Mount gh CLI binary in agentic-workflows MCP server container#13948
Mount gh CLI binary in agentic-workflows MCP server container#13948
Conversation
- Add DefaultGhBinaryMount constant for /usr/bin/gh mount path - Update renderAgenticWorkflowsMCPConfigWithOptions to include gh binary mount - Update renderAgenticWorkflowsMCPConfigTOML to include gh binary mount - Update tests to verify gh binary mount is included - Recompile all workflow files with updated agentic-workflows configuration This fixes the error "exec: 'gh': executable file not found in $PATH" by making the gh CLI binary available inside the Alpine container where the agentic-workflows MCP server runs. Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
|
❌ Changeset Generator failed. Please review the logs for details. |
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
|
🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation... |
Agent Container Tool Check
Result: 11/12 tools available Note: .NET runtime (dotnet) is not available in the container. All other development tools are present and functional.
|
|
🧪 Smoke test results: PRs: #13949, #13948 Status: ✅ PASS @pelikhan
|
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
✅ Smoke Test PASSED - Claude Engine Results:
|
|
@copilot the mcp-server command should run "gh version" to log the current github cli version and report if it is missing |
- Add checkAndLogGHVersion() function to check gh CLI availability - Log gh version on mcp-server startup for troubleshooting - Show warning if gh CLI is not found in PATH - Addresses feedback to log gh version and report if missing Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Implemented in commit 3cf00a8. The mcp-server command now logs the gh CLI version on startup and displays a warning if gh is not found in PATH. Example output when gh is available: When gh is missing: |
pkg/cli/mcp_server.go
Outdated
|
|
||
| // checkAndLogGHVersion checks if gh CLI is available and logs its version | ||
| func checkAndLogGHVersion() { | ||
| cmd := exec.Command("gh", "version") |
- Replace direct exec.Command call with workflow.ExecGH helper - Ensures proper token configuration and environment setup - Follows established pattern for gh CLI execution in the codebase Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
|
📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing... |
|
✅ Changeset Generator completed successfully! |
|
🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation... |
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
Agent Container Tool Check
Result: 10/12 tools available Note: Java and .NET executables appear to have been modified/renamed to bash in the container environment. This may indicate a security restriction or environment configuration issue.
|
|
✅ Smoke Test PASS - Run 21720995330 PR Titles:
Results: ✅ GitHub MCP | ✅ GH CLI | ✅ Serena | ✅ Playwright | ✅ File Write | ✅ Bash | ✅ Discussion | ✅ Build | ✅ Dispatch
|
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
There was a problem hiding this comment.
Pull request overview
This PR resolves an issue where the agentic-workflows MCP server running in an Alpine container could not execute gh CLI commands because the binary was not accessible within the container. The solution mounts the host's gh binary into the container and adds version checking during MCP server startup.
Changes:
- Adds
/usr/bin/ghbinary mount configuration for containerized MCP servers - Implements gh CLI version logging on MCP server startup for troubleshooting
- Updates all 22 compiled workflow lock files with the new mount configuration
Reviewed changes
Copilot reviewed 27 out of 27 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| pkg/constants/constants.go | Adds DefaultGhBinaryMount constant defining the read-only mount path for gh CLI binary |
| pkg/workflow/mcp_config_builtin.go | Updates JSON and TOML config generators to include gh binary mount in the mounts array |
| pkg/workflow/mcp_config_refactor_test.go | Adds test assertions to verify gh binary mount is present in both JSON and TOML formats |
| pkg/cli/mcp_server.go | Implements checkAndLogGHVersion() function to validate and log gh CLI availability at startup |
| .changeset/patch-log-gh-cli-version.md | Documents the changeset for this patch release |
| .github/workflows/*.lock.yml | 22 workflow lock files updated with the new gh binary mount configuration |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| // DefaultGhBinaryMount is the mount path for the gh CLI binary in containerized MCP servers | ||
| // The gh CLI is required for agentic-workflows MCP server to run gh commands |
There was a problem hiding this comment.
The hardcoded path /usr/bin/gh assumes the GitHub CLI is installed at this specific location. While this is the standard location on Ubuntu (which is used for GitHub Actions runners per the PR context), this assumption may break if:
- The gh CLI is installed via a different method (e.g., Homebrew, manual download) which places it elsewhere
- The host system has gh in a non-standard location
- Future changes to GitHub Actions runner images change the installation location
Consider documenting this assumption clearly in the constant's comment, or exploring a more robust approach such as:
- Using
which ghorcommand -v ghto dynamically determine the gh binary location during workflow setup - Providing a way to override this mount path via configuration
- Adding validation in the MCP server startup to warn users if gh is not found at the expected location
Note that the PR does add gh version checking in checkAndLogGHVersion() which will warn if gh is missing, but this happens after the mount is configured and may not provide clear guidance about the mount path issue.
| // DefaultGhBinaryMount is the mount path for the gh CLI binary in containerized MCP servers | |
| // The gh CLI is required for agentic-workflows MCP server to run gh commands | |
| // DefaultGhBinaryMount is the default mount path for the gh CLI binary in containerized MCP servers. | |
| // This assumes that gh is installed at /usr/bin/gh on both the host and in the container, | |
| // which is true for GitHub Actions Ubuntu runners but may not hold for all environments | |
| // (e.g., Homebrew installations, custom host images, or non-Ubuntu systems). | |
| // Callers should override this mount when gh is installed in a different location. | |
| // The gh CLI is required for agentic-workflows MCP server to run gh commands. |
Solution: Add gh binary mount to agentic-workflows MCP server configuration
Problem ✅ FIXED
The agentic-workflows MCP server runs in an Alpine container and needs access to the
ghCLI binary to execute commands likegh aw status. The error was:Solution Implemented
ghbinary from the host system (/usr/bin/gh) to the Alpine container in read-only modeChanges Made
DefaultGhBinaryMount = "/usr/bin/gh:/usr/bin/gh:ro"inpkg/constants/constants.gorenderAgenticWorkflowsMCPConfigWithOptions()to include gh binary mountrenderAgenticWorkflowsMCPConfigTOML()to include gh binary mountcheckAndLogGHVersion()function logs gh CLI version on startup and warns if missingworkflow.ExecGH()helper instead of directexec.Command()callTesting
make fmt)make build)Example Output
When gh is available:
When gh is missing:
All requirements completed successfully! ✅
Original prompt
💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.
Changeset