattpocock-skills-reviewer.lock.yml index 49307819706..eb74203bd04 100644 --- a/.github/workflows/mattpocock-skills-reviewer.lock.yml +++ b/.github/workflows/mattpocock-skills-reviewer.lock.yml @@ -95,6 +95,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -130,7 +132,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Matt Pocock Skills Reviewer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/mattpocock-skills-reviewer.lock.yml@${{ github.ref }} @@ -167,7 +169,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Matt Pocock Skills Reviewer" @@ -175,6 +177,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/mcp-inspector.lock.yml b/.github/workflows/mcp-inspector.lock.yml index 80474930286..24eaebcaa23 100644 --- a/.github/workflows/mcp-inspector.lock.yml +++ b/.github/workflows/mcp-inspector.lock.yml @@ -137,6 +137,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -165,7 +167,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "MCP Inspector Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/mcp-inspector.lock.yml@${{ github.ref }} @@ -202,7 +204,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "MCP Inspector Agent" @@ -210,6 +212,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/mergefest.lock.yml b/.github/workflows/mergefest.lock.yml index 027d7d3ecc2..5c01975a30b 100644 --- a/.github/workflows/mergefest.lock.yml +++ b/.github/workflows/mergefest.lock.yml @@ -91,6 +91,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -126,7 +128,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Mergefest" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/mergefest.lock.yml@${{ github.ref }} @@ -163,7 +165,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Mergefest" @@ -171,6 +173,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/metrics-collector.lock.yml b/.github/workflows/metrics-collector.lock.yml index 1a68e57d874..b73b4eca7b3 100644 --- a/.github/workflows/metrics-collector.lock.yml +++ b/.github/workflows/metrics-collector.lock.yml @@ -93,6 +93,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -121,7 +123,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Metrics Collector - Infrastructure Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/metrics-collector.lock.yml@${{ github.ref }} @@ -158,7 +160,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Metrics Collector - Infrastructure Agent" @@ -166,6 +168,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/necromancer.lock.yml b/.github/workflows/necromancer.lock.yml index a8d9aae2054..7c9cf155e76 100644 --- a/.github/workflows/necromancer.lock.yml +++ b/.github/workflows/necromancer.lock.yml @@ -99,6 +99,8 @@ jobs: actions: read contents: read issues: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -134,7 +136,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Necromancer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/necromancer.lock.yml@${{ github.ref }} @@ -171,7 +173,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Necromancer" @@ -179,6 +181,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -1453,18 +1456,18 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_f14801b40802671e_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_fa0a103927587fe9_EOF [history] persistence = "none" [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_MCP_CONFIG_f14801b40802671e_EOF + GH_AW_MCP_CONFIG_fa0a103927587fe9_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_12de89fc1b6de5bf_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_84c5e8fd7089c45a_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { }, @@ -1475,11 +1478,11 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_12de89fc1b6de5bf_EOF + GH_AW_MCP_CONFIG_84c5e8fd7089c45a_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_12b1c5af4f7416e2_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_0443d61f468ec1b7_EOF model_provider = "openai-proxy" [model_providers.openai-proxy] name = "OpenAI AWF proxy" @@ -1489,7 +1492,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_CODEX_SHELL_POLICY_12b1c5af4f7416e2_EOF + GH_AW_CODEX_SHELL_POLICY_0443d61f468ec1b7_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } diff --git a/.github/workflows/notion-issue-summary.lock.yml b/.github/workflows/notion-issue-summary.lock.yml index 923fd4c3f9c..6c97fdb2266 100644 --- a/.github/workflows/notion-issue-summary.lock.yml +++ b/.github/workflows/notion-issue-summary.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -120,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Issue Summary to Notion" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/notion-issue-summary.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Issue Summary to Notion" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/org-health-report.lock.yml b/.github/workflows/org-health-report.lock.yml index c0687d58335..3683f46b30f 100644 --- a/.github/workflows/org-health-report.lock.yml +++ b/.github/workflows/org-health-report.lock.yml @@ -95,6 +95,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +125,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Organization Health Report" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/org-health-report.lock.yml@${{ github.ref }} @@ -160,7 +162,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Organization Health Report" @@ -168,6 +170,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/otlp-data-quality-validator.lock.yml b/.github/workflows/otlp-data-quality-validator.lock.yml index 28c6b88ab87..26ab89fc036 100644 --- a/.github/workflows/otlp-data-quality-validator.lock.yml +++ b/.github/workflows/otlp-data-quality-validator.lock.yml @@ -90,6 +90,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -118,7 +120,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "OTLP Data Quality Validator" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/otlp-data-quality-validator.lock.yml@${{ github.ref }} @@ -155,7 +157,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "OTLP Data Quality Validator" @@ -163,6 +165,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/outcome-collector.lock.yml b/.github/workflows/outcome-collector.lock.yml index 1c413f9e987..dd75eacc747 100644 --- a/.github/workflows/outcome-collector.lock.yml +++ b/.github/workflows/outcome-collector.lock.yml @@ -91,6 +91,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -119,7 +121,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Outcome Collector" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/outcome-collector.lock.yml@${{ github.ref }} @@ -156,7 +158,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Outcome Collector" @@ -164,6 +166,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/pdf-summary.lock.yml b/.github/workflows/pdf-summary.lock.yml index fdbbfe19a3b..561fbb5b34f 100644 --- a/.github/workflows/pdf-summary.lock.yml +++ b/.github/workflows/pdf-summary.lock.yml @@ -103,6 +103,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -138,7 +140,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Resource Summarizer Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/pdf-summary.lock.yml@${{ github.ref }} @@ -175,7 +177,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Resource Summarizer Agent" @@ -183,6 +185,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/plan.lock.yml b/.github/workflows/plan.lock.yml index 94ea7a28f6a..94f849fc1b9 100644 --- a/.github/workflows/plan.lock.yml +++ b/.github/workflows/plan.lock.yml @@ -90,6 +90,8 @@ jobs: discussions: write issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -125,7 +127,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Plan Command" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/plan.lock.yml@${{ github.ref }} @@ -162,7 +164,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Plan Command" @@ -170,6 +172,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/poem-bot.lock.yml b/.github/workflows/poem-bot.lock.yml index 7a401698097..4f324256234 100644 --- a/.github/workflows/poem-bot.lock.yml +++ b/.github/workflows/poem-bot.lock.yml @@ -100,6 +100,8 @@ jobs: actions: read contents: read issues: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -135,7 +137,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Poem Bot - A Creative Agentic Workflow" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/poem-bot.lock.yml@${{ github.ref }} @@ -172,7 +174,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Poem Bot - A Creative Agentic Workflow" @@ -180,6 +182,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/pr-code-quality-reviewer.lock.yml b/.github/workflows/pr-code-quality-reviewer.lock.yml index fc52e751680..ef98d74cfef 100644 --- a/.github/workflows/pr-code-quality-reviewer.lock.yml +++ b/.github/workflows/pr-code-quality-reviewer.lock.yml @@ -95,6 +95,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -130,7 +132,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "PR Code Quality Reviewer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/pr-code-quality-reviewer.lock.yml@${{ github.ref }} @@ -167,7 +169,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "PR Code Quality Reviewer" @@ -175,6 +177,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/pr-description-caveman.lock.yml b/.github/workflows/pr-description-caveman.lock.yml index 4792e88029e..a7b78cc31a7 100644 --- a/.github/workflows/pr-description-caveman.lock.yml +++ b/.github/workflows/pr-description-caveman.lock.yml @@ -71,6 +71,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -104,7 +106,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "PR Description Updater" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/pr-description-caveman.lock.yml@${{ github.ref }} @@ -138,7 +140,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "PR Description Updater" @@ -146,6 +148,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/pr-nitpick-reviewer.lock.yml b/.github/workflows/pr-nitpick-reviewer.lock.yml index 3897f07860b..3deb10c2503 100644 --- a/.github/workflows/pr-nitpick-reviewer.lock.yml +++ b/.github/workflows/pr-nitpick-reviewer.lock.yml @@ -92,6 +92,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -127,7 +129,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "PR Nitpick Reviewer 🔍" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/pr-nitpick-reviewer.lock.yml@${{ github.ref }} @@ -164,7 +166,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "PR Nitpick Reviewer 🔍" @@ -172,6 +174,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/pr-sous-chef.lock.yml b/.github/workflows/pr-sous-chef.lock.yml index c86881fb917..88912362510 100644 --- a/.github/workflows/pr-sous-chef.lock.yml +++ b/.github/workflows/pr-sous-chef.lock.yml @@ -93,6 +93,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -122,7 +124,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "PR Sous Chef" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/pr-sous-chef.lock.yml@${{ github.ref }} @@ -159,7 +161,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "PR Sous Chef" @@ -167,6 +169,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/pr-triage-agent.lock.yml b/.github/workflows/pr-triage-agent.lock.yml index 0785890eda9..4252342d888 100644 --- a/.github/workflows/pr-triage-agent.lock.yml +++ b/.github/workflows/pr-triage-agent.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -120,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "PR Triage Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/pr-triage-agent.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "PR Triage Agent" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/prompt-clustering-analysis.lock.yml b/.github/workflows/prompt-clustering-analysis.lock.yml index 42e0ac12593..3dd9e225ee4 100644 --- a/.github/workflows/prompt-clustering-analysis.lock.yml +++ b/.github/workflows/prompt-clustering-analysis.lock.yml @@ -107,6 +107,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -135,7 +137,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Copilot Agent Prompt Clustering Analysis" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/prompt-clustering-analysis.lock.yml@${{ github.ref }} @@ -172,7 +174,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Copilot Agent Prompt Clustering Analysis" @@ -180,6 +182,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/python-data-charts.lock.yml b/.github/workflows/python-data-charts.lock.yml index 9c60abd8945..60a785e94a8 100644 --- a/.github/workflows/python-data-charts.lock.yml +++ b/.github/workflows/python-data-charts.lock.yml @@ -94,6 +94,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -122,7 +124,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Python Data Visualization Generator" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/python-data-charts.lock.yml@${{ github.ref }} @@ -159,7 +161,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Python Data Visualization Generator" @@ -167,6 +169,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/q.lock.yml b/.github/workflows/q.lock.yml index b48c700a104..7b138271cd7 100644 --- a/.github/workflows/q.lock.yml +++ b/.github/workflows/q.lock.yml @@ -117,6 +117,8 @@ jobs: discussions: write issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -152,7 +154,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Q" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/q.lock.yml@${{ github.ref }} @@ -189,7 +191,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Q" @@ -197,6 +199,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/refactoring-cadence.lock.yml b/.github/workflows/refactoring-cadence.lock.yml index 566f2304e67..6be4d11794b 100644 --- a/.github/workflows/refactoring-cadence.lock.yml +++ b/.github/workflows/refactoring-cadence.lock.yml @@ -96,6 +96,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -125,7 +127,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Refactoring Cadence" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/refactoring-cadence.lock.yml@${{ github.ref }} @@ -162,7 +164,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Refactoring Cadence" @@ -170,6 +172,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/refiner.lock.yml b/.github/workflows/refiner.lock.yml index 32c0b05268d..62026d012b6 100644 --- a/.github/workflows/refiner.lock.yml +++ b/.github/workflows/refiner.lock.yml @@ -104,6 +104,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -137,7 +139,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Code Refiner" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/refiner.lock.yml@${{ github.ref }} @@ -174,7 +176,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Code Refiner" @@ -182,6 +184,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/release.lock.yml b/.github/workflows/release.lock.yml index 1437809f8a2..9372655e3b5 100644 --- a/.github/workflows/release.lock.yml +++ b/.github/workflows/release.lock.yml @@ -105,6 +105,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -135,7 +137,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Release" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/release.lock.yml@${{ github.ref }} @@ -172,7 +174,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Release" @@ -180,6 +182,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/repo-audit-analyzer.lock.yml b/.github/workflows/repo-audit-analyzer.lock.yml index b868028dc32..25886943e15 100644 --- a/.github/workflows/repo-audit-analyzer.lock.yml +++ b/.github/workflows/repo-audit-analyzer.lock.yml @@ -95,6 +95,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +125,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Repository Audit & Agentic Workflow Opportunity Analyzer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/repo-audit-analyzer.lock.yml@${{ github.ref }} @@ -160,7 +162,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Repository Audit & Agentic Workflow Opportunity Analyzer" @@ -168,6 +170,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/repo-tree-map.lock.yml b/.github/workflows/repo-tree-map.lock.yml index df0f24065dc..196446f56f8 100644 --- a/.github/workflows/repo-tree-map.lock.yml +++ b/.github/workflows/repo-tree-map.lock.yml @@ -89,6 +89,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -117,7 +119,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Repository Tree Map Generator" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/repo-tree-map.lock.yml@${{ github.ref }} @@ -154,7 +156,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Repository Tree Map Generator" @@ -162,6 +164,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/repository-quality-improver.lock.yml b/.github/workflows/repository-quality-improver.lock.yml index 9404543569c..1a1c2b68c54 100644 --- a/.github/workflows/repository-quality-improver.lock.yml +++ b/.github/workflows/repository-quality-improver.lock.yml @@ -100,6 +100,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -128,7 +130,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Repository Quality Improvement Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/repository-quality-improver.lock.yml@${{ github.ref }} @@ -165,7 +167,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Repository Quality Improvement Agent" @@ -173,6 +175,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/research.lock.yml b/.github/workflows/research.lock.yml index a54c8b6fec7..c024d7ad775 100644 --- a/.github/workflows/research.lock.yml +++ b/.github/workflows/research.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -120,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Basic Research Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/research.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Basic Research Agent" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/ruflo-backed-task.lock.yml b/.github/workflows/ruflo-backed-task.lock.yml index ad41690e5d3..0202e9f411b 100644 --- a/.github/workflows/ruflo-backed-task.lock.yml +++ b/.github/workflows/ruflo-backed-task.lock.yml @@ -79,6 +79,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -114,7 +116,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Ruflo-backed Task" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/ruflo-backed-task.lock.yml@${{ github.ref }} @@ -148,7 +150,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Ruflo-backed Task" @@ -156,6 +158,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/safe-output-health.lock.yml b/.github/workflows/safe-output-health.lock.yml index a174da8e498..bf0218c2644 100644 --- a/.github/workflows/safe-output-health.lock.yml +++ b/.github/workflows/safe-output-health.lock.yml @@ -98,6 +98,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -126,7 +128,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Safe Output Health Monitor" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/safe-output-health.lock.yml@${{ github.ref }} @@ -163,7 +165,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Safe Output Health Monitor" @@ -171,6 +173,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/schema-consistency-checker.lock.yml b/.github/workflows/schema-consistency-checker.lock.yml index d6eda7cc433..df6e6c9c305 100644 --- a/.github/workflows/schema-consistency-checker.lock.yml +++ b/.github/workflows/schema-consistency-checker.lock.yml @@ -94,6 +94,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -122,7 +124,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Schema Consistency Checker" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/schema-consistency-checker.lock.yml@${{ github.ref }} @@ -159,7 +161,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Schema Consistency Checker" @@ -167,6 +169,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/schema-feature-coverage.lock.yml b/.github/workflows/schema-feature-coverage.lock.yml index 1d1ce6c6356..1ea77cd7390 100644 --- a/.github/workflows/schema-feature-coverage.lock.yml +++ b/.github/workflows/schema-feature-coverage.lock.yml @@ -89,6 +89,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -117,7 +119,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Schema Feature Coverage Checker" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/schema-feature-coverage.lock.yml@${{ github.ref }} @@ -154,7 +156,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Schema Feature Coverage Checker" @@ -162,6 +164,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -1384,18 +1387,18 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_1da971ac84f0ad01_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_7a7e73bbee158b29_EOF [history] persistence = "none" [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_MCP_CONFIG_1da971ac84f0ad01_EOF + GH_AW_MCP_CONFIG_7a7e73bbee158b29_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_277f840153cfc64d_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_e238d2d6a3251bd8_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { }, @@ -1406,11 +1409,11 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_277f840153cfc64d_EOF + GH_AW_MCP_CONFIG_e238d2d6a3251bd8_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_caf50c2c0bd71a29_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_757fdfc60d3f0152_EOF model_provider = "openai-proxy" [model_providers.openai-proxy] name = "OpenAI AWF proxy" @@ -1420,7 +1423,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_CODEX_SHELL_POLICY_caf50c2c0bd71a29_EOF + GH_AW_CODEX_SHELL_POLICY_757fdfc60d3f0152_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } diff --git a/.github/workflows/scout.lock.yml b/.github/workflows/scout.lock.yml index 23fd7bbe936..ef1530fef0a 100644 --- a/.github/workflows/scout.lock.yml +++ b/.github/workflows/scout.lock.yml @@ -116,6 +116,8 @@ jobs: discussions: write issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -151,7 +153,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Scout" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/scout.lock.yml@${{ github.ref }} @@ -188,7 +190,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Scout" @@ -196,6 +198,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/security-compliance.lock.yml b/.github/workflows/security-compliance.lock.yml index 78b3a1f5214..1df6c4024c3 100644 --- a/.github/workflows/security-compliance.lock.yml +++ b/.github/workflows/security-compliance.lock.yml @@ -97,6 +97,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -125,7 +127,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Security Compliance Campaign" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/security-compliance.lock.yml@${{ github.ref }} @@ -162,7 +164,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Security Compliance Campaign" @@ -170,6 +172,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/security-review.lock.yml b/.github/workflows/security-review.lock.yml index a5ddb967f62..d516415b897 100644 --- a/.github/workflows/security-review.lock.yml +++ b/.github/workflows/security-review.lock.yml @@ -94,6 +94,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -128,7 +130,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Security Review Agent 🔒" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/security-review.lock.yml@${{ github.ref }} @@ -165,7 +167,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Security Review Agent 🔒" @@ -173,6 +175,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/semantic-function-refactor.lock.yml b/.github/workflows/semantic-function-refactor.lock.yml index 703bd786e0b..da498ad34af 100644 --- a/.github/workflows/semantic-function-refactor.lock.yml +++ b/.github/workflows/semantic-function-refactor.lock.yml @@ -94,6 +94,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -122,7 +124,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Semantic Function Refactoring" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/semantic-function-refactor.lock.yml@${{ github.ref }} @@ -159,7 +161,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Semantic Function Refactoring" @@ -167,6 +169,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/sergo.lock.yml b/.github/workflows/sergo.lock.yml index cad6dc41735..b6c2ff526bc 100644 --- a/.github/workflows/sergo.lock.yml +++ b/.github/workflows/sergo.lock.yml @@ -95,6 +95,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +125,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Sergo - Serena Go Expert" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/sergo.lock.yml@${{ github.ref }} @@ -160,7 +162,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Sergo - Serena Go Expert" @@ -168,6 +170,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/slide-deck-maintainer.lock.yml b/.github/workflows/slide-deck-maintainer.lock.yml index 0616ef4697d..52526ca7ed4 100644 --- a/.github/workflows/slide-deck-maintainer.lock.yml +++ b/.github/workflows/slide-deck-maintainer.lock.yml @@ -101,6 +101,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -131,7 +133,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Slide Deck Maintainer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/slide-deck-maintainer.lock.yml@${{ github.ref }} @@ -168,7 +170,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Slide Deck Maintainer" @@ -176,6 +178,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-agent-all-merged.lock.yml b/.github/workflows/smoke-agent-all-merged.lock.yml index 7c97079723d..6bc24831f31 100644 --- a/.github/workflows/smoke-agent-all-merged.lock.yml +++ b/.github/workflows/smoke-agent-all-merged.lock.yml @@ -95,6 +95,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -130,7 +132,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Agent: all/merged" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-agent-all-merged.lock.yml@${{ github.ref }} @@ -167,7 +169,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Agent: all/merged" @@ -175,6 +177,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-agent-all-none.lock.yml b/.github/workflows/smoke-agent-all-none.lock.yml index 3fdd933e8df..c532f8bcab4 100644 --- a/.github/workflows/smoke-agent-all-none.lock.yml +++ b/.github/workflows/smoke-agent-all-none.lock.yml @@ -95,6 +95,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -130,7 +132,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Agent: all/none" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-agent-all-none.lock.yml@${{ github.ref }} @@ -167,7 +169,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Agent: all/none" @@ -175,6 +177,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-agent-public-approved.lock.yml b/.github/workflows/smoke-agent-public-approved.lock.yml index c7a2a3cf3b0..23123a1368f 100644 --- a/.github/workflows/smoke-agent-public-approved.lock.yml +++ b/.github/workflows/smoke-agent-public-approved.lock.yml @@ -97,6 +97,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -132,7 +134,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Agent: public/approved" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-agent-public-approved.lock.yml@${{ github.ref }} @@ -169,7 +171,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Agent: public/approved" @@ -177,6 +179,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-agent-public-none.lock.yml b/.github/workflows/smoke-agent-public-none.lock.yml index f4b13a7d753..15b9435dd00 100644 --- a/.github/workflows/smoke-agent-public-none.lock.yml +++ b/.github/workflows/smoke-agent-public-none.lock.yml @@ -95,6 +95,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -130,7 +132,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Agent: public/none" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-agent-public-none.lock.yml@${{ github.ref }} @@ -167,7 +169,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Agent: public/none" @@ -175,6 +177,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-agent-scoped-approved.lock.yml b/.github/workflows/smoke-agent-scoped-approved.lock.yml index f94afa51c44..42194a46362 100644 --- a/.github/workflows/smoke-agent-scoped-approved.lock.yml +++ b/.github/workflows/smoke-agent-scoped-approved.lock.yml @@ -96,6 +96,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -131,7 +133,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Agent: scoped/approved" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-agent-scoped-approved.lock.yml@${{ github.ref }} @@ -168,7 +170,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Agent: scoped/approved" @@ -176,6 +178,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-antigravity.lock.yml b/.github/workflows/smoke-antigravity.lock.yml index 626c4b4c3e5..9752844b481 100644 --- a/.github/workflows/smoke-antigravity.lock.yml +++ b/.github/workflows/smoke-antigravity.lock.yml @@ -101,6 +101,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -138,7 +140,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Antigravity" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-antigravity.lock.yml@${{ github.ref }} @@ -173,7 +175,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Antigravity" @@ -181,6 +183,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-call-workflow.lock.yml b/.github/workflows/smoke-call-workflow.lock.yml index 967a5db164b..3c764a40acc 100644 --- a/.github/workflows/smoke-call-workflow.lock.yml +++ b/.github/workflows/smoke-call-workflow.lock.yml @@ -98,6 +98,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -133,7 +135,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Call Workflow" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-call-workflow.lock.yml@${{ github.ref }} @@ -170,7 +172,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Call Workflow" @@ -178,6 +180,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -1446,18 +1449,18 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_0636fab3bc12d61f_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_34b3bd53b054d520_EOF [history] persistence = "none" [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_MCP_CONFIG_0636fab3bc12d61f_EOF + GH_AW_MCP_CONFIG_34b3bd53b054d520_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_4291f008fe8248f9_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_34ae7de1d3cc0b83_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { }, @@ -1468,11 +1471,11 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_4291f008fe8248f9_EOF + GH_AW_MCP_CONFIG_34ae7de1d3cc0b83_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_b45bbb9ac62a7c26_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_621dd937c4653589_EOF model_provider = "openai-proxy" [model_providers.openai-proxy] name = "OpenAI AWF proxy" @@ -1482,7 +1485,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_CODEX_SHELL_POLICY_b45bbb9ac62a7c26_EOF + GH_AW_CODEX_SHELL_POLICY_621dd937c4653589_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } diff --git a/.github/workflows/smoke-ci.lock.yml b/.github/workflows/smoke-ci.lock.yml index fc89bb1436f..fc5207754ea 100644 --- a/.github/workflows/smoke-ci.lock.yml +++ b/.github/workflows/smoke-ci.lock.yml @@ -106,6 +106,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -138,7 +140,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke CI" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-ci.lock.yml@${{ github.ref }} @@ -175,7 +177,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke CI" @@ -183,6 +185,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-claude.lock.yml b/.github/workflows/smoke-claude.lock.yml index 72d81a65cdd..f4320e260a6 100644 --- a/.github/workflows/smoke-claude.lock.yml +++ b/.github/workflows/smoke-claude.lock.yml @@ -110,6 +110,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -145,7 +147,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Claude" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-claude.lock.yml@${{ github.ref }} @@ -182,7 +184,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Claude" @@ -190,6 +192,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-codex.lock.yml b/.github/workflows/smoke-codex.lock.yml index 050e4478a87..6a7db050b90 100644 --- a/.github/workflows/smoke-codex.lock.yml +++ b/.github/workflows/smoke-codex.lock.yml @@ -110,6 +110,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -145,7 +147,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Codex" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-codex.lock.yml@${{ github.ref }} @@ -182,7 +184,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Codex" @@ -190,6 +192,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | @@ -1832,18 +1835,18 @@ jobs: DOCKER_SOCK_GID=$(stat -c '%g' "$DOCKER_SOCK_PATH" 2>/dev/null || echo '0') export MCP_GATEWAY_DOCKER_COMMAND='docker run -i --rm --network host --add-host host.docker.internal:127.0.0.1 --user '"${MCP_GATEWAY_UID}"':'"${MCP_GATEWAY_GID}"' --group-add '"${DOCKER_SOCK_GID}"' -v '"${DOCKER_SOCK_PATH}"':/var/run/docker.sock -e MCP_GATEWAY_PORT -e MCP_GATEWAY_DOMAIN -e MCP_GATEWAY_API_KEY -e MCP_GATEWAY_PAYLOAD_DIR -e MCP_GATEWAY_PAYLOAD_SIZE_THRESHOLD -e DOCKER_HOST=unix:///var/run/docker.sock -e DEBUG -e MCP_GATEWAY_LOG_DIR -e GH_AW_MCP_LOG_DIR -e GH_AW_SAFE_OUTPUTS -e GH_AW_SAFE_OUTPUTS_CONFIG_PATH -e GH_AW_SAFE_OUTPUTS_TOOLS_PATH -e GH_AW_ASSETS_BRANCH -e GH_AW_ASSETS_MAX_SIZE_KB -e GH_AW_ASSETS_ALLOWED_EXTS -e DEFAULT_BRANCH -e GITHUB_MCP_SERVER_TOKEN -e GITHUB_MCP_GUARD_MIN_INTEGRITY -e GITHUB_MCP_GUARD_REPOS -e GITHUB_REPOSITORY -e GITHUB_SERVER_URL -e GITHUB_SHA -e GITHUB_WORKSPACE -e GITHUB_TOKEN -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RUN_ATTEMPT -e GITHUB_JOB -e GITHUB_ACTION -e GITHUB_EVENT_NAME -e GITHUB_EVENT_PATH -e GITHUB_ACTOR -e GITHUB_ACTOR_ID -e GITHUB_TRIGGERING_ACTOR -e GITHUB_WORKFLOW -e GITHUB_WORKFLOW_REF -e GITHUB_WORKFLOW_SHA -e GITHUB_REF -e GITHUB_REF_NAME -e GITHUB_REF_TYPE -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e CODEX_HOME -v /tmp/gh-aw/mcp-payloads:/tmp/gh-aw/mcp-payloads:rw -v /opt:/opt:ro -v /tmp:/tmp:rw -v '"${GITHUB_WORKSPACE}"':'"${GITHUB_WORKSPACE}"':rw ghcr.io/github/gh-aw-mcpg:v0.3.22' - cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_b759182b430d1738_EOF + cat > "${RUNNER_TEMP}/gh-aw/mcp-config/config.toml" << GH_AW_MCP_CONFIG_c108c84b62727b87_EOF [history] persistence = "none" [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_MCP_CONFIG_b759182b430d1738_EOF + GH_AW_MCP_CONFIG_c108c84b62727b87_EOF # Generate JSON config for MCP gateway GH_AW_NODE=$(which node 2>/dev/null || command -v node 2>/dev/null || echo node) - cat << GH_AW_MCP_CONFIG_bfe6e367d4a1c4ef_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" + cat << GH_AW_MCP_CONFIG_92ccc2108d8f3641_EOF | "$GH_AW_NODE" "${RUNNER_TEMP}/gh-aw/actions/start_mcp_gateway.cjs" { "mcpServers": { }, @@ -1854,11 +1857,11 @@ jobs: "payloadDir": "${MCP_GATEWAY_PAYLOAD_DIR}" } } - GH_AW_MCP_CONFIG_bfe6e367d4a1c4ef_EOF + GH_AW_MCP_CONFIG_92ccc2108d8f3641_EOF # Sync converter output to writable CODEX_HOME for Codex mkdir -p /tmp/gh-aw/mcp-config - cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_7468cc74810d6035_EOF + cat > "/tmp/gh-aw/mcp-config/config.toml" << GH_AW_CODEX_SHELL_POLICY_4c7e16976af6bfaf_EOF model_provider = "openai-proxy" [model_providers.openai-proxy] name = "OpenAI AWF proxy" @@ -1868,7 +1871,7 @@ jobs: [shell_environment_policy] inherit = "core" include_only = ["^CODEX_API_KEY$", "^HOME$", "^OPENAI_API_KEY$", "^PATH$"] - GH_AW_CODEX_SHELL_POLICY_7468cc74810d6035_EOF + GH_AW_CODEX_SHELL_POLICY_4c7e16976af6bfaf_EOF awk ' BEGIN { skip_openai_proxy = 0 } /^[[:space:]]*model_provider[[:space:]]*=/ { next } diff --git a/.github/workflows/smoke-copilot-arm.lock.yml b/.github/workflows/smoke-copilot-arm.lock.yml index 4cf3db0a832..a92cfd258ce 100644 --- a/.github/workflows/smoke-copilot-arm.lock.yml +++ b/.github/workflows/smoke-copilot-arm.lock.yml @@ -108,6 +108,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -143,7 +145,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Copilot ARM64" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-copilot-arm.lock.yml@${{ github.ref }} @@ -180,7 +182,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Copilot ARM64" @@ -188,6 +190,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-copilot-sdk.lock.yml b/.github/workflows/smoke-copilot-sdk.lock.yml index c92edb51191..c90d087042d 100644 --- a/.github/workflows/smoke-copilot-sdk.lock.yml +++ b/.github/workflows/smoke-copilot-sdk.lock.yml @@ -76,6 +76,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -112,7 +114,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Copilot SDK" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-copilot-sdk.lock.yml@${{ github.ref }} @@ -147,7 +149,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Copilot SDK" @@ -155,6 +157,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-copilot.lock.yml b/.github/workflows/smoke-copilot.lock.yml index 7211dcdcd91..d17900c3003 100644 --- a/.github/workflows/smoke-copilot.lock.yml +++ b/.github/workflows/smoke-copilot.lock.yml @@ -104,6 +104,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} caveman: ${{ steps.pick-experiment.outputs.caveman }} @@ -143,7 +145,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Copilot" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-copilot.lock.yml@${{ github.ref }} @@ -180,7 +182,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Copilot" @@ -188,6 +190,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-create-cross-repo-pr.lock.yml b/.github/workflows/smoke-create-cross-repo-pr.lock.yml index 3bd64072d48..efccd26c440 100644 --- a/.github/workflows/smoke-create-cross-repo-pr.lock.yml +++ b/.github/workflows/smoke-create-cross-repo-pr.lock.yml @@ -97,6 +97,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -131,7 +133,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Create Cross-Repo PR" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-create-cross-repo-pr.lock.yml@${{ github.ref }} @@ -168,7 +170,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Create Cross-Repo PR" @@ -176,6 +178,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-crush.lock.yml b/.github/workflows/smoke-crush.lock.yml index 587ab9bb031..8b8b1021fd3 100644 --- a/.github/workflows/smoke-crush.lock.yml +++ b/.github/workflows/smoke-crush.lock.yml @@ -98,6 +98,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -133,7 +135,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Crush" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-crush.lock.yml@${{ github.ref }} @@ -169,7 +171,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Crush" @@ -177,6 +179,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-gemini.lock.yml b/.github/workflows/smoke-gemini.lock.yml index 647c6ade7c8..9cd69c62f28 100644 --- a/.github/workflows/smoke-gemini.lock.yml +++ b/.github/workflows/smoke-gemini.lock.yml @@ -102,6 +102,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -139,7 +141,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Gemini" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-gemini.lock.yml@${{ github.ref }} @@ -174,7 +176,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Gemini" @@ -182,6 +184,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-multi-pr.lock.yml b/.github/workflows/smoke-multi-pr.lock.yml index 0377dd7511f..2a57a6d94ec 100644 --- a/.github/workflows/smoke-multi-pr.lock.yml +++ b/.github/workflows/smoke-multi-pr.lock.yml @@ -97,6 +97,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -132,7 +134,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Multi PR" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-multi-pr.lock.yml@${{ github.ref }} @@ -169,7 +171,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Multi PR" @@ -177,6 +179,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-opencode.lock.yml b/.github/workflows/smoke-opencode.lock.yml index 724a574141e..9413a9b5516 100644 --- a/.github/workflows/smoke-opencode.lock.yml +++ b/.github/workflows/smoke-opencode.lock.yml @@ -99,6 +99,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -134,7 +136,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke OpenCode" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-opencode.lock.yml@${{ github.ref }} @@ -170,7 +172,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke OpenCode" @@ -178,6 +180,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-otel-backends.lock.yml b/.github/workflows/smoke-otel-backends.lock.yml index ee6dfc7eccb..416a72c2988 100644 --- a/.github/workflows/smoke-otel-backends.lock.yml +++ b/.github/workflows/smoke-otel-backends.lock.yml @@ -110,6 +110,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -146,7 +148,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke OTEL" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-otel-backends.lock.yml@${{ github.ref }} @@ -183,7 +185,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke OTEL" @@ -191,6 +193,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-pi.lock.yml b/.github/workflows/smoke-pi.lock.yml index dd792f2c21a..1ba3c07d06a 100644 --- a/.github/workflows/smoke-pi.lock.yml +++ b/.github/workflows/smoke-pi.lock.yml @@ -102,6 +102,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -139,7 +141,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Pi" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-pi.lock.yml@${{ github.ref }} @@ -175,7 +177,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Pi" @@ -183,6 +185,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-project.lock.yml b/.github/workflows/smoke-project.lock.yml index 6fc75846f03..619297bd581 100644 --- a/.github/workflows/smoke-project.lock.yml +++ b/.github/workflows/smoke-project.lock.yml @@ -98,6 +98,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -133,7 +135,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Project" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-project.lock.yml@${{ github.ref }} @@ -170,7 +172,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Project" @@ -178,6 +180,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-service-ports.lock.yml b/.github/workflows/smoke-service-ports.lock.yml index e81b125c4af..c590726567d 100644 --- a/.github/workflows/smoke-service-ports.lock.yml +++ b/.github/workflows/smoke-service-ports.lock.yml @@ -89,6 +89,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -124,7 +126,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Service Ports" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-service-ports.lock.yml@${{ github.ref }} @@ -161,7 +163,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Service Ports" @@ -169,6 +171,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-temporary-id.lock.yml b/.github/workflows/smoke-temporary-id.lock.yml index c46a5f7edf1..2e7a891459f 100644 --- a/.github/workflows/smoke-temporary-id.lock.yml +++ b/.github/workflows/smoke-temporary-id.lock.yml @@ -96,6 +96,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -133,7 +135,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Temporary ID" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-temporary-id.lock.yml@${{ github.ref }} @@ -170,7 +172,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Temporary ID" @@ -178,6 +180,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-test-tools.lock.yml b/.github/workflows/smoke-test-tools.lock.yml index 37d386c8ff1..fae227b4ce2 100644 --- a/.github/workflows/smoke-test-tools.lock.yml +++ b/.github/workflows/smoke-test-tools.lock.yml @@ -100,6 +100,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -135,7 +137,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Agent Container Smoke Test" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-test-tools.lock.yml@${{ github.ref }} @@ -172,7 +174,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Agent Container Smoke Test" @@ -180,6 +182,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-update-cross-repo-pr.lock.yml b/.github/workflows/smoke-update-cross-repo-pr.lock.yml index efdfa39167e..78bf7c34e71 100644 --- a/.github/workflows/smoke-update-cross-repo-pr.lock.yml +++ b/.github/workflows/smoke-update-cross-repo-pr.lock.yml @@ -99,6 +99,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -133,7 +135,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Update Cross-Repo PR" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-update-cross-repo-pr.lock.yml@${{ github.ref }} @@ -170,7 +172,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Update Cross-Repo PR" @@ -178,6 +180,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-workflow-call-with-inputs.lock.yml b/.github/workflows/smoke-workflow-call-with-inputs.lock.yml index ca3b5228203..de5811fca83 100644 --- a/.github/workflows/smoke-workflow-call-with-inputs.lock.yml +++ b/.github/workflows/smoke-workflow-call-with-inputs.lock.yml @@ -126,6 +126,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: artifact_prefix: ${{ steps.artifact-prefix.outputs.prefix }} comment_id: "" @@ -161,7 +163,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Workflow Call with Inputs" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-workflow-call-with-inputs.lock.yml@${{ github.ref }} @@ -219,7 +221,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Workflow Call with Inputs" @@ -227,6 +229,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/smoke-workflow-call.lock.yml b/.github/workflows/smoke-workflow-call.lock.yml index bdeb7530e8e..495ffa007d3 100644 --- a/.github/workflows/smoke-workflow-call.lock.yml +++ b/.github/workflows/smoke-workflow-call.lock.yml @@ -129,6 +129,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: artifact_prefix: ${{ steps.artifact-prefix.outputs.prefix }} comment_id: "" @@ -164,7 +166,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Smoke Workflow Call" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/smoke-workflow-call.lock.yml@${{ github.ref }} @@ -222,7 +224,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Smoke Workflow Call" @@ -230,6 +232,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/spec-enforcer.lock.yml b/.github/workflows/spec-enforcer.lock.yml index 9cac2788cd9..976bcdbe7ff 100644 --- a/.github/workflows/spec-enforcer.lock.yml +++ b/.github/workflows/spec-enforcer.lock.yml @@ -98,6 +98,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -126,7 +128,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Package Specification Enforcer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/spec-enforcer.lock.yml@${{ github.ref }} @@ -163,7 +165,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Package Specification Enforcer" @@ -171,6 +173,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/spec-extractor.lock.yml b/.github/workflows/spec-extractor.lock.yml index 20622c18bd3..55117730fba 100644 --- a/.github/workflows/spec-extractor.lock.yml +++ b/.github/workflows/spec-extractor.lock.yml @@ -96,6 +96,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +125,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Package Specification Extractor" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/spec-extractor.lock.yml@${{ github.ref }} @@ -160,7 +162,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Package Specification Extractor" @@ -168,6 +170,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/spec-librarian.lock.yml b/.github/workflows/spec-librarian.lock.yml index 6b540e8e1b0..c9913554291 100644 --- a/.github/workflows/spec-librarian.lock.yml +++ b/.github/workflows/spec-librarian.lock.yml @@ -99,6 +99,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -128,7 +130,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Package Specification Librarian" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/spec-librarian.lock.yml@${{ github.ref }} @@ -165,7 +167,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Package Specification Librarian" @@ -173,6 +175,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/stale-pr-cleanup.lock.yml b/.github/workflows/stale-pr-cleanup.lock.yml index 21c96cca453..5e026cfa281 100644 --- a/.github/workflows/stale-pr-cleanup.lock.yml +++ b/.github/workflows/stale-pr-cleanup.lock.yml @@ -88,6 +88,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -115,7 +117,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Stale PR Cleanup" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/stale-pr-cleanup.lock.yml@${{ github.ref }} @@ -152,7 +154,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Stale PR Cleanup" @@ -160,6 +162,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/stale-repo-identifier.lock.yml b/.github/workflows/stale-repo-identifier.lock.yml index 8470b0e8144..77bcf74f3bc 100644 --- a/.github/workflows/stale-repo-identifier.lock.yml +++ b/.github/workflows/stale-repo-identifier.lock.yml @@ -107,6 +107,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -135,7 +137,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Stale Repository Identifier" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/stale-repo-identifier.lock.yml@${{ github.ref }} @@ -172,7 +174,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Stale Repository Identifier" @@ -180,6 +182,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/static-analysis-report.lock.yml b/.github/workflows/static-analysis-report.lock.yml index 0398b80dde9..09f8b6f547c 100644 --- a/.github/workflows/static-analysis-report.lock.yml +++ b/.github/workflows/static-analysis-report.lock.yml @@ -96,6 +96,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -124,7 +126,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Static Analysis Report" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/static-analysis-report.lock.yml@${{ github.ref }} @@ -161,7 +163,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Static Analysis Report" @@ -169,6 +171,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/step-name-alignment.lock.yml b/.github/workflows/step-name-alignment.lock.yml index 1366461ded3..f4d4b943edf 100644 --- a/.github/workflows/step-name-alignment.lock.yml +++ b/.github/workflows/step-name-alignment.lock.yml @@ -91,6 +91,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -119,7 +121,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Step Name Alignment" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/step-name-alignment.lock.yml@${{ github.ref }} @@ -156,7 +158,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Step Name Alignment" @@ -164,6 +166,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/sub-issue-closer.lock.yml b/.github/workflows/sub-issue-closer.lock.yml index 53c35d41f50..834bc4850ee 100644 --- a/.github/workflows/sub-issue-closer.lock.yml +++ b/.github/workflows/sub-issue-closer.lock.yml @@ -89,6 +89,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -117,7 +119,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Sub-Issue Closer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/sub-issue-closer.lock.yml@${{ github.ref }} @@ -154,7 +156,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Sub-Issue Closer" @@ -162,6 +164,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/super-linter.lock.yml b/.github/workflows/super-linter.lock.yml index 93371385744..3c7e293336a 100644 --- a/.github/workflows/super-linter.lock.yml +++ b/.github/workflows/super-linter.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -120,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Super Linter Report" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/super-linter.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Super Linter Report" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/technical-doc-writer.lock.yml b/.github/workflows/technical-doc-writer.lock.yml index 89733ecb5f9..2300d268708 100644 --- a/.github/workflows/technical-doc-writer.lock.yml +++ b/.github/workflows/technical-doc-writer.lock.yml @@ -95,6 +95,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +125,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Rebuild the documentation after making changes" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/technical-doc-writer.lock.yml@${{ github.ref }} @@ -160,7 +162,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Rebuild the documentation after making changes" @@ -168,6 +170,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/terminal-stylist.lock.yml b/.github/workflows/terminal-stylist.lock.yml index 4d3dccb9ff0..865f8cce3df 100644 --- a/.github/workflows/terminal-stylist.lock.yml +++ b/.github/workflows/terminal-stylist.lock.yml @@ -95,6 +95,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -123,7 +125,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Terminal Stylist" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/terminal-stylist.lock.yml@${{ github.ref }} @@ -160,7 +162,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Terminal Stylist" @@ -168,6 +170,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/test-create-pr-error-handling.lock.yml b/.github/workflows/test-create-pr-error-handling.lock.yml index 9a0822d3278..ac6d4d70839 100644 --- a/.github/workflows/test-create-pr-error-handling.lock.yml +++ b/.github/workflows/test-create-pr-error-handling.lock.yml @@ -88,6 +88,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -116,7 +118,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Test Create PR Error Handling" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/test-create-pr-error-handling.lock.yml@${{ github.ref }} @@ -153,7 +155,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Test Create PR Error Handling" @@ -161,6 +163,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/test-dispatcher.lock.yml b/.github/workflows/test-dispatcher.lock.yml index 854143f5199..6cc31298f03 100644 --- a/.github/workflows/test-dispatcher.lock.yml +++ b/.github/workflows/test-dispatcher.lock.yml @@ -84,6 +84,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -112,7 +114,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Test Dispatcher Workflow" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/test-dispatcher.lock.yml@${{ github.ref }} @@ -149,7 +151,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Test Dispatcher Workflow" @@ -157,6 +159,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/test-project-url-default.lock.yml b/.github/workflows/test-project-url-default.lock.yml index d39cf824e6c..887cc725583 100644 --- a/.github/workflows/test-project-url-default.lock.yml +++ b/.github/workflows/test-project-url-default.lock.yml @@ -85,6 +85,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -113,7 +115,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Test Project URL Explicit Requirement" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/test-project-url-default.lock.yml@${{ github.ref }} @@ -150,7 +152,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Test Project URL Explicit Requirement" @@ -158,6 +160,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/test-quality-sentinel.lock.yml b/.github/workflows/test-quality-sentinel.lock.yml index 8b152983257..79b13ababce 100644 --- a/.github/workflows/test-quality-sentinel.lock.yml +++ b/.github/workflows/test-quality-sentinel.lock.yml @@ -94,6 +94,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -128,7 +130,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Test Quality Sentinel" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/test-quality-sentinel.lock.yml@${{ github.ref }} @@ -165,7 +167,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Test Quality Sentinel" @@ -173,6 +175,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/test-workflow.lock.yml b/.github/workflows/test-workflow.lock.yml index e77cf10f04a..6da0e2f316e 100644 --- a/.github/workflows/test-workflow.lock.yml +++ b/.github/workflows/test-workflow.lock.yml @@ -87,6 +87,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -115,7 +117,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Test Workflow" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/test-workflow.lock.yml@${{ github.ref }} @@ -152,7 +154,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Test Workflow" @@ -160,6 +162,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/tidy.lock.yml b/.github/workflows/tidy.lock.yml index 211d94444ee..6a0982708de 100644 --- a/.github/workflows/tidy.lock.yml +++ b/.github/workflows/tidy.lock.yml @@ -103,6 +103,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -138,7 +140,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Tidy" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/tidy.lock.yml@${{ github.ref }} @@ -175,7 +177,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Tidy" @@ -183,6 +185,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/typist.lock.yml b/.github/workflows/typist.lock.yml index 15fe947e88a..6ec7746c9f0 100644 --- a/.github/workflows/typist.lock.yml +++ b/.github/workflows/typist.lock.yml @@ -95,6 +95,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -125,7 +127,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Typist - Go Type Analysis" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/typist.lock.yml@${{ github.ref }} @@ -162,7 +164,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Typist - Go Type Analysis" @@ -170,6 +172,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/ubuntu-image-analyzer.lock.yml b/.github/workflows/ubuntu-image-analyzer.lock.yml index 2b06d390445..bb1b9a8a475 100644 --- a/.github/workflows/ubuntu-image-analyzer.lock.yml +++ b/.github/workflows/ubuntu-image-analyzer.lock.yml @@ -96,6 +96,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -126,7 +128,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Ubuntu Actions Image Analyzer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/ubuntu-image-analyzer.lock.yml@${{ github.ref }} @@ -163,7 +165,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Ubuntu Actions Image Analyzer" @@ -171,6 +173,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/uk-ai-operational-resilience.lock.yml b/.github/workflows/uk-ai-operational-resilience.lock.yml index 16e5e8c66f1..b964f9dac8d 100644 --- a/.github/workflows/uk-ai-operational-resilience.lock.yml +++ b/.github/workflows/uk-ai-operational-resilience.lock.yml @@ -101,6 +101,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -129,7 +131,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "UK AI Operational Resilience" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/uk-ai-operational-resilience.lock.yml@${{ github.ref }} @@ -165,7 +167,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "UK AI Operational Resilience" @@ -173,6 +175,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/unbloat-docs.lock.yml b/.github/workflows/unbloat-docs.lock.yml index afd76ea14c3..6db5ccae882 100644 --- a/.github/workflows/unbloat-docs.lock.yml +++ b/.github/workflows/unbloat-docs.lock.yml @@ -99,6 +99,8 @@ jobs: contents: read issues: write pull-requests: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: ${{ steps.add-comment.outputs.comment-id }} @@ -134,7 +136,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Documentation Unbloat" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/unbloat-docs.lock.yml@${{ github.ref }} @@ -171,7 +173,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Documentation Unbloat" @@ -179,6 +181,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/update-astro.lock.yml b/.github/workflows/update-astro.lock.yml index b3e8e5ae21e..7d186bca328 100644 --- a/.github/workflows/update-astro.lock.yml +++ b/.github/workflows/update-astro.lock.yml @@ -94,6 +94,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -124,7 +126,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Update Astro" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/update-astro.lock.yml@${{ github.ref }} @@ -161,7 +163,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Update Astro" @@ -169,6 +171,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/video-analyzer.lock.yml b/.github/workflows/video-analyzer.lock.yml index 1ecdf37ac83..dd77f3b74a1 100644 --- a/.github/workflows/video-analyzer.lock.yml +++ b/.github/workflows/video-analyzer.lock.yml @@ -90,6 +90,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -118,7 +120,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Video Analysis Agent" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/video-analyzer.lock.yml@${{ github.ref }} @@ -155,7 +157,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Video Analysis Agent" @@ -163,6 +165,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/visual-regression-checker.lock.yml b/.github/workflows/visual-regression-checker.lock.yml index 2f7f62704fe..a7acabaede6 100644 --- a/.github/workflows/visual-regression-checker.lock.yml +++ b/.github/workflows/visual-regression-checker.lock.yml @@ -94,6 +94,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -127,7 +129,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Visual Regression Checker" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/visual-regression-checker.lock.yml@${{ github.ref }} @@ -164,7 +166,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Visual Regression Checker" @@ -172,6 +174,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/weekly-blog-post-writer.lock.yml b/.github/workflows/weekly-blog-post-writer.lock.yml index ec818a0a888..eb755b19419 100644 --- a/.github/workflows/weekly-blog-post-writer.lock.yml +++ b/.github/workflows/weekly-blog-post-writer.lock.yml @@ -93,6 +93,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -121,7 +123,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Weekly Blog Post Writer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/weekly-blog-post-writer.lock.yml@${{ github.ref }} @@ -158,7 +160,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Weekly Blog Post Writer" @@ -166,6 +168,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/weekly-editors-health-check.lock.yml b/.github/workflows/weekly-editors-health-check.lock.yml index a26fcf8aa09..9a476816ec1 100644 --- a/.github/workflows/weekly-editors-health-check.lock.yml +++ b/.github/workflows/weekly-editors-health-check.lock.yml @@ -89,6 +89,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -117,7 +119,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Weekly Editors Health Check" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/weekly-editors-health-check.lock.yml@${{ github.ref }} @@ -154,7 +156,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Weekly Editors Health Check" @@ -162,6 +164,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/weekly-issue-summary.lock.yml b/.github/workflows/weekly-issue-summary.lock.yml index be6a8efe723..b0c58fc006b 100644 --- a/.github/workflows/weekly-issue-summary.lock.yml +++ b/.github/workflows/weekly-issue-summary.lock.yml @@ -97,6 +97,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -125,7 +127,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Weekly Issue Summary" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/weekly-issue-summary.lock.yml@${{ github.ref }} @@ -162,7 +164,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Weekly Issue Summary" @@ -170,6 +172,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/weekly-safe-outputs-spec-review.lock.yml b/.github/workflows/weekly-safe-outputs-spec-review.lock.yml index 6e893237922..66eee982c65 100644 --- a/.github/workflows/weekly-safe-outputs-spec-review.lock.yml +++ b/.github/workflows/weekly-safe-outputs-spec-review.lock.yml @@ -90,6 +90,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -118,7 +120,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Weekly Safe Outputs Specification Review" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/weekly-safe-outputs-spec-review.lock.yml@${{ github.ref }} @@ -155,7 +157,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Weekly Safe Outputs Specification Review" @@ -163,6 +165,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/workflow-generator.lock.yml b/.github/workflows/workflow-generator.lock.yml index d973833377d..e77a075e520 100644 --- a/.github/workflows/workflow-generator.lock.yml +++ b/.github/workflows/workflow-generator.lock.yml @@ -87,6 +87,8 @@ jobs: actions: read contents: read issues: write + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -121,7 +123,7 @@ jobs: job-name: ${{ github.job }} trace-id: ${{ needs.pre_activation.outputs.setup-trace-id }} parent-span-id: ${{ needs.pre_activation.outputs.setup-parent-span-id || needs.pre_activation.outputs.setup-span-id }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Workflow Generator" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/workflow-generator.lock.yml@${{ github.ref }} @@ -158,7 +160,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Workflow Generator" @@ -166,6 +168,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/workflow-health-manager.lock.yml b/.github/workflows/workflow-health-manager.lock.yml index a5c4543b1d9..8afb7f57637 100644 --- a/.github/workflows/workflow-health-manager.lock.yml +++ b/.github/workflows/workflow-health-manager.lock.yml @@ -90,6 +90,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -118,7 +120,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Workflow Health Manager - Meta-Orchestrator" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/workflow-health-manager.lock.yml@${{ github.ref }} @@ -155,7 +157,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Workflow Health Manager - Meta-Orchestrator" @@ -163,6 +165,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/workflow-normalizer.lock.yml b/.github/workflows/workflow-normalizer.lock.yml index 8683dd3d56e..5e335ab7f91 100644 --- a/.github/workflows/workflow-normalizer.lock.yml +++ b/.github/workflows/workflow-normalizer.lock.yml @@ -92,6 +92,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -120,7 +122,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Workflow Normalizer" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/workflow-normalizer.lock.yml@${{ github.ref }} @@ -157,7 +159,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Workflow Normalizer" @@ -165,6 +167,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/workflow-skill-extractor.lock.yml b/.github/workflows/workflow-skill-extractor.lock.yml index 7002a6c06ed..6f2b4a2a525 100644 --- a/.github/workflows/workflow-skill-extractor.lock.yml +++ b/.github/workflows/workflow-skill-extractor.lock.yml @@ -89,6 +89,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_AI_CREDITS: "500000" outputs: comment_id: "" comment_repo: "" @@ -117,7 +119,7 @@ jobs: with: destination: ${{ runner.temp }}/gh-aw/actions job-name: ${{ github.job }} - safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} env: GH_AW_SETUP_WORKFLOW_NAME: "Workflow Skill Extractor" GH_AW_CURRENT_WORKFLOW_REF: ${{ github.repository }}/.github/workflows/workflow-skill-extractor.lock.yml@${{ github.ref }} @@ -154,7 +156,7 @@ jobs: await main(core, context); - name: Check daily workflow token guardrail id: daily-effective-workflow-guardrail - if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }} + if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }} uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 env: GH_AW_WORKFLOW_NAME: "Workflow Skill Extractor" @@ -162,6 +164,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_AI_CREDITS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/actions/setup/js/check_daily_effective_workflow_guardrail.cjs b/actions/setup/js/check_daily_effective_workflow_guardrail.cjs index 5d264e1f4d4..76d968bfc8b 100644 --- a/actions/setup/js/check_daily_effective_workflow_guardrail.cjs +++ b/actions/setup/js/check_daily_effective_workflow_guardrail.cjs @@ -5,7 +5,7 @@ const fs = require("fs"); const os = require("os"); const path = require("path"); -const { calculateDailyEffectiveWorkflowStats, findTokenUsageFile, formatEffectiveTokens, sumEffectiveTokensFromTokenUsageFile } = require("./daily_effective_workflow_helpers.cjs"); +const { calculateDailyAICStats, findTokenUsageFile, formatAICCredits, sumAICFromTokenUsageFile } = require("./daily_effective_workflow_helpers.cjs"); const { parsePositiveEffectiveTokenLimitNumber } = require("./effective_token_limits.cjs"); const { getErrorMessage } = require("./error_helpers.cjs"); const { createRateLimitAwareGithub } = require("./github_rate_limit_logger.cjs"); @@ -85,7 +85,7 @@ function matchesGuardrailArtifactName(artifactName) { * @param {string} repo * @returns {Promise} */ -async function getRunEffectiveTokens(artifactClient, runId, token, owner, repo) { +async function getRunAIC(artifactClient, runId, token, owner, repo) { const { artifacts } = await artifactClient.listArtifacts({ latest: true, findBy: { @@ -142,13 +142,13 @@ async function getRunEffectiveTokens(artifactClient, runId, token, owner, repo) downloadPath: download.downloadPath || downloadRoot, tokenUsageFile, }); - const effectiveTokens = sumEffectiveTokensFromTokenUsageFile(tokenUsageFile); - logDailyGuardrail("Computed run ET from artifact", { + const aic = sumAICFromTokenUsageFile(tokenUsageFile); + logDailyGuardrail("Computed run AIC from artifact", { runId, artifactId: artifact.id, - effectiveTokens, + aic, }); - return effectiveTokens; + return aic; } /** @@ -205,13 +205,13 @@ async function getCoreRateLimitSnapshot(githubClient) { * @param {string} workflowName * @param {string} actorLogin * @param {number} threshold - * @param {Array<{id:number, html_url:string, created_at:string, conclusion:string, effective_tokens:number}>} countedRuns + * @param {Array<{id:number, html_url:string, created_at:string, conclusion:string, aic:number}>} countedRuns * @param {{remaining:number,limit:number,used:number,reset:string}} rateLimit * @param {{candidateRunsCount:number,inspectedRunsCount:number,truncatedByRateLimit:boolean}} meta * @returns {string} */ function renderDailyEffectiveWorkflowSummary(workflowName, actorLogin, threshold, countedRuns, rateLimit, meta) { - const stats = calculateDailyEffectiveWorkflowStats(countedRuns); + const stats = calculateDailyAICStats(countedRuns); const remainingBudget = Math.max(0, threshold - stats.total); const usagePercent = threshold > 0 ? ((stats.total / threshold) * 100).toFixed(2) : "0.00"; const runRows = @@ -219,7 +219,7 @@ function renderDailyEffectiveWorkflowSummary(workflowName, actorLogin, threshold ? countedRuns .slice() .sort((a, b) => Date.parse(b.created_at || "") - Date.parse(a.created_at || "")) - .map(run => `| [#${run.id}](${run.html_url || ""}) | ${escapeMarkdownCell(run.created_at || "")} | ${escapeMarkdownCell(run.conclusion || "unknown")} | ${formatEffectiveTokens(run.effective_tokens)} |`) + .map(run => `| [#${run.id}](${run.html_url || ""}) | ${escapeMarkdownCell(run.created_at || "")} | ${escapeMarkdownCell(run.conclusion || "unknown")} | ${formatAICCredits(run.aic)} |`) .join("\n") : "| _none_ | — | — | 0 |"; @@ -236,21 +236,21 @@ function renderDailyEffectiveWorkflowSummary(workflowName, actorLogin, threshold "", "| Statistic | Value |", "| --- | ---: |", - `| 24h total ET | ${formatEffectiveTokens(stats.total)} |`, - `| Threshold | ${formatEffectiveTokens(threshold)} |`, + `| 24h total AIC | ${formatAICCredits(stats.total)} |`, + `| Threshold | ${formatAICCredits(threshold)} |`, `| Threshold used | ${usagePercent}% |`, - `| Remaining headroom | ${formatEffectiveTokens(remainingBudget)} |`, + `| Remaining headroom | ${formatAICCredits(remainingBudget)} |`, `| Runs counted | ${formatInteger(stats.count)} |`, - `| Avg ET / run | ${formatEffectiveTokens(stats.average)} |`, - `| Std dev ET | ${formatEffectiveTokens(stats.stddev)} |`, - `| Min / Max ET | ${formatEffectiveTokens(stats.min)} / ${formatEffectiveTokens(stats.max)} |`, + `| Avg AIC / run | ${formatAICCredits(stats.average)} |`, + `| Std dev AIC | ${formatAICCredits(stats.stddev)} |`, + `| Min / Max AIC | ${formatAICCredits(stats.min)} / ${formatAICCredits(stats.max)} |`, `| API remaining | ${formatInteger(rateLimit.remaining)} / ${formatInteger(rateLimit.limit)} |`, `| API used | ${formatInteger(rateLimit.used)} |`, `| API reset | ${rateLimit.reset || "unknown"} |`, "", "Previous runs counted in the last 24 hours:", "", - "| Run | Created | Conclusion | ET |", + "| Run | Created | Conclusion | AIC |", "| --- | --- | --- | ---: |", runRows, ...(noteLines.length > 0 ? ["", ...noteLines] : []), @@ -261,14 +261,14 @@ function renderDailyEffectiveWorkflowSummary(workflowName, actorLogin, threshold * @param {string} workflowName * @param {string} actorLogin * @param {number} threshold - * @param {Array<{id:number, html_url:string, created_at:string, conclusion:string, effective_tokens:number}>} countedRuns + * @param {Array<{id:number, html_url:string, created_at:string, conclusion:string, aic:number}>} countedRuns * @param {{remaining:number,limit:number,used:number,reset:string}} rateLimit * @param {{candidateRunsCount:number,inspectedRunsCount:number,truncatedByRateLimit:boolean}} meta * @returns {Promise} */ async function appendDailyEffectiveWorkflowSummary(workflowName, actorLogin, threshold, countedRuns, rateLimit, meta) { const markdown = renderDailyEffectiveWorkflowSummary(workflowName, actorLogin, threshold, countedRuns, rateLimit, meta); - core.summary.addDetails("Daily Effective Token Usage (24h)", "\n\n" + markdown); + core.summary.addDetails("Daily AI Credits Usage (24h)", "\n\n" + markdown); await core.summary.write(); } @@ -287,8 +287,9 @@ async function appendDailyEffectiveWorkflowSummary(workflowName, actorLogin, thr async function main() { core.setOutput("daily_effective_workflow_exceeded", "false"); core.setOutput("daily_effective_workflow_total_effective_tokens", ""); + core.setOutput("daily_effective_workflow_total_ai_credits", ""); core.setOutput("daily_effective_workflow_threshold", ""); - const threshold = parsePositiveEffectiveTokenLimitNumber(process.env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS); + const threshold = parsePositiveEffectiveTokenLimitNumber(process.env.GH_AW_MAX_DAILY_AI_CREDITS); if (threshold <= 0) { return; } @@ -405,8 +406,8 @@ async function main() { }); const artifactClient = await getArtifactClient(); - let totalEffectiveTokens = 0; - /** @type {Array<{id:number, html_url:string, created_at:string, conclusion:string, effective_tokens:number}>} */ + let totalAIC = 0; + /** @type {Array<{id:number, html_url:string, created_at:string, conclusion:string, aic:number}>} */ const countedRuns = []; for (const run of candidateRuns) { if (countedRuns.length >= maxInspectableRuns) { @@ -414,27 +415,27 @@ async function main() { break; } try { - const runEffectiveTokens = await getRunEffectiveTokens(artifactClient, run.id, token, owner, repo); - if (runEffectiveTokens <= 0) { - logDailyGuardrail("Skipping run without ET usage artifact data", { + const runAIC = await getRunAIC(artifactClient, run.id, token, owner, repo); + if (runAIC <= 0) { + logDailyGuardrail("Skipping run without AIC usage artifact data", { runId: run.id, - currentEffectiveTokens: totalEffectiveTokens, + currentAIC: totalAIC, threshold, }); continue; } - totalEffectiveTokens += runEffectiveTokens; + totalAIC += runAIC; countedRuns.push({ id: run.id, html_url: run.html_url || "", created_at: run.created_at || "", conclusion: run.conclusion || "", - effective_tokens: runEffectiveTokens, + aic: runAIC, }); - logDailyGuardrail("Updated current ET state", { + logDailyGuardrail("Updated current AIC state", { runId: run.id, - runEffectiveTokens, - currentEffectiveTokens: totalEffectiveTokens, + runAIC, + currentAIC: totalAIC, threshold, countedRunIds: countedRuns.map(item => item.id), }); @@ -443,7 +444,8 @@ async function main() { } } - core.setOutput("daily_effective_workflow_total_effective_tokens", String(totalEffectiveTokens)); + core.setOutput("daily_effective_workflow_total_effective_tokens", String(totalAIC)); + core.setOutput("daily_effective_workflow_total_ai_credits", String(totalAIC)); core.setOutput("daily_effective_workflow_threshold", String(threshold)); /** @type {{candidateRunsCount:number,inspectedRunsCount:number,truncatedByRateLimit:boolean}} */ @@ -452,24 +454,24 @@ async function main() { inspectedRunsCount: countedRuns.length, truncatedByRateLimit, }; - logDailyGuardrail("Completed ET inspection window", { + logDailyGuardrail("Completed AIC inspection window", { candidateRunsCount: summaryMeta.candidateRunsCount, inspectedRunsCount: summaryMeta.inspectedRunsCount, countedRunIds: countedRuns.map(run => run.id), - currentEffectiveTokens: totalEffectiveTokens, + currentAIC: totalAIC, threshold, - exceeded: totalEffectiveTokens > threshold, + exceeded: totalAIC > threshold, }); - if (totalEffectiveTokens <= threshold) { + if (totalAIC <= threshold) { await appendDailyEffectiveWorkflowSummary(workflowName, actorLogin, threshold, countedRuns, rateLimit, summaryMeta); - core.info(`Daily workflow ET guardrail not exceeded (${totalEffectiveTokens}/${threshold}).`); + core.info(`Daily workflow AIC guardrail not exceeded (${totalAIC}/${threshold}).`); return; } core.setOutput("daily_effective_workflow_exceeded", "true"); await appendDailyEffectiveWorkflowSummary(workflowName, actorLogin, threshold, countedRuns, rateLimit, summaryMeta); - core.warning(`Daily workflow ET guardrail exceeded for ${workflowName}: ${totalEffectiveTokens}/${threshold}.`); + core.warning(`Daily workflow AIC guardrail exceeded for ${workflowName}: ${totalAIC}/${threshold}.`); } catch (error) { // Treat any unexpected error as a non-blocking skip so the step never fails the // activation job. The output stays at the default "false", allowing the agent to @@ -483,8 +485,8 @@ module.exports = { shouldSkipDailyEffectiveWorkflowGuardrail, matchesGuardrailArtifactName, findTokenUsageFile, - sumEffectiveTokensFromTokenUsageFile, - calculateDailyEffectiveWorkflowStats, + sumAICFromTokenUsageFile, + calculateDailyAICStats, computeMaxInspectableRuns, renderDailyEffectiveWorkflowSummary, formatDailyGuardrailLogMessage, diff --git a/actions/setup/js/check_daily_effective_workflow_guardrail.test.cjs b/actions/setup/js/check_daily_effective_workflow_guardrail.test.cjs index c86511e80ef..5987415341c 100644 --- a/actions/setup/js/check_daily_effective_workflow_guardrail.test.cjs +++ b/actions/setup/js/check_daily_effective_workflow_guardrail.test.cjs @@ -42,16 +42,16 @@ describe("check_daily_effective_workflow_guardrail", () => { expect(exports.matchesGuardrailArtifactName("activation")).toBe(false); }); - it("sums effective tokens from explicit token-usage entries", () => { + it("sums AI Credits from explicit token-usage entries", () => { const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "daily-guardrail-token-usage-")); const filePath = path.join(tmpDir, "token-usage.jsonl"); - fs.writeFileSync(filePath, [JSON.stringify({ model: "gpt-5.5", effective_tokens: 125 }), JSON.stringify({ model: "gpt-5.5", effective_tokens: 75 })].join("\n"), "utf8"); + fs.writeFileSync(filePath, [JSON.stringify({ model: "gpt-5.5", aic: 1.25 }), JSON.stringify({ model: "gpt-5.5", aic: 0.75 })].join("\n"), "utf8"); - expect(exports.sumEffectiveTokensFromTokenUsageFile(filePath)).toBe(200); + expect(exports.sumAICFromTokenUsageFile(filePath)).toBe(2); }); - it("computes aggregate ET statistics for prior runs", () => { - expect(exports.calculateDailyEffectiveWorkflowStats([{ effective_tokens: 100 }, { effective_tokens: 200 }, { effective_tokens: 300 }])).toEqual({ + it("computes aggregate AIC statistics for prior runs", () => { + expect(exports.calculateDailyAICStats([{ aic: 100 }, { aic: 200 }, { aic: 300 }])).toEqual({ count: 3, total: 600, average: 200, @@ -93,14 +93,14 @@ describe("check_daily_effective_workflow_guardrail", () => { html_url: "https://example.test/runs/11", created_at: "2026-05-31T10:00:00Z", conclusion: "success", - effective_tokens: 1_200_000, + aic: 1_200_000, }, { id: 10, html_url: "https://example.test/runs/10", created_at: "2026-05-31T09:00:00Z", conclusion: "failure", - effective_tokens: 300_000, + aic: 300_000, }, ], { @@ -116,10 +116,10 @@ describe("check_daily_effective_workflow_guardrail", () => { } ); - expect(markdown).toContain("| 24h total ET | 1.5M |"); + expect(markdown).toContain("| 24h total AIC | 1.5M |"); expect(markdown).toContain("| Threshold | 1.5M |"); - expect(markdown).toContain("| Avg ET / run | 750K |"); - expect(markdown).toContain("| Std dev ET | 636.4K |"); + expect(markdown).toContain("| Avg AIC / run | 750K |"); + expect(markdown).toContain("| Std dev AIC | 636.4K |"); expect(markdown).toContain("| [#11](https://example.test/runs/11) | 2026-05-31T10:00:00Z | success | 1.2M |"); expect(markdown).toContain("Stopped early to preserve GitHub API rate limit headroom"); expect(markdown).not.toContain("Guardrail issue:"); @@ -166,7 +166,7 @@ describe("check_daily_effective_workflow_guardrail", () => { global.github = mockGithub; global.context = mockContext; - process.env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS = "1000000"; + process.env.GH_AW_MAX_DAILY_AI_CREDITS = "1000000"; process.env.GH_AW_GITHUB_TOKEN = "fake-token"; try { @@ -180,7 +180,7 @@ describe("check_daily_effective_workflow_guardrail", () => { delete global.core; delete global.github; delete global.context; - delete process.env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS; + delete process.env.GH_AW_MAX_DAILY_AI_CREDITS; delete process.env.GH_AW_GITHUB_TOKEN; } }); diff --git a/actions/setup/js/daily_effective_workflow_helpers.cjs b/actions/setup/js/daily_effective_workflow_helpers.cjs index abc46d9dc77..80ce6e79f26 100644 --- a/actions/setup/js/daily_effective_workflow_helpers.cjs +++ b/actions/setup/js/daily_effective_workflow_helpers.cjs @@ -4,6 +4,7 @@ const fs = require("fs"); const path = require("path"); const { computeEffectiveTokens, formatET } = require("./effective_tokens.cjs"); +const { computeInferenceAIC, formatAIC } = require("./model_costs.cjs"); const TOKEN_USAGE_FILENAME = "token-usage.jsonl"; const TOKEN_USAGE_RELATIVE_PATH = path.join("api-proxy-logs", TOKEN_USAGE_FILENAME); @@ -92,6 +93,54 @@ function sumEffectiveTokensFromTokenUsageFile(filePath) { return total; } +/** + * @param {string} filePath + * @returns {number} + */ +function sumAICFromTokenUsageFile(filePath) { + if (!filePath || !fs.existsSync(filePath)) { + return 0; + } + + const content = fs.readFileSync(filePath, "utf8"); + if (!content.trim()) { + return 0; + } + + let total = 0; + for (const rawLine of content.split("\n")) { + const line = rawLine.trim(); + if (!line || line[0] !== "{") { + continue; + } + + try { + const parsed = JSON.parse(line); + const explicit = Number(parsed?.aic); + if (Number.isFinite(explicit) && explicit > 0) { + total += explicit; + continue; + } + const computed = computeInferenceAIC({ + provider: String(parsed?.provider || ""), + model: String(parsed?.model || ""), + inputTokens: Number(parsed?.input_tokens || 0), + outputTokens: Number(parsed?.output_tokens || 0), + cacheReadTokens: Number(parsed?.cache_read_tokens || 0), + cacheWriteTokens: Number(parsed?.cache_write_tokens || 0), + reasoningTokens: Number(parsed?.reasoning_tokens || 0), + }); + if (Number.isFinite(computed) && computed > 0) { + total += computed; + } + } catch { + // Ignore malformed lines. + } + } + + return total; +} + /** * @param {Array<{effective_tokens:number}>} runs * @returns {{count:number,total:number,average:number,min:number,max:number,stddev:number}} @@ -118,6 +167,32 @@ function calculateDailyEffectiveWorkflowStats(runs) { }; } +/** + * @param {Array<{aic:number}>} runs + * @returns {{count:number,total:number,average:number,min:number,max:number,stddev:number}} + */ +function calculateDailyAICStats(runs) { + const values = runs.map(run => Number(run?.aic || 0)).filter(value => Number.isFinite(value) && value > 0); + if (values.length === 0) { + return { count: 0, total: 0, average: 0, min: 0, max: 0, stddev: 0 }; + } + + const total = values.reduce((sum, value) => sum + value, 0); + const average = total / values.length; + const min = Math.min(...values); + const max = Math.max(...values); + const variance = values.length > 1 ? values.reduce((sum, value) => sum + (value - average) ** 2, 0) / (values.length - 1) : 0; + + return { + count: values.length, + total, + average, + min, + max, + stddev: Math.sqrt(variance), + }; +} + /** * @param {number | undefined} value * @returns {string} @@ -127,9 +202,21 @@ function formatEffectiveTokens(value) { return formatET(safeValue); } +/** + * @param {number | undefined} value + * @returns {string} + */ +function formatAICCredits(value) { + const safeValue = Number.isFinite(value) ? Math.max(0, Number(value || 0)) : 0; + return formatAIC(safeValue); +} + module.exports = { findTokenUsageFile, sumEffectiveTokensFromTokenUsageFile, + sumAICFromTokenUsageFile, calculateDailyEffectiveWorkflowStats, + calculateDailyAICStats, formatEffectiveTokens, + formatAICCredits, }; diff --git a/actions/setup/js/handle_agent_failure.cjs b/actions/setup/js/handle_agent_failure.cjs index f51b29df59a..2f0d2fb2ddf 100644 --- a/actions/setup/js/handle_agent_failure.cjs +++ b/actions/setup/js/handle_agent_failure.cjs @@ -1383,14 +1383,14 @@ function buildStaleLockFileFailedContext(hasStaleLockFileFailed) { } /** - * Build a context string when the 24-hour per-workflow ET guardrail prevented the agent from + * Build a context string when the 24-hour per-workflow AIC guardrail prevented the agent from * starting in the activation job. * @param {boolean} hasDailyEffectiveWorkflowExceeded - Whether the daily workflow quota was exceeded - * @param {string} totalEffectiveTokens - Aggregated ET usage across the last 24 hours + * @param {string} totalAIC - Aggregated AIC usage across the last 24 hours * @param {string} threshold - Configured daily workflow threshold * @returns {string} Formatted context string, or empty string if no failure */ -function buildDailyEffectiveWorkflowExceededContext(hasDailyEffectiveWorkflowExceeded, totalEffectiveTokens, threshold) { +function buildDailyEffectiveWorkflowExceededContext(hasDailyEffectiveWorkflowExceeded, totalAIC, threshold) { if (!hasDailyEffectiveWorkflowExceeded) { return ""; } @@ -1399,7 +1399,7 @@ function buildDailyEffectiveWorkflowExceededContext(hasDailyEffectiveWorkflowExc return ( "\n" + renderTemplateFromFile(templatePath, { - total_effective_tokens: totalEffectiveTokens || "unknown", + total_effective_tokens: totalAIC || "unknown", threshold: threshold || "unknown", }) ); @@ -2111,7 +2111,7 @@ async function main() { core.info(`Effective tokens: ${effectiveTokens || "(none)"}`); core.info(`Configured max effective tokens: ${maxEffectiveTokens || "(none)"}`); core.info(`Effective tokens rate-limit error: ${effectiveTokensRateLimitError}`); - core.info(`Daily workflow ET guardrail exceeded: ${hasDailyEffectiveWorkflowExceeded}`); + core.info(`Daily workflow AIC guardrail exceeded: ${hasDailyEffectiveWorkflowExceeded}`); core.info(`Inference access error: ${inferenceAccessError}`); core.info(`MCP policy error: ${mcpPolicyError}`); core.info(`Agentic engine timeout: ${agenticEngineTimeout}`); diff --git a/actions/setup/js/handle_agent_failure_daily_effective_workflow.test.cjs b/actions/setup/js/handle_agent_failure_daily_effective_workflow.test.cjs index fdf5c70d3d1..d8948166843 100644 --- a/actions/setup/js/handle_agent_failure_daily_effective_workflow.test.cjs +++ b/actions/setup/js/handle_agent_failure_daily_effective_workflow.test.cjs @@ -21,14 +21,14 @@ describe("handle_agent_failure daily workflow ET context", () => { it("renders the daily workflow ET guardrail context when exceeded", () => { const rendered = buildDailyEffectiveWorkflowExceededContext(true, "2500", "2000"); - expect(rendered).toContain("Daily Workflow ET Guardrail Exceeded"); + expect(rendered).toContain("Daily Workflow AIC Guardrail Exceeded"); expect(rendered).toContain("2500"); expect(rendered).toContain("2000"); expect(rendered).not.toContain("Activation Issue:"); // Progressive disclosure sections expect(rendered).toContain("How to raise the daily limit"); - expect(rendered).toContain("max-daily-effective-tokens"); - expect(rendered).toContain("What is the daily effective token guardrail"); + expect(rendered).toContain("max-daily-ai-credits"); + expect(rendered).toContain("What is the daily AI Credits guardrail"); expect(rendered).toContain("How to disable this guardrail"); }); diff --git a/actions/setup/md/daily_effective_workflow_exceeded.md b/actions/setup/md/daily_effective_workflow_exceeded.md index 1ac8c8d8f3c..5113f74c348 100644 --- a/actions/setup/md/daily_effective_workflow_exceeded.md +++ b/actions/setup/md/daily_effective_workflow_exceeded.md @@ -1,17 +1,17 @@ -**⚠️ Daily Workflow ET Guardrail Exceeded**: The agent was not started because the triggering user has already consumed the configured 24-hour effective-token budget for this workflow. +**⚠️ Daily Workflow AIC Guardrail Exceeded**: The agent was not started because the triggering user has already consumed the configured 24-hour AI Credits budget for this workflow. -- **24h ET usage:** `{total_effective_tokens}` effective tokens -- **Configured threshold:** `{threshold}` effective tokens +- **24h AIC usage:** `{total_effective_tokens}` AI Credits +- **Configured threshold:** `{threshold}` AI Credits The agent will resume automatically once the 24-hour rolling window resets. No action is required if the current limit is appropriate for your usage.
How to raise the daily limit -Set `max-daily-effective-tokens` in your workflow frontmatter to a higher value, then recompile: +Set `max-daily-ai-credits` in your workflow frontmatter to a higher value, then recompile: ```yaml -max-daily-effective-tokens: 5M +max-daily-ai-credits: 5M ``` Common suffix shorthands: `K` = thousands, `M` = millions (e.g. `2M` = 2,000,000). @@ -33,11 +33,11 @@ Commit and push the updated `.lock.yml` file.
-What is the daily effective token guardrail? +What is the daily AI Credits guardrail? -The `max-daily-effective-tokens` frontmatter option sets a per-user, per-workflow spending cap measured in *effective tokens* — a normalized unit that accounts for the cost of each model call across the 24-hour window before the current run. +The `max-daily-ai-credits` frontmatter option sets a per-user, per-workflow spending cap measured in *AI Credits* across the 24-hour window before the current run. -When a triggering user's aggregated effective-token usage across all completed runs of this workflow in the last 24 hours exceeds the threshold, the activation job sets the `daily_effective_workflow_exceeded` output to `true` and the agent job is skipped for that run. The conclusion job still runs and creates this report. +When a triggering user's aggregated AI Credits usage across all completed runs of this workflow in the last 24 hours exceeds the threshold, the activation job sets the `daily_effective_workflow_exceeded` output to `true` and the agent job is skipped for that run. The conclusion job still runs and creates this report. The guardrail is evaluated at activation time, not retrospectively, so a single very large run that pushes usage over the threshold only blocks *subsequent* runs in the same window — it does not cancel a run that is already in progress. @@ -48,19 +48,19 @@ The guardrail is evaluated at activation time, not retrospectively, so a single > [!CAUTION] > Disabling this guardrail removes the per-user spending cap. Only disable it if you have -> an alternative mechanism for controlling token usage or if the workflow is intentionally +> an alternative mechanism for controlling AI cost usage or if the workflow is intentionally > uncapped. -Set `max-daily-effective-tokens: -1` in the workflow frontmatter to explicitly disable the guardrail, then recompile: +Set `max-daily-ai-credits: -1` in the workflow frontmatter to explicitly disable the guardrail, then recompile: ```yaml -max-daily-effective-tokens: -1 +max-daily-ai-credits: -1 ``` ```bash gh aw compile ``` -Alternatively, remove the `max-daily-effective-tokens` key entirely to fall back to the enterprise-wide default (if one is configured) or to run with no per-workflow cap. +Alternatively, remove the `max-daily-ai-credits` key entirely to fall back to the enterprise-wide default (if one is configured) or to run with no per-workflow cap.
diff --git a/docs/src/content/docs/reference/cost-management.md b/docs/src/content/docs/reference/cost-management.md index 2e01d0d188d..c6396451e80 100644 --- a/docs/src/content/docs/reference/cost-management.md +++ b/docs/src/content/docs/reference/cost-management.md @@ -268,14 +268,14 @@ environment variable `GH_AW_DEFAULT_MAX_TURNS`. Individual workflows override this default by setting `max-turns` in frontmatter. -### Cap Daily Effective Tokens per Workflow +### Cap Daily AI Credits per Workflow -Use `max-daily-effective-tokens` to set a 24-hour effective-token +Use `max-daily-ai-credits` to set a 24-hour AI Credits cap for one workflow. The guardrail sums runs from the past 24 hours of the same workflow started by the same triggering user. ```aw wrap -max-daily-effective-tokens: 15M +max-daily-ai-credits: 15M ``` You can also configure the same threshold via environment variable @@ -294,6 +294,9 @@ The guardrail is disabled by default when omitted. Set `-1` to disable it explicitly. Positive values accept plain integers or `K`/`M` suffixes such as `100M`. +> [!NOTE] +> `max-daily-effective-tokens` is deprecated. Use `max-daily-ai-credits`. + > [!NOTE] > The daily guardrail is skipped for `workflow_call`, > `repository_dispatch`, and `workflow_dispatch` runs carrying internal diff --git a/docs/src/content/docs/reference/frontmatter.md b/docs/src/content/docs/reference/frontmatter.md index 2f1705bf32d..542c03bf0c0 100644 --- a/docs/src/content/docs/reference/frontmatter.md +++ b/docs/src/content/docs/reference/frontmatter.md @@ -245,24 +245,27 @@ max-effective-tokens: 100M max-effective-tokens: -1 ``` -### Daily Per-Workflow Effective Token Guardrail (`max-daily-effective-tokens:`) +### Daily Per-Workflow AI Credits Guardrail (`max-daily-ai-credits:`) -Sets a 24-hour effective-token cap for a single workflow, aggregated across recent runs of the same workflow started by the triggering user. When the activation job detects that the previous 24 hours already exceed this threshold, it warns, creates an issue, skips the agent job, and lets the conclusion job report the specialized failure context. Use plain integers or `K`/`M` suffixes such as `100000K` or `100M`. +Sets a 24-hour AI Credits cap for a single workflow, aggregated across recent runs of the same workflow started by the triggering user. When the activation job detects that the previous 24 hours already exceed this threshold, it warns, creates an issue, skips the agent job, and lets the conclusion job report the specialized failure context. Use plain integers or `K`/`M` suffixes such as `100000K` or `100M`. This guardrail is disabled by default when omitted, and `-1` explicitly disables it. This guardrail is skipped for `workflow_call`, `repository_dispatch`, and `workflow_dispatch` runs that carry internal `aw_context` dispatch metadata. +> [!NOTE] +> `max-daily-effective-tokens` is deprecated. Use `max-daily-ai-credits` instead. + ```yaml wrap -max-daily-effective-tokens: 15M +max-daily-ai-credits: 15M ``` ```yaml wrap # Equivalent shorthand -max-daily-effective-tokens: 100M +max-daily-ai-credits: 100M ``` ```yaml wrap # Disable the guardrail explicitly -max-daily-effective-tokens: -1 +max-daily-ai-credits: -1 ``` ### Secrets (`secrets:`) diff --git a/docs/src/content/docs/reference/glossary.md b/docs/src/content/docs/reference/glossary.md index 84bb6cf082a..240edcbe202 100644 --- a/docs/src/content/docs/reference/glossary.md +++ b/docs/src/content/docs/reference/glossary.md @@ -501,12 +501,12 @@ max-effective-tokens: 5M See [Effective Tokens Specification](/gh-aw/reference/effective-tokens-specification/) and [Cost Management](/gh-aw/reference/cost-management/). -### Max Daily Effective Tokens (`max-daily-effective-tokens`) +### Max Daily AI Credits (`max-daily-ai-credits`) -A top-level frontmatter field that sets a 24-hour effective-token cap for a single workflow, aggregated across recent runs of the same workflow triggered by the same user. When the activation job detects that the previous 24 hours already exceed this threshold, it warns, creates an issue, skips the agent job, and reports a specialized failure. Disabled by default when omitted. Set to `-1` to explicitly disable it. Accepts plain integers or `K`/`M` suffixes (e.g., `100M`). Skipped for `workflow_call`, `repository_dispatch`, and `workflow_dispatch` runs carrying internal `aw_context` dispatch metadata. Example: +A top-level frontmatter field that sets a 24-hour AI Credits cap for a single workflow, aggregated across recent runs of the same workflow triggered by the same user. When the activation job detects that the previous 24 hours already exceed this threshold, it warns, creates an issue, skips the agent job, and reports a specialized failure. Disabled by default when omitted. Set to `-1` to explicitly disable it. Accepts plain integers or `K`/`M` suffixes (e.g., `100M`). Skipped for `workflow_call`, `repository_dispatch`, and `workflow_dispatch` runs carrying internal `aw_context` dispatch metadata. Example: ```aw wrap -max-daily-effective-tokens: 15M +max-daily-ai-credits: 15M ``` See [Cost Management](/gh-aw/reference/cost-management/) and [Compiler Enterprise Environment Controls](/gh-aw/reference/compiler-enterprise-environment-controls/). diff --git a/pkg/cli/env_command.go b/pkg/cli/env_command.go index bddd8d59c20..ea7d1c3a093 100644 --- a/pkg/cli/env_command.go +++ b/pkg/cli/env_command.go @@ -29,6 +29,7 @@ const ( type defaultsFile struct { DefaultMaxEffectiveTokens *string `yaml:"default_max_effective_tokens"` + DefaultMaxDailyAICredits *string `yaml:"default_max_daily_ai_credits"` DefaultMaxDailyEffectiveTokens *string `yaml:"default_max_daily_effective_tokens"` DefaultMaxTurns *string `yaml:"default_max_turns"` DefaultTimeoutMinutes *string `yaml:"default_timeout_minutes"` @@ -93,6 +94,7 @@ func (e *defaultsGHError) Unwrap() error { var defaultsBindings = []defaultsBinding{ {envName: compilerenv.DefaultMaxEffectiveTokens, fieldName: "default_max_effective_tokens", get: func(f *defaultsFile) **string { return &f.DefaultMaxEffectiveTokens }}, + {envName: compilerenv.DefaultMaxDailyAICredits, fieldName: "default_max_daily_ai_credits", get: func(f *defaultsFile) **string { return &f.DefaultMaxDailyAICredits }}, {envName: compilerenv.DefaultMaxDailyEffectiveTokens, fieldName: "default_max_daily_effective_tokens", get: func(f *defaultsFile) **string { return &f.DefaultMaxDailyEffectiveTokens }}, {envName: compilerenv.DefaultMaxTurns, fieldName: "default_max_turns", get: func(f *defaultsFile) **string { return &f.DefaultMaxTurns }}, {envName: compilerenv.DefaultTimeoutMinutes, fieldName: "default_timeout_minutes", get: func(f *defaultsFile) **string { return &f.DefaultTimeoutMinutes }}, @@ -301,6 +303,7 @@ func defaultsValidateFile(file *defaultsFile) error { } validateNonZeroInt("default_max_effective_tokens", file.DefaultMaxEffectiveTokens) + validateNonZeroInt("default_max_daily_ai_credits", file.DefaultMaxDailyAICredits) validateNonZeroInt("default_max_daily_effective_tokens", file.DefaultMaxDailyEffectiveTokens) validatePositiveInt("default_max_turns", file.DefaultMaxTurns) validatePositiveInt("default_timeout_minutes", file.DefaultTimeoutMinutes) diff --git a/pkg/cli/env_command_test.go b/pkg/cli/env_command_test.go index 93d765f5e92..56a9fab9708 100644 --- a/pkg/cli/env_command_test.go +++ b/pkg/cli/env_command_test.go @@ -72,6 +72,7 @@ func TestResolveDefaultsTarget(t *testing.T) { func TestDefaultsFileYAMLKeys(t *testing.T) { file := defaultsFile{ DefaultMaxEffectiveTokens: new("10000"), + DefaultMaxDailyAICredits: new("500000"), DefaultMaxDailyEffectiveTokens: new("250000"), DefaultMaxTurns: new("42"), DefaultTimeoutMinutes: new("90"), @@ -87,6 +88,7 @@ func TestDefaultsFileYAMLKeys(t *testing.T) { yml := string(data) assert.Contains(t, yml, "default_max_effective_tokens:") + assert.Contains(t, yml, "default_max_daily_ai_credits:") assert.Contains(t, yml, "default_max_daily_effective_tokens:") assert.Contains(t, yml, "default_max_turns:") assert.Contains(t, yml, "default_timeout_minutes:") @@ -133,6 +135,7 @@ func TestDefaultsValidateFile(t *testing.T) { t.Run("accepts valid values", func(t *testing.T) { err := defaultsValidateFile(&defaultsFile{ DefaultMaxEffectiveTokens: new("-1"), + DefaultMaxDailyAICredits: new("500000"), DefaultMaxTurns: new("12"), DefaultTimeoutMinutes: new("30"), DefaultDetectionModel: new("claude-sonnet-4.6"), @@ -147,6 +150,7 @@ func TestDefaultsValidateFile(t *testing.T) { t.Run("rejects invalid numeric and empty model values", func(t *testing.T) { err := defaultsValidateFile(&defaultsFile{ DefaultMaxEffectiveTokens: new("0"), + DefaultMaxDailyAICredits: new("0"), DefaultMaxDailyEffectiveTokens: new("0"), DefaultMaxTurns: new("abc"), DefaultTimeoutMinutes: new("0"), @@ -155,6 +159,7 @@ func TestDefaultsValidateFile(t *testing.T) { }) require.Error(t, err) assert.Contains(t, err.Error(), "default_max_effective_tokens must be a non-zero integer when set") + assert.Contains(t, err.Error(), "default_max_daily_ai_credits must be a non-zero integer when set") assert.Contains(t, err.Error(), "default_max_daily_effective_tokens must be a non-zero integer when set") assert.Contains(t, err.Error(), "default_max_turns must be a positive integer when set") assert.Contains(t, err.Error(), "default_timeout_minutes must be a positive integer when set") @@ -184,12 +189,14 @@ func TestDefaultsBuildUpdateChanges(t *testing.T) { assert.Equal(t, "default_max_effective_tokens", changes[0].field) assert.Equal(t, "10000", changes[0].value) assert.False(t, changes[0].delete) - assert.Equal(t, "default_max_daily_effective_tokens", changes[1].field) + assert.Equal(t, "default_max_daily_ai_credits", changes[1].field) assert.True(t, changes[1].delete) - assert.Equal(t, "default_max_turns", changes[2].field) + assert.Equal(t, "default_max_daily_effective_tokens", changes[2].field) assert.True(t, changes[2].delete) - assert.Equal(t, "default_utc", changes[5].field) - assert.True(t, changes[5].delete) + assert.Equal(t, "default_max_turns", changes[3].field) + assert.True(t, changes[3].delete) + assert.Equal(t, "default_utc", changes[6].field) + assert.True(t, changes[6].delete) assert.Equal(t, "default_model_codex", changes[len(changes)-1].field) assert.Equal(t, "gpt-5.5", changes[len(changes)-1].value) } diff --git a/pkg/parser/import_field_extractor.go b/pkg/parser/import_field_extractor.go index ae6a8edbad7..1128b5bc152 100644 --- a/pkg/parser/import_field_extractor.go +++ b/pkg/parser/import_field_extractor.go @@ -73,7 +73,7 @@ type importAccumulator struct { // These express a model preference without selecting a specific engine. mergedEngineModel string // First top-level max-turns / max-runs / max-effective-tokens / - // max-daily-effective-tokens + // max-daily-ai-credits (or deprecated max-daily-effective-tokens) // found across imports (first-wins). // Values are stored as JSON-encoded raw values so numeric literals and strings // round-trip consistently through import processing. @@ -360,6 +360,7 @@ func (acc *importAccumulator) extractConfigFields(fm map[string]any, fullPath st acc.extractFirstWinsJSONField(fm, fullPath, "max-turns", &acc.mergedMaxTurns) acc.extractFirstWinsJSONField(fm, fullPath, "max-runs", &acc.mergedMaxRuns) acc.extractFirstWinsJSONField(fm, fullPath, "max-effective-tokens", &acc.mergedMaxEffectiveTokens) + acc.extractFirstWinsJSONField(fm, fullPath, "max-daily-ai-credits", &acc.mergedMaxDailyEffectiveTokens) acc.extractFirstWinsJSONField(fm, fullPath, "max-daily-effective-tokens", &acc.mergedMaxDailyEffectiveTokens) acc.appendJSONBuilderField(fm, "mcp-servers", "{}", &acc.mcpServersBuilder) diff --git a/pkg/parser/import_field_extractor_test.go b/pkg/parser/import_field_extractor_test.go index ad5e54c37e5..2e7394b28b9 100644 --- a/pkg/parser/import_field_extractor_test.go +++ b/pkg/parser/import_field_extractor_test.go @@ -649,7 +649,8 @@ func TestExtractConfigFields_FirstWinsAndAccumulates(t *testing.T) { "max-turns": 10, "max-runs": 3, "max-effective-tokens": 2048, - "max-daily-effective-tokens": 4096, + "max-daily-ai-credits": 4096, + "max-daily-effective-tokens": 1111, "mcp-servers": map[string]any{"server-a": map[string]any{"url": "https://a.example.com"}}, "safe-outputs": map[string]any{"enabled": true}, "mcp-scripts": map[string]any{"setup": "echo first"}, @@ -662,6 +663,7 @@ func TestExtractConfigFields_FirstWinsAndAccumulates(t *testing.T) { "max-turns": 99, "max-runs": 88, "max-effective-tokens": 77, + "max-daily-ai-credits": 66, "max-daily-effective-tokens": 66, "mcp-servers": map[string]any{"server-b": map[string]any{"url": "https://b.example.com"}}, "safe-outputs": map[string]any{"mode": "strict"}, @@ -678,7 +680,7 @@ func TestExtractConfigFields_FirstWinsAndAccumulates(t *testing.T) { assert.Equal(t, "10", acc.mergedMaxTurns, "max-turns should be first-wins") assert.Equal(t, "3", acc.mergedMaxRuns, "max-runs should be first-wins") assert.Equal(t, "2048", acc.mergedMaxEffectiveTokens, "max-effective-tokens should be first-wins") - assert.Equal(t, "4096", acc.mergedMaxDailyEffectiveTokens, "max-daily-effective-tokens should be first-wins") + assert.Equal(t, "4096", acc.mergedMaxDailyEffectiveTokens, "max-daily-ai-credits should be first-wins with deprecated fallback") assert.Len(t, acc.safeOutputs, 2, "safe-outputs should accumulate across imports") assert.Len(t, acc.mcpScripts, 2, "mcp-scripts should accumulate across imports") diff --git a/pkg/parser/import_processor.go b/pkg/parser/import_processor.go index bb3dad84957..58a80b1e3c1 100644 --- a/pkg/parser/import_processor.go +++ b/pkg/parser/import_processor.go @@ -66,7 +66,7 @@ type ImportsResult struct { MergedMaxTurns string // First max-turns value found across all imports (JSON-encoded, first-wins) MergedMaxRuns string // First max-runs value found across all imports (JSON-encoded, first-wins) MergedMaxEffectiveTokens string // First max-effective-tokens value found across all imports (JSON-encoded, first-wins) - MergedMaxDailyEffectiveTokens string // First max-daily-effective-tokens value found across all imports (JSON-encoded, first-wins) + MergedMaxDailyEffectiveTokens string // First max-daily-ai-credits (or deprecated max-daily-effective-tokens) value found across all imports (JSON-encoded, first-wins) ImportedFiles []string // List of imported file paths (for manifest) AgentFile string // Path to custom agent file (if imported) AgentImportSpec string // Original import specification for agent file (e.g., "owner/repo/path@ref") diff --git a/pkg/parser/schema_test.go b/pkg/parser/schema_test.go index 955d8554e9e..ef5b4ff8648 100644 --- a/pkg/parser/schema_test.go +++ b/pkg/parser/schema_test.go @@ -523,15 +523,15 @@ func TestValidateMainWorkflowFrontmatterWithSchemaAndLocation_MaxLimitsAllowExpr t.Parallel() validFrontmatter := map[string]any{ - "on": "push", - "max-runs": "${{ inputs.max-runs }}", - "max-effective-tokens": "${{ inputs.max-effective-tokens }}", - "max-daily-effective-tokens": "${{ inputs.max-daily-effective-tokens }}", + "on": "push", + "max-runs": "${{ inputs.max-runs }}", + "max-effective-tokens": "${{ inputs.max-effective-tokens }}", + "max-daily-ai-credits": "${{ inputs.max-daily-ai-credits }}", } err := ValidateMainWorkflowFrontmatterWithSchemaAndLocation(validFrontmatter, "/tmp/gh-aw/max-limits-expression-test.md") if err != nil { - t.Fatalf("expected max-runs/max-effective-tokens/max-daily-effective-tokens expressions to pass schema validation, got: %v", err) + t.Fatalf("expected max-runs/max-effective-tokens/max-daily-ai-credits expressions to pass schema validation, got: %v", err) } } @@ -539,14 +539,14 @@ func TestValidateMainWorkflowFrontmatterWithSchemaAndLocation_MaxLimitsAllowSuff t.Parallel() validFrontmatter := map[string]any{ - "on": "push", - "max-effective-tokens": "100M", - "max-daily-effective-tokens": "100k", + "on": "push", + "max-effective-tokens": "100M", + "max-daily-ai-credits": "100k", } err := ValidateMainWorkflowFrontmatterWithSchemaAndLocation(validFrontmatter, "/tmp/gh-aw/max-limits-suffix-test.md") if err != nil { - t.Fatalf("expected max-effective-tokens/max-daily-effective-tokens suffix strings to pass schema validation, got: %v", err) + t.Fatalf("expected max-effective-tokens/max-daily-ai-credits suffix strings to pass schema validation, got: %v", err) } } @@ -554,14 +554,14 @@ func TestValidateMainWorkflowFrontmatterWithSchemaAndLocation_MaxLimitsAllowSuff t.Parallel() validFrontmatter := map[string]any{ - "on": "push", - "max-effective-tokens": "100k", - "max-daily-effective-tokens": "100M", + "on": "push", + "max-effective-tokens": "100k", + "max-daily-ai-credits": "100M", } err := ValidateMainWorkflowFrontmatterWithSchemaAndLocation(validFrontmatter, "/tmp/gh-aw/max-limits-suffix-case-variants-test.md") if err != nil { - t.Fatalf("expected max-effective-tokens/max-daily-effective-tokens suffix case variants to pass schema validation, got: %v", err) + t.Fatalf("expected max-effective-tokens/max-daily-ai-credits suffix case variants to pass schema validation, got: %v", err) } } @@ -579,45 +579,45 @@ func TestValidateMainWorkflowFrontmatterWithSchemaAndLocation_MaxEffectiveTokens } } -func TestValidateMainWorkflowFrontmatterWithSchemaAndLocation_MaxDailyEffectiveTokensZeroInvalid(t *testing.T) { +func TestValidateMainWorkflowFrontmatterWithSchemaAndLocation_MaxDailyAICreditsZeroInvalid(t *testing.T) { t.Parallel() invalidFrontmatter := map[string]any{ - "on": "push", - "max-daily-effective-tokens": 0, + "on": "push", + "max-daily-ai-credits": 0, } - err := ValidateMainWorkflowFrontmatterWithSchemaAndLocation(invalidFrontmatter, "/tmp/gh-aw/max-daily-effective-tokens-zero-integer-test.md") + err := ValidateMainWorkflowFrontmatterWithSchemaAndLocation(invalidFrontmatter, "/tmp/gh-aw/max-daily-ai-credits-zero-integer-test.md") if err == nil { - t.Fatal("expected max-daily-effective-tokens=0 to fail schema validation") + t.Fatal("expected max-daily-ai-credits=0 to fail schema validation") } } -func TestValidateMainWorkflowFrontmatterWithSchemaAndLocation_MaxDailyEffectiveTokensStringZeroInvalid(t *testing.T) { +func TestValidateMainWorkflowFrontmatterWithSchemaAndLocation_MaxDailyAICreditsStringZeroInvalid(t *testing.T) { t.Parallel() invalidFrontmatter := map[string]any{ - "on": "push", - "max-daily-effective-tokens": "0", + "on": "push", + "max-daily-ai-credits": "0", } - err := ValidateMainWorkflowFrontmatterWithSchemaAndLocation(invalidFrontmatter, "/tmp/gh-aw/max-daily-effective-tokens-zero-string-test.md") + err := ValidateMainWorkflowFrontmatterWithSchemaAndLocation(invalidFrontmatter, "/tmp/gh-aw/max-daily-ai-credits-zero-string-test.md") if err == nil { - t.Fatal("expected max-daily-effective-tokens='0' to fail schema validation") + t.Fatal("expected max-daily-ai-credits='0' to fail schema validation") } } -func TestValidateMainWorkflowFrontmatterWithSchemaAndLocation_MaxDailyEffectiveTokensNegativeAllowed(t *testing.T) { +func TestValidateMainWorkflowFrontmatterWithSchemaAndLocation_MaxDailyAICreditsNegativeAllowed(t *testing.T) { t.Parallel() validFrontmatter := map[string]any{ - "on": "push", - "max-daily-effective-tokens": -1, + "on": "push", + "max-daily-ai-credits": -1, } - err := ValidateMainWorkflowFrontmatterWithSchemaAndLocation(validFrontmatter, "/tmp/gh-aw/max-daily-effective-tokens-negative-test.md") + err := ValidateMainWorkflowFrontmatterWithSchemaAndLocation(validFrontmatter, "/tmp/gh-aw/max-daily-ai-credits-negative-test.md") if err != nil { - t.Fatalf("expected negative max-daily-effective-tokens to pass schema validation, got: %v", err) + t.Fatalf("expected negative max-daily-ai-credits to pass schema validation, got: %v", err) } } diff --git a/pkg/parser/schemas/main_workflow_schema.json b/pkg/parser/schemas/main_workflow_schema.json index 84e35f82a20..a877a53942b 100644 --- a/pkg/parser/schemas/main_workflow_schema.json +++ b/pkg/parser/schemas/main_workflow_schema.json @@ -3693,7 +3693,13 @@ }, "max-daily-effective-tokens": { "$ref": "#/$defs/max_daily_effective_tokens_limit", - "description": "24-hour effective-token guardrail for runs triggered by the same user. Omit the field to leave the guardrail disabled. Supports GitHub Actions expressions." + "description": "24-hour effective-token guardrail for runs triggered by the same user. Omit the field to leave the guardrail disabled. Supports GitHub Actions expressions.", + "deprecated": true, + "x-deprecation-message": "'max-daily-effective-tokens' is deprecated. Use 'max-daily-ai-credits' instead." + }, + "max-daily-ai-credits": { + "$ref": "#/$defs/max_daily_ai_credits_limit", + "description": "24-hour AI Credits guardrail for runs triggered by the same user. Omit the field to leave the guardrail disabled. Supports GitHub Actions expressions." }, "max-runs": { "$ref": "#/$defs/templatable_integer", @@ -10488,6 +10494,17 @@ } ] }, + "positive_ai_credits_limit": { + "oneOf": [ + { + "type": "integer", + "minimum": 1 + }, + { + "$ref": "#/$defs/positive_integer_with_km_suffix_or_expression" + } + ] + }, "max_effective_tokens_limit": { "description": "Maximum effective-token (ET) budget for AWF API proxy enforcement. Accepts positive integers (including K/M suffix strings and expressions). Use a negative integer to disable budget enforcement and token steering.", "oneOf": [ @@ -10516,6 +10533,22 @@ } ] }, + "max_daily_ai_credits_limit": { + "description": "Maximum AI Credits budget allowed across the last 24 hours for runs of this workflow by the triggering user. Accepts positive integers (including K/M suffix strings and expressions). Set to -1 to disable.", + "oneOf": [ + { + "$ref": "#/$defs/positive_ai_credits_limit" + }, + { + "type": "integer", + "const": -1 + }, + { + "type": "string", + "pattern": "^-1$" + } + ] + }, "job_strategy": { "type": "object", "description": "Matrix strategy for the job. Defines multiple job configurations using matrix variables.", diff --git a/pkg/workflow/compiler_activation_job_builder.go b/pkg/workflow/compiler_activation_job_builder.go index 381bae48d90..6ec2a3eff28 100644 --- a/pkg/workflow/compiler_activation_job_builder.go +++ b/pkg/workflow/compiler_activation_job_builder.go @@ -106,7 +106,7 @@ func (c *Compiler) newActivationJobBuildContext( enableArtifactClient := hasMaxDailyEffectiveTokensGuardrail(ctx.data) artifactClientCondition := "" if enableArtifactClient { - artifactClientCondition = maxDailyEffectiveTokensConfiguredIfExpr + artifactClientCondition = maxDailyAICreditsConfiguredIfExpr } ctx.steps = append(ctx.steps, c.generateSetupStepWithArtifactClientCondition(ctx.data, setupActionRef, SetupActionDestination, enableArtifactClient, activationSetupTraceID, activationSetupParentSpanID, artifactClientCondition)...) ctx.outputs["setup-trace-id"] = "${{ steps.setup.outputs.trace-id }}" @@ -263,7 +263,7 @@ func (c *Compiler) buildActivationDailyEffectiveWorkflowGuardrailStep(data *Work var steps []string steps = append(steps, " - name: Check daily workflow token guardrail\n") steps = append(steps, " id: daily-effective-workflow-guardrail\n") - steps = append(steps, fmt.Sprintf(" if: %s\n", maxDailyEffectiveTokensConfiguredIfExpr)) + steps = append(steps, fmt.Sprintf(" if: %s\n", maxDailyAICreditsConfiguredIfExpr)) steps = append(steps, fmt.Sprintf(" uses: %s\n", getCachedActionPin("actions/github-script", data))) steps = append(steps, " env:\n") steps = append(steps, fmt.Sprintf(" GH_AW_WORKFLOW_NAME: %q\n", data.Name)) @@ -271,7 +271,7 @@ func (c *Compiler) buildActivationDailyEffectiveWorkflowGuardrailStep(data *Work steps = append(steps, " GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n") steps = append(steps, " GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }}\n") steps = append(steps, fmt.Sprintf(" GH_AW_GITHUB_TOKEN: %s\n", c.resolveActivationToken(data))) - steps = append(steps, buildTemplatableIntEnvVar("GH_AW_MAX_DAILY_EFFECTIVE_TOKENS", data.MaxDailyEffectiveTokens)...) + steps = append(steps, buildTemplatableIntEnvVar(maxDailyAICreditsEnvVar, data.MaxDailyEffectiveTokens)...) steps = append(steps, " with:\n") steps = append(steps, fmt.Sprintf(" github-token: %s\n", c.resolveActivationToken(data))) steps = append(steps, " script: |\n") @@ -662,7 +662,7 @@ func buildDailyEffectiveWorkflowActivationJobEnv(data *WorkflowData) map[string] return nil } if isExpression(value) { - return map[string]string{maxDailyEffectiveTokensEnvVar: value} + return map[string]string{maxDailyAICreditsEnvVar: value} } - return map[string]string{maxDailyEffectiveTokensEnvVar: strconv.Quote(value)} + return map[string]string{maxDailyAICreditsEnvVar: strconv.Quote(value)} } diff --git a/pkg/workflow/compiler_validators.go b/pkg/workflow/compiler_validators.go index 65055afeb8f..316ba6a8b27 100644 --- a/pkg/workflow/compiler_validators.go +++ b/pkg/workflow/compiler_validators.go @@ -163,7 +163,7 @@ func (c *Compiler) validateCoreToolConfiguration(workflowData *WorkflowData, mar {logMessage: "Validating safe-outputs allow-workflows", validateFn: func() error { return validateSafeOutputsAllowWorkflows(workflowData.SafeOutputs) }}, {logMessage: "Validating labels", validateFn: func() error { return validateLabels(workflowData) }}, {logMessage: "Validating workflow_dispatch input requirements for command triggers", validateFn: func() error { return validateCommandWorkflowDispatchInputs(workflowData) }}, - {logMessage: "Validating max-daily-effective-tokens frontmatter", validateFn: func() error { return validateMaxDailyEffectiveTokensFrontmatter(workflowData) }}, + {logMessage: "Validating max-daily-ai-credits frontmatter", validateFn: func() error { return validateMaxDailyEffectiveTokensFrontmatter(workflowData) }}, } // This validation is intentionally outside the table below because strict mode // turns the same validation result into either an error or a warning. diff --git a/pkg/workflow/compilerenv/manager.go b/pkg/workflow/compilerenv/manager.go index cbe591d38db..e3975be791d 100644 --- a/pkg/workflow/compilerenv/manager.go +++ b/pkg/workflow/compilerenv/manager.go @@ -16,9 +16,15 @@ const ( // DefaultMaxEffectiveTokens is the enterprise override for AWF apiProxy.maxEffectiveTokens // when max-effective-tokens is not explicitly configured in workflow frontmatter. DefaultMaxEffectiveTokens = "GH_AW_DEFAULT_MAX_EFFECTIVE_TOKENS" + // DefaultMaxDailyAICredits is the enterprise override for the top-level + // max-daily-ai-credits guardrail when it is not explicitly configured in + // workflow frontmatter. + DefaultMaxDailyAICredits = "GH_AW_DEFAULT_MAX_DAILY_AI_CREDITS" // DefaultMaxDailyEffectiveTokens is the enterprise override for the top-level // max-daily-effective-tokens guardrail when it is not explicitly configured in // workflow frontmatter. + // + // Deprecated: use DefaultMaxDailyAICredits (GH_AW_DEFAULT_MAX_DAILY_AI_CREDITS) instead. DefaultMaxDailyEffectiveTokens = "GH_AW_DEFAULT_MAX_DAILY_EFFECTIVE_TOKENS" // DefaultMaxTurns is the enterprise override for max-turns when it is not // explicitly configured in workflow frontmatter. @@ -61,9 +67,31 @@ func ResolveDefaultMaxEffectiveTokens(fallback int64) int64 { return fallback } +// ResolveDefaultMaxDailyAICredits returns the resolved daily AI Credits guardrail +// default, checking the enterprise env var GH_AW_DEFAULT_MAX_DAILY_AI_CREDITS. +// Falls back to fallback (built-in default) when the env var is unset or invalid. +// +// A value of -1 is preserved to allow explicitly disabling the guardrail. +func ResolveDefaultMaxDailyAICredits(fallback string) string { + if raw := strings.TrimSpace(os.Getenv(DefaultMaxDailyAICredits)); raw != "" { + if raw == "-1" { + managerLog.Printf("Applying enterprise override %s=%q (fallback was %q)", DefaultMaxDailyAICredits, raw, fallback) + return "-1" + } + if normalized, ok := typeutil.NormalizeInt64KMSuffix(raw); ok { + managerLog.Printf("Applying enterprise override %s=%q (fallback was %q)", DefaultMaxDailyAICredits, normalized, fallback) + return normalized + } + managerLog.Printf("Invalid %s=%q, using fallback=%q", DefaultMaxDailyAICredits, raw, fallback) + } + return fallback +} + // ResolveDefaultMaxDailyEffectiveTokens returns fallback when the env var is // unset/invalid, otherwise returns the parsed override as a normalized string. // A value of -1 is preserved to allow explicitly disabling the guardrail. +// +// Deprecated: use ResolveDefaultMaxDailyAICredits instead. func ResolveDefaultMaxDailyEffectiveTokens(fallback string) string { raw := strings.TrimSpace(os.Getenv(DefaultMaxDailyEffectiveTokens)) if raw == "" { diff --git a/pkg/workflow/compilerenv/manager_test.go b/pkg/workflow/compilerenv/manager_test.go index ccfe591731d..c86f7966e1f 100644 --- a/pkg/workflow/compilerenv/manager_test.go +++ b/pkg/workflow/compilerenv/manager_test.go @@ -65,6 +65,38 @@ func TestResolveDefaultMaxDailyEffectiveTokens(t *testing.T) { }) } +func TestResolveDefaultMaxDailyAICredits(t *testing.T) { + t.Run("unset uses fallback", func(t *testing.T) { + t.Setenv(DefaultMaxDailyAICredits, "") + assert.Equal(t, "500000", ResolveDefaultMaxDailyAICredits("500000")) + }) + + t.Run("invalid uses fallback", func(t *testing.T) { + t.Setenv(DefaultMaxDailyAICredits, "abc") + assert.Equal(t, "500000", ResolveDefaultMaxDailyAICredits("500000")) + }) + + t.Run("zero uses fallback", func(t *testing.T) { + t.Setenv(DefaultMaxDailyAICredits, "0") + assert.Equal(t, "500000", ResolveDefaultMaxDailyAICredits("500000")) + }) + + t.Run("valid value overrides fallback", func(t *testing.T) { + t.Setenv(DefaultMaxDailyAICredits, "1000000") + assert.Equal(t, "1000000", ResolveDefaultMaxDailyAICredits("500000")) + }) + + t.Run("suffix value overrides fallback", func(t *testing.T) { + t.Setenv(DefaultMaxDailyAICredits, "2M") + assert.Equal(t, "2000000", ResolveDefaultMaxDailyAICredits("500000")) + }) + + t.Run("disables guardrail with -1", func(t *testing.T) { + t.Setenv(DefaultMaxDailyAICredits, "-1") + assert.Equal(t, "-1", ResolveDefaultMaxDailyAICredits("500000")) + }) +} + func TestBuildDefaultMaxTurnsExpression(t *testing.T) { assert.Equal(t, "${{ vars.GH_AW_DEFAULT_MAX_TURNS || '' }}", diff --git a/pkg/workflow/daily_effective_workflow.go b/pkg/workflow/daily_effective_workflow.go index 33a11058194..a5c61dfb508 100644 --- a/pkg/workflow/daily_effective_workflow.go +++ b/pkg/workflow/daily_effective_workflow.go @@ -12,9 +12,10 @@ import ( var dailyEffectiveWorkflowLog = logger.New("workflow:daily_effective_workflow") -const maxDailyEffectiveTokensField = "max-daily-effective-tokens" -const maxDailyEffectiveTokensEnvVar = "GH_AW_MAX_DAILY_EFFECTIVE_TOKENS" -const maxDailyEffectiveTokensConfiguredIfExpr = "${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }}" +const maxDailyAICreditsField = "max-daily-ai-credits" +const maxDailyEffectiveTokensField = "max-daily-effective-tokens" // deprecated +const maxDailyAICreditsEnvVar = "GH_AW_MAX_DAILY_AI_CREDITS" +const maxDailyAICreditsConfiguredIfExpr = "${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }}" // parseMaxDailyEffectiveTokensValue normalizes max-daily-effective-tokens // frontmatter values into a runtime-ready string. @@ -70,27 +71,31 @@ func resolveMaxDailyEffectiveTokensFromRaw(raw any) (*string, bool) { } func resolveMaxDailyEffectiveTokens(frontmatter map[string]any, importedJSON string) *string { + if value, found := resolveMaxDailyEffectiveTokensFromRaw(frontmatter[maxDailyAICreditsField]); found { + dailyEffectiveWorkflowLog.Print("Resolved max-daily-ai-credits from workflow frontmatter") + return value + } if value, found := resolveMaxDailyEffectiveTokensFromRaw(frontmatter[maxDailyEffectiveTokensField]); found { - dailyEffectiveWorkflowLog.Print("Resolved max-daily-effective-tokens from workflow frontmatter") + dailyEffectiveWorkflowLog.Print("Resolved deprecated max-daily-effective-tokens from workflow frontmatter") return value } if importedJSON == "" { - dailyEffectiveWorkflowLog.Print("No frontmatter value and no imported config; falling back to default max-daily-effective-tokens") - defaultValue := compilerenv.ResolveDefaultMaxDailyEffectiveTokens("") + dailyEffectiveWorkflowLog.Print("No frontmatter value and no imported config; falling back to default max-daily-ai-credits") + defaultValue := compilerenv.ResolveDefaultMaxDailyAICredits("500000") return parseMaxDailyEffectiveTokensValue(defaultValue) } var imported any if err := json.Unmarshal([]byte(importedJSON), &imported); err != nil { - dailyEffectiveWorkflowLog.Printf("Failed to unmarshal imported max-daily-effective-tokens JSON, using default: %v", err) - defaultValue := compilerenv.ResolveDefaultMaxDailyEffectiveTokens("") + dailyEffectiveWorkflowLog.Printf("Failed to unmarshal imported max-daily-ai-credits JSON, using default: %v", err) + defaultValue := compilerenv.ResolveDefaultMaxDailyAICredits("500000") return parseMaxDailyEffectiveTokensValue(defaultValue) } if value, found := resolveMaxDailyEffectiveTokensFromRaw(imported); found { - dailyEffectiveWorkflowLog.Print("Resolved max-daily-effective-tokens from imported config") + dailyEffectiveWorkflowLog.Print("Resolved max-daily-ai-credits from imported config") return value } - dailyEffectiveWorkflowLog.Print("Imported config did not provide a usable value; falling back to default max-daily-effective-tokens") - defaultValue := compilerenv.ResolveDefaultMaxDailyEffectiveTokens("") + dailyEffectiveWorkflowLog.Print("Imported config did not provide a usable value; falling back to default max-daily-ai-credits") + defaultValue := compilerenv.ResolveDefaultMaxDailyAICredits("500000") return parseMaxDailyEffectiveTokensValue(defaultValue) } @@ -104,6 +109,9 @@ func hasWorkflowExplicitMaxDailyEffectiveTokensDisable(data *WorkflowData) bool if data == nil || data.RawFrontmatter == nil { return false } + if isMaxDailyEffectiveTokensDisabled(data.RawFrontmatter[maxDailyAICreditsField]) { + return true + } return isMaxDailyEffectiveTokensDisabled(data.RawFrontmatter[maxDailyEffectiveTokensField]) } @@ -116,19 +124,22 @@ func hasMaxDailyEffectiveTokensFrontmatterConfig(data *WorkflowData) bool { } // validateMaxDailyEffectiveTokensFrontmatter returns an error when the -// max-daily-effective-tokens frontmatter field is set to a negative integer. -// Zero and positive values are accepted; GitHub Actions expressions are passed -// through unchanged for runtime evaluation. +// max-daily-ai-credits (or deprecated max-daily-effective-tokens) frontmatter field +// is set to an integer below -1. Zero, positive values, and -1 (explicit disable) +// are accepted; GitHub Actions expressions are passed through unchanged for +// runtime evaluation. func validateMaxDailyEffectiveTokensFrontmatter(data *WorkflowData) error { if data == nil || data.RawFrontmatter == nil { return nil } - raw, ok := data.RawFrontmatter[maxDailyEffectiveTokensField] - if !ok { - return nil - } - if val, ok := typeutil.ParseIntValue(raw); ok && val < 0 { - return fmt.Errorf("%s must be at least 0, got %d", maxDailyEffectiveTokensField, val) + for _, field := range []string{maxDailyAICreditsField, maxDailyEffectiveTokensField} { + raw, ok := data.RawFrontmatter[field] + if !ok { + continue + } + if val, ok := typeutil.ParseIntValue(raw); ok && val < -1 { + return fmt.Errorf("%s must be -1 (disable) or a positive integer, got %d", field, val) + } } return nil } diff --git a/pkg/workflow/daily_effective_workflow_guardrail_test.go b/pkg/workflow/daily_effective_workflow_guardrail_test.go index e717b64ba34..c9fd5f782af 100644 --- a/pkg/workflow/daily_effective_workflow_guardrail_test.go +++ b/pkg/workflow/daily_effective_workflow_guardrail_test.go @@ -16,7 +16,7 @@ import ( func TestResolveMaxDailyEffectiveTokens(t *testing.T) { t.Run("prefers top-level literal value", func(t *testing.T) { t.Parallel() - got := resolveMaxDailyEffectiveTokens(map[string]any{"max-daily-effective-tokens": 1234}, `"999"`) + got := resolveMaxDailyEffectiveTokens(map[string]any{"max-daily-ai-credits": 1234}, `"999"`) if got == nil || *got != "1234" { t.Fatalf("expected literal top-level value, got %v", got) } @@ -25,31 +25,47 @@ func TestResolveMaxDailyEffectiveTokens(t *testing.T) { t.Run("falls back to imported expression", func(t *testing.T) { t.Parallel() - got := resolveMaxDailyEffectiveTokens(map[string]any{}, `"${{ inputs.max-daily-effective-tokens }}"`) - if got == nil || *got != "${{ inputs.max-daily-effective-tokens }}" { + got := resolveMaxDailyEffectiveTokens(map[string]any{}, `"${{ inputs.max-daily-ai-credits }}"`) + if got == nil || *got != "${{ inputs.max-daily-ai-credits }}" { t.Fatalf("expected imported expression, got %v", got) } }) + t.Run("supports deprecated field fallback", func(t *testing.T) { + t.Parallel() + got := resolveMaxDailyEffectiveTokens(map[string]any{"max-daily-effective-tokens": 1234}, "") + if got == nil || *got != "1234" { + t.Fatalf("expected deprecated field fallback value, got %v", got) + } + }) + t.Run("uses enterprise default when unset", func(t *testing.T) { - t.Setenv(compilerenv.DefaultMaxDailyEffectiveTokens, "2222") + t.Setenv(compilerenv.DefaultMaxDailyAICredits, "2222") got := resolveMaxDailyEffectiveTokens(map[string]any{}, "") if got == nil || *got != "2222" { t.Fatalf("expected enterprise default, got %v", got) } }) + t.Run("uses built-in 500k default when no frontmatter and no env vars", func(t *testing.T) { + t.Setenv(compilerenv.DefaultMaxDailyAICredits, "") + got := resolveMaxDailyEffectiveTokens(map[string]any{}, "") + if got == nil || *got != "500000" { + t.Fatalf("expected built-in 500k default, got %v", got) + } + }) + t.Run("normalizes suffix strings", func(t *testing.T) { t.Parallel() - got := resolveMaxDailyEffectiveTokens(map[string]any{"max-daily-effective-tokens": "100M"}, "") + got := resolveMaxDailyEffectiveTokens(map[string]any{"max-daily-ai-credits": "100M"}, "") if got == nil || *got != "100000000" { t.Fatalf("expected normalized suffix string, got %v", got) } }) t.Run("explicit disable overrides enterprise default", func(t *testing.T) { - t.Setenv(compilerenv.DefaultMaxDailyEffectiveTokens, "2222") - got := resolveMaxDailyEffectiveTokens(map[string]any{"max-daily-effective-tokens": -1}, "") + t.Setenv(compilerenv.DefaultMaxDailyAICredits, "2222") + got := resolveMaxDailyEffectiveTokens(map[string]any{"max-daily-ai-credits": -1}, "") if got != nil { t.Fatalf("expected explicit disable to skip the guardrail, got %v", *got) } @@ -64,7 +80,7 @@ func TestDailyEffectiveWorkflowGuardrailInCompiledWorkflow(t *testing.T) { on: workflow_dispatch: stale-check: false -max-daily-effective-tokens: 100_000_000 +max-daily-ai-credits: 100_000_000 safe-outputs: add-comment: max: 1 @@ -99,13 +115,13 @@ Guardrail test workflow` if !strings.Contains(lockStr, "id: daily-effective-workflow-guardrail") { t.Fatal("expected activation job to include the daily workflow ET guardrail step") } - if !strings.Contains(lockStr, "if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }}") { + if !strings.Contains(lockStr, "if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }}") { t.Fatal("expected frontmatter-configured guardrail step to use env-based runtime gating") } if !strings.Contains(lockStr, "check_daily_effective_workflow_guardrail.cjs") { t.Fatal("expected activation job to call check_daily_effective_workflow_guardrail.cjs") } - if !strings.Contains(lockStr, `GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "100000000"`) { + if !strings.Contains(lockStr, `GH_AW_MAX_DAILY_AI_CREDITS: "100000000"`) { t.Fatal("expected activation job env to include normalized guardrail threshold") } if !strings.Contains(lockStr, "daily_effective_workflow_exceeded: ${{ steps.daily-effective-workflow-guardrail.outputs.daily_effective_workflow_exceeded == 'true' }}") { @@ -132,7 +148,7 @@ Guardrail test workflow` if strings.Contains(activationSection, "issues: write") { t.Fatal("expected activation permissions to avoid issues: write for the daily ET guardrail") } - if !strings.Contains(activationSection, "safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }}") { + if !strings.Contains(activationSection, "safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }}") { t.Fatal("expected frontmatter-configured guardrail to gate artifact client installation dynamically") } } @@ -171,13 +187,13 @@ No daily guardrail` if !strings.Contains(lockStr, "id: daily-effective-workflow-guardrail") { t.Fatal("expected activation job to emit the daily ET guardrail step even when threshold is unset") } - if !strings.Contains(lockStr, "if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }}") { + if !strings.Contains(lockStr, "if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }}") { t.Fatal("expected emitted daily ET guardrail step to be dynamically skipped when threshold is unset") } if !strings.Contains(lockStr, "daily_effective_workflow_exceeded") { t.Fatal("expected workflows to continue wiring daily ET outputs when guardrail step is emitted") } - if !strings.Contains(lockStr, "safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }}") { + if !strings.Contains(lockStr, "safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }}") { t.Fatal("expected emitted guardrail to gate artifact client installation dynamically") } } @@ -191,7 +207,7 @@ on: workflow_dispatch: stale-check: false env: - GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "5000000" + GH_AW_MAX_DAILY_AI_CREDITS: "5000000" safe-outputs: add-comment: max: 1 @@ -218,10 +234,10 @@ Daily guardrail via env var` if !strings.Contains(lockStr, "id: daily-effective-workflow-guardrail") { t.Fatal("expected activation job to include the daily ET guardrail step when env var is configured") } - if !strings.Contains(lockStr, "if: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }}") { - t.Fatal("expected daily ET guardrail step to gate execution on GH_AW_MAX_DAILY_EFFECTIVE_TOKENS") + if !strings.Contains(lockStr, "if: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }}") { + t.Fatal("expected daily ET guardrail step to gate execution on GH_AW_MAX_DAILY_AI_CREDITS") } - if !strings.Contains(lockStr, "safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_EFFECTIVE_TOKENS != '' }}") { + if !strings.Contains(lockStr, "safe-output-artifact-client: ${{ env.GH_AW_MAX_DAILY_AI_CREDITS != '' }}") { t.Fatal("expected setup step to conditionally install artifact client when daily ET guardrail is env-configured") } } @@ -230,17 +246,18 @@ func TestDailyETGuardrailNegativeValueRejected(t *testing.T) { testDir := testutil.TempDir(t, "daily-effective-workflow-explicit-disable-*") workflowFile := filepath.Join(testDir, "daily-guardrail-explicit-disable.md") + // -2 is below the minimum of -1 (the explicit disable sentinel) and must be rejected. workflow := `--- on: workflow_dispatch: stale-check: false -max-daily-effective-tokens: -1 +max-daily-ai-credits: -2 safe-outputs: add-comment: max: 1 --- -Explicitly disable daily guardrail` +Invalid negative daily guardrail value` if err := os.WriteFile(workflowFile, []byte(workflow), 0o644); err != nil { t.Fatalf("failed to write test workflow: %v", err) @@ -249,9 +266,11 @@ Explicitly disable daily guardrail` compiler := NewCompiler() err := compiler.CompileWorkflow(workflowFile) if err == nil { - t.Fatal("expected compile to fail for negative max-daily-effective-tokens") + t.Fatal("expected compile to fail for invalid negative max-daily-ai-credits") } - if !strings.Contains(err.Error(), "must be at least 0") { - t.Fatalf("expected minimum value validation error, got: %v", err) + // Schema validation or frontmatter validation may produce the error; either + // correctly rejects values below -1. + if !strings.Contains(err.Error(), "must be -1") && !strings.Contains(err.Error(), "minimum") { + t.Fatalf("expected validation error rejecting -2, got: %v", err) } } diff --git a/pkg/workflow/frontmatter_types.go b/pkg/workflow/frontmatter_types.go index d0e04f18d4a..fe64feb0e9e 100644 --- a/pkg/workflow/frontmatter_types.go +++ b/pkg/workflow/frontmatter_types.go @@ -289,6 +289,7 @@ type FrontmatterConfig struct { TrackerID string `json:"tracker-id,omitempty"` Version string `json:"version,omitempty"` TimeoutMinutes *TemplatableInt32 `json:"timeout-minutes,omitempty"` + MaxDailyAICredits *TemplatableInt32 `json:"max-daily-ai-credits,omitempty"` MaxDailyEffectiveTokens *TemplatableInt32 `json:"max-daily-effective-tokens,omitempty"` Strict *bool `json:"strict,omitempty"` // Pointer to distinguish unset from false Private *bool `json:"private,omitempty"` // If true, workflow cannot be added to other repositories diff --git a/pkg/workflow/testdata/TestWasmGolden_AllEngines/claude.golden b/pkg/workflow/testdata/TestWasmGolden_AllEngines/claude.golden index 0a7924b065f..effcf1a90bf 100644 --- a/pkg/workflow/testdata/TestWasmGolden_AllEngines/claude.golden +++ b/pkg/workflow/testdata/TestWasmGolden_AllEngines/claude.golden @@ -23,6 +23,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" outputs: comment_id: "" comment_repo: "" @@ -95,6 +97,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/pkg/workflow/testdata/TestWasmGolden_AllEngines/codex.golden b/pkg/workflow/testdata/TestWasmGolden_AllEngines/codex.golden index 04979263ec9..6cfce004581 100644 --- a/pkg/workflow/testdata/TestWasmGolden_AllEngines/codex.golden +++ b/pkg/workflow/testdata/TestWasmGolden_AllEngines/codex.golden @@ -23,6 +23,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" outputs: comment_id: "" comment_repo: "" @@ -95,6 +97,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/pkg/workflow/testdata/TestWasmGolden_AllEngines/copilot.golden b/pkg/workflow/testdata/TestWasmGolden_AllEngines/copilot.golden index 3dfd4a3cf3e..3b38052271f 100644 --- a/pkg/workflow/testdata/TestWasmGolden_AllEngines/copilot.golden +++ b/pkg/workflow/testdata/TestWasmGolden_AllEngines/copilot.golden @@ -23,6 +23,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" outputs: comment_id: "" comment_repo: "" @@ -95,6 +97,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/pkg/workflow/testdata/TestWasmGolden_AllEngines/gemini.golden b/pkg/workflow/testdata/TestWasmGolden_AllEngines/gemini.golden index 1ffe25d82db..81e01b755ab 100644 --- a/pkg/workflow/testdata/TestWasmGolden_AllEngines/gemini.golden +++ b/pkg/workflow/testdata/TestWasmGolden_AllEngines/gemini.golden @@ -23,6 +23,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" outputs: comment_id: "" comment_repo: "" @@ -93,6 +95,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/pkg/workflow/testdata/TestWasmGolden_AllEngines/pi.golden b/pkg/workflow/testdata/TestWasmGolden_AllEngines/pi.golden index 97d66d748ad..bfd2a744cfd 100644 --- a/pkg/workflow/testdata/TestWasmGolden_AllEngines/pi.golden +++ b/pkg/workflow/testdata/TestWasmGolden_AllEngines/pi.golden @@ -23,6 +23,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" outputs: comment_id: "" comment_repo: "" @@ -94,6 +96,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden index b9319c34c73..acdc47a67b8 100644 --- a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden +++ b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden @@ -23,6 +23,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" outputs: comment_id: "" comment_repo: "" @@ -95,6 +97,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/playwright-cli-mode.golden b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/playwright-cli-mode.golden index 7cfca9acc68..1064be5e1d0 100644 --- a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/playwright-cli-mode.golden +++ b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/playwright-cli-mode.golden @@ -23,6 +23,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" outputs: comment_id: "" comment_repo: "" @@ -95,6 +97,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden index df41c80423a..bca7857b8c9 100644 --- a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden +++ b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden @@ -34,6 +34,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" outputs: body: ${{ steps.sanitized.outputs.body }} comment_id: "" @@ -109,6 +111,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden index 92103e7bf79..53ae0c1e38a 100644 --- a/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden +++ b/pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden @@ -23,6 +23,8 @@ jobs: permissions: actions: read contents: read + env: + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" outputs: comment_id: "" comment_repo: "" @@ -95,6 +97,7 @@ jobs: GH_AW_RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} GH_AW_WORKFLOW_DISPATCH_AW_CONTEXT: ${{ github.event.inputs.aw_context || '' }} GH_AW_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GH_AW_MAX_DAILY_EFFECTIVE_TOKENS: "500000" with: github-token: ${{ secrets.GITHUB_TOKEN }} script: |