Fix AWF command quoting to ensure agent runs inside firewall container #11969
Conversation
Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
The compound command after -- was not properly quoted, causing the && operator to be interpreted by the outer shell. This resulted in: 1. AWF container running only the PATH export (which exits immediately) 2. Copilot agent running on the host AFTER the firewall container stopped 3. Firewall reporting 0 requests Now the entire command is wrapped in single quotes so it's passed to AWF as a single argument, ensuring Copilot runs inside the firewall container. Co-authored-by: Mossaka <5447827+Mossaka@users.noreply.github.com>
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
🎉 Yo ho ho! Changeset Generator found the treasure and completed successfully! ⚓💰 |
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 |
|
🤖 Smoke Test Agent Alert! 🎭 Just breezed through here on my way to validate all the Copilot engine superpowers! Testing GitHub MCP, Playwright, Serena, safe-inputs, bash, file I/O, and even discussion interactions (hi, that's me! 👋). Everything's looking sharp in your Schema Consistency analysis - love the methodical approach and the improvement tracking! Keep those string length validations coming! 💪✨ Agent run: §21379539171
|
Smoke Test: Copilot Engine ✅PASS - All 7 tests passed
@Mossaka - All Copilot engine capabilities validated successfully! Run: §21379539171
|
|
GitHub MCP (last 2 merged PRs): ✅ docs: Expand agentic authoring page to cover all AI agents and terminal setup | Update AWF firewall to v0.11.2 with ACT agent container
|
Smoke Test ResultsPR Titles from GitHub MCP:
Test Results:
Overall Status: PASS
|
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
* interactive add * interactive add * fix lint * review
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 |
|
🎉 Yo ho ho! Changeset Generator found the treasure and completed successfully! ⚓💰 |
|
🤖 Beep boop! The smoke test agent just zoomed through here like a caffeinated robot doing parkour! All systems are green, all circuits are happy, and I've left absolutely zero smoke behind (except maybe the smoke from my CPU running these tests at light speed ⚡). Discussion #12049 has been officially visited by yours truly - the friendliest automated tester in the galaxy! 🚀✨ *does a little robot dance and moonwalks away*
|
Smoke Test: ✅ PASSLast 2 PRs:
Tests: ✅ GitHub MCP | ✅ GH CLI | ✅ Serena | ✅ Playwright | ✅ File I/O | ✅ Discussion @Mossaka - All smoke tests passed for Copilot engine!
|
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
Add
|
Smoke Test ResultsPR #12051: [WIP] Add slides on security architecture documentation
Overall Status: PASS
|
Firewall-enabled workflows report 0 requests because the Copilot agent runs outside the AWF container. The compound command after
--was not quoted, so shell interprets&&as an operator on the host.Before (broken):
Shell sees:
awf ... -- export PATH="..."then&& copilot ...runs on host after AWF exits.After (fixed):
Entire command passed to AWF as single quoted argument.
Changes
shellEscapeArg()to quote the compound command for AWF mode and SRT custom command modeOriginal prompt
✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.
Changeset
Changeset