Pass GitHub Actions environment variables to safeoutputs MCP server at gateway #10940
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ateway Added common GitHub Actions environment variables to the safeoutputs MCP server when configured at the gateway, enabling access to workflow run context, actor information, event details, and ref information. Changes: - Updated mcp-config-builtin.go to include additional env vars in envVars list - Updated mcp_renderer.go TOML env_vars array for Codex engine - Updated mcp_servers.go to pass env vars via -e flags in Docker command - Variables added: GITHUB_RUN_*, GITHUB_JOB, GITHUB_ACTION, GITHUB_EVENT_*, GITHUB_ACTOR*, GITHUB_TRIGGERING_ACTOR, GITHUB_WORKFLOW*, GITHUB_REF*, GITHUB_HEAD_REF, GITHUB_BASE_REF Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
Addressed code review feedback by refactoring long single-line environment variable arrays into maintainable slice-based code. This improves readability and makes it easier to maintain the environment variable lists. Changes: - Refactored renderSafeOutputsMCPConfigTOML to use a slice and loop - Refactored renderSafeOutputsTOML to use the same approach - Both functions now programmatically build the env_vars array - No functional changes - output remains identical Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Add passing of GitHub action environment variables
Pass GitHub Actions environment variables to safeoutputs MCP server at gateway
Jan 21, 2026
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The safeoutputs MCP server running at the gateway lacked access to GitHub Actions context (workflow run, actor, event, ref information). This prevented context-aware operations that depend on the current PR, issue, or workflow state.
Changes
Environment Variables Added (21 total)
GITHUB_RUN_ID,GITHUB_RUN_NUMBER,GITHUB_RUN_ATTEMPT,GITHUB_JOB,GITHUB_ACTIONGITHUB_EVENT_NAME,GITHUB_EVENT_PATHGITHUB_ACTOR,GITHUB_ACTOR_ID,GITHUB_TRIGGERING_ACTORGITHUB_WORKFLOW,GITHUB_WORKFLOW_REF,GITHUB_WORKFLOW_SHAGITHUB_REF,GITHUB_REF_NAME,GITHUB_REF_TYPE,GITHUB_HEAD_REF,GITHUB_BASE_REFModified Files
pkg/workflow/mcp-config-builtin.go: ExtendedenvVarsslice inrenderSafeOutputsMCPConfigWithOptions()and refactoredrenderSafeOutputsMCPConfigTOML()to programmatically build env_vars arraypkg/workflow/mcp_renderer.go: UpdatedrenderSafeOutputsTOML()to include new variables using slice-based generationpkg/workflow/mcp_servers.go: Added-eflags to Docker command generation for gateway container (lines 601-624)Example Output
Docker command now includes all context variables:
Variables propagate through three layers: MCP config JSON/TOML → gateway Docker command → safeoutputs container environment.
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.