Skip to content

Fail smoke detection jobs on parsing errors#107

Merged
davidslater merged 4 commits into
mainfrom
copilot/update-smoke-workflows
May 14, 2026
Merged

Fail smoke detection jobs on parsing errors#107
davidslater merged 4 commits into
mainfrom
copilot/update-smoke-workflows

Conversation

Copilot AI commented May 14, 2026

Copy link
Copy Markdown
Contributor

Bug Fix

What was the bug?

Smoke threat-detection jobs could report success even when detection result parsing or other detection errors occurred.

How did you fix it?

  • Smoke workflow config
    • Set safe-outputs.threat-detection.continue-on-error: false for Copilot, Claude, and Codex smoke workflows.
safe-outputs:
  threat-detection:
    continue-on-error: false
  • Compiled workflows
    • Recompiled the base smoke .lock.yml workflows.
    • Regenerated the containerized smoke workflow siblings so they inherit the same blocking detection behavior.

Testing

  • Recompiled base and containerized smoke workflows.

Copilot AI changed the title Make smoke threat detection failures blocking Fail smoke detection jobs on parsing errors May 14, 2026
Copilot AI requested a review from davidslater May 14, 2026 00:29
@davidslater davidslater marked this pull request as ready for review May 14, 2026 14:57
Copilot AI review requested due to automatic review settings May 14, 2026 14:57

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Sets safe-outputs.threat-detection.continue-on-error: false in the three smoke workflow source files (Copilot, Claude, Codex) so that threat-detection parsing errors fail the smoke job rather than being silently ignored. The base .lock.yml files and their containerized siblings have been recompiled to match — removing continue-on-error: true on the "Parse and conclude threat detection" step and flipping GH_AW_DETECTION_CONTINUE_ON_ERROR to "false".

Changes:

  • Add threat-detection.continue-on-error: false to the three smoke .md source workflows and their -container.md siblings.
  • Recompile the six .lock.yml files: drop the step-level continue-on-error: true and set GH_AW_DETECTION_CONTINUE_ON_ERROR: "false" on the detection_conclusion step.
  • Update frontmatter hashes in the lock files to match the new source.
Show a summary per file
File Description
.github/workflows/smoke-copilot.md Add blocking threat-detection config
.github/workflows/smoke-copilot.lock.yml Recompiled to fail on detection errors
.github/workflows/smoke-copilot-container.md Mirror blocking config in sibling
.github/workflows/smoke-copilot-container.lock.yml Recompiled containerized sibling
.github/workflows/smoke-claude.md Add blocking threat-detection config
.github/workflows/smoke-claude.lock.yml Recompiled to fail on detection errors
.github/workflows/smoke-claude-container.md Mirror blocking config in sibling
.github/workflows/smoke-claude-container.lock.yml Recompiled containerized sibling
.github/workflows/smoke-codex.md Add blocking threat-detection config
.github/workflows/smoke-codex.lock.yml Recompiled to fail on detection errors
.github/workflows/smoke-codex-container.md Mirror blocking config in sibling
.github/workflows/smoke-codex-container.lock.yml Recompiled containerized sibling

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 12/12 changed files
  • Comments generated: 0

@davidslater davidslater merged commit 2bcd926 into main May 14, 2026
9 checks passed
@davidslater davidslater deleted the copilot/update-smoke-workflows branch May 14, 2026 21:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants