Convert safe outputs MCP server to node process with individual module files

[Copilot]

Task: Convert safe output MCP server to run as a node process

This PR converts the safe output MCP server from using actions/github-script to running as a standalone node process, following the same pattern as the safe inputs MCP server.

Summary of Changes

1. Created safe_outputs_bootstrap.cjs: A new module that encapsulates the bootstrap logic for loading configuration and tools, following the same pattern as safe inputs.

2. Refactored safe_outputs_mcp_server.cjs:

   • Wrapped initialization logic in startSafeOutputsServer() function
   • Added support for direct execution and module usage
   • Integrated bootstrap pattern
   • Added options parameter for testing and customization

3. Removed github-script references: Removed misleading /// <reference types="@actions/github-script" /> TypeScript references from all safe outputs files that don't actually use github-script globals.

4. Updated file embedding: Added proper Go embed directives and export functions for the new bootstrap module.

5. Added comprehensive tests: Created test suite for bootstrap module following existing test patterns.

6. Fixed directory creation: Added directory creation for safe outputs MCP logs.

7. Fixed environment variable: Added GH_AW_MCP_LOG_DIR to the list of environment variables passed to the safe outputs MCP server so it can access the log directory configuration.

8. Fixed JSDoc comment: Replaced JSDoc comment block with regular comments to avoid bundler issues that were causing syntax errors in the compiled output.

9. Write files individually: Changed from writing a single bundled script to writing each module file separately to disk (matching the safe inputs pattern). Each JavaScript module is written as a separate .cjs file with module.exports preserved, and a simple entry point script requires the modules. This eliminates bundling issues and ensures proper Node.js module behavior.

10. Fixed missing environment variables: Added GH_AW_SAFE_OUTPUTS_CONFIG_PATH and GH_AW_SAFE_OUTPUTS_TOOLS_PATH to both job-level and MCP server environment variables. The bootstrap module needs these paths to load configuration and tools files.

11. Fixed log directory location: Reverted safe outputs MCP log directory from /tmp/gh-aw/sandbox/agent/logs to /tmp/gh-aw/mcp-logs/safeoutputs so logs are properly included in the mcp-logs artifact for debugging.

12. Enhanced ingestion debugging: Added comprehensive logging to the collect_ndjson_output.cjs script with [INGESTION] prefix showing config loading, output processing, type normalization, and detailed warnings for type mismatches.

13. Fixed config file cleanup timing: Removed the config file cleanup from the MCP server startup. The config file contains no secrets (only schema/max counts) and is needed by the ingestion phase (collect_ndjson_output.cjs) that runs AFTER the MCP server completes. The previous cleanup was causing the ingestion phase to have an empty expected types list, resulting in all outputs being rejected with "Type 'X' not found in expected types: []" errors.

Benefits

• Consistency: Safe outputs now follows the same pattern as safe inputs (file-by-file writing)
• Security: No sensitive data in config file, cleanup not necessary
• Modularity: Bootstrap logic is separated and reusable, files are individual modules
• Testability: Better test coverage with isolated bootstrap functionality
• Logging: Uses the standard MCP logger pattern consistently and logs are properly collected
• Universal Compatibility: Works with all engine types (Copilot, Claude, Codex, etc.)
• No Bundling: Each module remains separate with proper exports, avoiding bundler complexity
• Proper Configuration: All required environment variables are properly passed to the MCP server
• Proper Artifact Collection: MCP server logs are uploaded in mcp-logs artifact for debugging
• Enhanced Debugging: Detailed ingestion logging helps quickly identify and diagnose issues
• Correct Ingestion: Config file persists through workflow execution so ingestion phase can validate outputs

Plan

• Analyze current safe outputs MCP server structure and dependencies
• Create bootstrap module for safe outputs (similar to safe_inputs_bootstrap.cjs)
• Update safe_outputs_mcp_server.cjs to support both module and direct execution
• Remove github-script TypeScript references from safe outputs files
• Ensure all required files are properly embedded and written during workflow compilation
• Update tests to validate the new bootstrap pattern
• Run make agent-finish to validate all changes
• Verify compilation of test workflows
• Fix server launch failure by ensuring log directory exists
• Fix environment variable propagation for log directory
• Fix JSDoc comment bundling issue
• Write files individually with module.exports preserved (like safe inputs)
• Fix missing config and tools path environment variables
• Fix log directory location for proper artifact upload
• Add detailed ingestion logging for debugging type mismatches
• Fix config file cleanup timing - don't cleanup before ingestion

Original prompt

Convert safe output MCP server to run as a node process instead of actions/github-script.

Use similar bootstrap pattern as safeinputs MCP server and logging.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

---

Changeset

• Type: patch
• Description: Convert the safe outputs MCP server to run as a Node process (refactor bootstrap, write modules as individual .cjs files, add tests, fix log directory and environment variables, improve ingestion logging, and remove premature config cleanup).

🏴‍☠️ Ahoy! This treasure was crafted by Changeset Generator

[github-actions]

💫 TO BE CONTINUED... Smoke Claude failed! Our hero faces unexpected challenges...

[github-actions]

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

[github-actions]

🎉 Yo ho ho! Changeset Generator found the treasure and completed successfully! ⚓💰

[github-actions]

📰✅🎉🏁✨🎤 https://github.com/githubnext/gh-aw/actions/runs/20050576967

[github-actions]

📰 VERDICT: Smoke Copilot Playwright has concluded. All systems operational. This is a developing story. 🎤

[github-actions]

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

[github-actions]

🤖 DIAGNOSTIC COMPLETE: Smoke Copilot No Firewall STATUS: ALL_UNITS_OPERATIONAL. MISSION_SUCCESS.

[pelikhan]

@copilot store log file in agent log artifacts

[pelikhan]

@copilot the server failed to launch. See https://github.com/githubnext/gh-aw/actions/runs/20050576968/job/57505411967#step:44:1

[Copilot]

@copilot store log file in agent log artifacts

Done in commit 17c1809. Changed the safe outputs MCP server log directory from /tmp/gh-aw/mcp-logs/safeoutputs to /tmp/gh-aw/sandbox/agent/logs so logs are automatically included in the agent_outputs artifact upload.

[Copilot]

@copilot the server failed to launch. See https://github.com/githubnext/gh-aw/actions/runs/20050576968/job/57505411967#step:44:1

Fixed in commit e8d740d. The issue was that /tmp/gh-aw/sandbox/agent/logs directory only existed in Copilot workflows but was being used for all engines after my change. Added mkdir -p /tmp/gh-aw/sandbox/agent/logs to the safe outputs setup step so the directory is created for all workflow types (Copilot, Claude, Codex, etc.).

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/repos/githubnext/gh-aw/actions/jobs/57505411967/logs
  • Triggering command: /usr/bin/curl curl -s -H Accept: application/vnd.github.v3+json REDACTED (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[github-actions]

💫 TO BE CONTINUED... Smoke Claude failed! Our hero faces unexpected challenges...

[github-actions]

📰 VERDICT: Smoke Copilot Playwright has concluded. All systems operational. This is a developing story. 🎤

[github-actions]

📰✅🎉🏁✨🎤 https://github.com/githubnext/gh-aw/actions/runs/20063015656

[github-actions]

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

[github-actions]

🎉 Yo ho ho! Changeset Generator found the treasure and completed successfully! ⚓💰

[github-actions]

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

[pelikhan]

@copilot review the code that writes output types entries in the MCP server . They do not match the schema expected by the ingestion phase.

See https://github.com/githubnext/gh-aw/actions/runs/20063015659/job/57544440154#step:34:1

[Copilot]

@copilot review the code that writes output types entries in the MCP server . They do not match the schema expected by the ingestion phase.

See https://github.com/githubnext/gh-aw/actions/runs/200630...

Fixed in commit 8200639. The issue was that the MCP server was cleaning up the config file immediately after startup, but the ingestion phase (collect_ndjson_output.cjs) runs AFTER the MCP server completes and needs the config file to know which output types are expected.

Without the config file, the ingestion phase had an empty expected types list ([]), causing all outputs to be rejected with errors like:

• [INGESTION] Line 1: Type 'comment' not found in expected types: []
• [INGESTION] Line 2: Type 'label' not found in expected types: []

Solution: Removed the config file cleanup from the MCP server. The config file contains no secrets (only schema/max counts), so it's safe to leave it on disk. Now the ingestion phase can properly read the config and validate outputs against the expected types.

[github-actions]

💥 WHOOSH! Smoke Claude springs into action on this pull request! [Panel 1 begins...]

[github-actions]

📰🚀🔍👀📡🕵️ https://github.com/githubnext/gh-aw/actions/runs/20063709349

[github-actions]

🎉 Yo ho ho! Changeset Generator found the treasure and completed successfully! ⚓💰

[github-actions]

📰 BREAKING: Smoke Copilot Playwright is now investigating this pull request. Sources say the story is developing...

[github-actions]

📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing...

[github-actions]

🔮 The ancient spirits stir... Smoke Codex awakens to divine this pull request...

[github-actions]

Smoke Test Results - Run 20063709330

Last 2 Merged PRs:

• [WIP] Add daily agentic workflow for specification updates #5939: [WIP] Add daily agentic workflow for specification updates
• [instructions] Sync github-agentic-workflows.md with v0.32.0 release #5930: [instructions] Sync github-agentic-workflows.md with v0.32.0 release

Test Results:

• ✅ GitHub MCP Testing (search PRs)
• ✅ File Writing Testing
• ✅ Bash Tool Testing
• ❌ GitHub MCP Default Toolset Testing (get_me is available but fails with 403 - not tool-not-found)
• ✅ Cache Memory Testing

Overall Status: PARTIAL - get_me tool exists but has insufficient permissions (expected behavior for default toolset)

📰 BREAKING: Report filed by Smoke Copilot fer issue #5919 🗺️

[github-actions]

Smoke Test Results

File Writing: ✅
Bash Tool: ✅
GitHub MCP: ❌ (Connection error: HTTP response to HTTPS client)
Serena MCP: ❌ (Not tested due to GitHub MCP failure)
Safe Input gh: ❌ (Connection error: HTTP response to HTTPS client)

Overall Status: FAIL

📰🔥📋 https://github.com/githubnext/gh-aw/actions/runs/20063709349 fer issue #5919 🗺️

[github-actions]

Smoke Test Results

✅ Playwright MCP: Successfully navigated to github.com, page title verified: "GitHub · Change is constant. GitHub keeps you ahead. · GitHub"
✅ Cache Memory: Successfully wrote and verified test file at /tmp/gh-aw/cache-memory/smoke-test-20063709356.txt
❌ safeinputs-gh Tool: Failed - HTTP/HTTPS client error when accessing GitHub API

Overall Status: FAIL (1 of 3 tests failed)

📰 BREAKING: Report filed by Smoke Copilot Playwright fer issue #5919 🗺️

[github-actions]

Smoke Test Results - Claude Engine (Run 20063709345)

Last 2 Merged PRs:

• [WIP] Add daily agentic workflow for specification updates #5939: [WIP] Add daily agentic workflow for specification updates
• [instructions] Sync github-agentic-workflows.md with v0.32.0 release #5930: [instructions] Sync github-agentic-workflows.md with v0.32.0 release

Test Results:

• ✅ GitHub MCP: PR retrieval successful
• ✅ File Writing: Test file created in /tmp/gh-aw/agent/
• ✅ Bash Tool: File verification successful
• ✅ Playwright: Navigation to GitHub.com successful (title contains "GitHub")
• ✅ Cache Memory: Test file created and verified
• ❌ safeinputs-gh: Server not found (not available in this environment)

Overall Status: PASS (5/6 tests passed - safeinputs-gh not configured)

💥 [THE END] — Illustrated by Smoke Claude fer issue #5919 🗺️

[github-actions]

Latest merged PRs: [WIP] Register safe output MCP server as nodejs runtime | Add golden test for gh aw --help output
GitHub MCP PR fetch: ✅
Agent file write: ✅
Playwright title check: ✅
Cache memory write: ✅
safeinputs-gh issues list: ❌ (command not found in env)
Overall: FAIL

🔮 The oracle has spoken through Smoke Codex fer issue #5919 🗺️