[review] fix(arc-dind): mount workspace correctly and unify artifact roots#43228
[review] fix(arc-dind): mount workspace correctly and unify artifact roots#43228github-actions[bot] wants to merge 15 commits into
Conversation
Bug A: The agent sees an empty workspace because dockerHostPathPrefix
translates the workspace mount source to a non-existent path. With
sysroot-stage active, the Docker daemon can see all needed paths via:
- Shared work volume (/home/runner/_work/) for workspace & RUNNER_TEMP
- Sysroot named volume for system binaries
- Kernel VFS for /dev, /sys
Remove dockerHostPathPrefix from the AWF config — it's unnecessary and
harmful when sysroot provides all system paths.
Bug B: The agent artifact upload spans two path roots (/tmp/gh-aw/ and
${{ runner.temp }}/gh-aw/), causing upload-artifact to compute '/' as
the common ancestor. This creates a nested directory layout that breaks
downstream artifact downloads (detection job can't find agent_output.json).
Fix by:
1. Rewriting all /tmp/gh-aw/ artifact paths to ${{ runner.temp }}/gh-aw/
2. Adding a consolidation step that copies /tmp/gh-aw/ contents to the
runner.temp location before upload
Fixes: gh-aw#34896
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
|
@copilot please run the
|
Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>
Done. Found one lint failure (
Hand-off: CI must be re-triggered by a maintainer (close/reopen PR, |
|
@copilot please run the
|
…e-mount-review-1783093749995 Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>
Done. The branch had a merge conflict with
Hand-off: CI must be re-triggered by a maintainer before merge. |
|
@copilot please run the
|
All clear. Branch is up to date with
Hand-off: CI must be re-triggered by a maintainer before merge. Still needed: human approval. |
|
@copilot please run the
|
Actions taken: no new changes needed — branch was already clean. |
|
@copilot please
|
|
@copilot please run the
|
…w (process all PRs) Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>
Fixed a pre-existing test failure introduced by main.
Still needed: human approval. |
|
@copilot please run the
|
…e-mount-review-1783093749995 # Conflicts: # pkg/cli/pr_sous_chef_workflow_contract_test.go Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>
…ll eligible PRs per run Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>
Branch updated from main and pre-existing test failure fixed:
Still needed: human approval. |
|
@copilot please run the
|
Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>
Actions taken: committed trailing-space cleanup in |
|
@copilot please run the skill, address unresolved review comments, and rerun checks once the branch is up to date.
|
Actions taken: no file changes needed — working tree clean, all local checks passed without modification. |
Caution
agentic threat detected
Threat detection flagged this output in warn mode. Manual review is REQUIRED before any follow-up automation.
Reason: agent_failure
Review the workflow run logs for details.
This PR contains changes that were originally intended for PR #43222 (
fix/arc-dind-workspace-mount).Please review the changes carefully before merging.