Skip to content

Add upload-artifact step to threat detection job for agent logs#1187

Merged
pelikhan merged 3 commits intomainfrom
copilot/add-upload-artifact-step
Oct 3, 2025
Merged

Add upload-artifact step to threat detection job for agent logs#1187
pelikhan merged 3 commits intomainfrom
copilot/add-upload-artifact-step

Conversation

Copy link
Copy Markdown
Contributor

Copilot AI commented Oct 3, 2025
edited
Loading

Overview

This PR adds an upload-artifact step to the threat detection job to preserve the agent log (threat-detection.log) for debugging and auditing purposes.

Changes

The threat detection job now includes a final step that uploads the detection log as an artifact. This step:

  • Always runs using if: always() to ensure logs are captured even when analysis fails
  • Ignores missing files using if-no-files-found: ignore to prevent errors when the log doesn't exist
  • Uses standard artifact naming with artifact name threat-detection.log for consistency

Implementation

Added buildUploadDetectionLogStep() function in pkg/workflow/threat_detection.go that generates the upload step following existing patterns in the codebase (similar to generateUploadAgentLogs and generateUploadAccessLogs).

The generated YAML step in compiled workflows:

- name: Upload threat detection log
  if: always()
  uses: actions/upload-artifact@v4
  with:
    name: threat-detection.log
    path: /tmp/threat-detection/detection.log
    if-no-files-found: ignore

Testing

Added comprehensive tests in pkg/workflow/threat_detection_test.go:

  • TestBuildUploadDetectionLogStep() - Verifies the upload step configuration
  • TestThreatDetectionStepsIncludeUpload() - Validates end-to-end integration

All existing tests continue to pass, and the change has been verified in 4 compiled workflows with threat detection enabled.

Benefits

  • Preserves threat detection logs for post-mortem analysis
  • Enables debugging of detection failures
  • Provides audit trail for security analysis decisions
  • No impact on workflow execution when logs are missing
Original prompt

Add a upload-artifact step in the detection job to upload the agent log (threat-detection.log). Always runs, ignore if file is missing.

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

@pelikhan
Add upload-artifact step for threat detection log
99bef5b 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Add upload artifact step for agent log in detection job Add upload-artifact step to threat detection job for agent logs Oct 3, 2025
Copilot AI requested a review from pelikhan October 3, 2025 01:39
@pelikhan pelikhan marked this pull request as ready for review October 3, 2025 01:41
@pelikhan pelikhan merged commit 8ec855f into main Oct 3, 2025
11 checks passed
@pelikhan pelikhan deleted the copilot/add-upload-artifact-step branch October 3, 2025 01:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@pelikhan pelikhan pelikhan approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pelikhan