feat: add github-app and OIDC token auth support for custom HTTP MCP servers (fixes #23566)

[Copilot]

Summary

Implements two complementary authentication mechanisms for any custom HTTP MCP server – previously only tools.github supported github-app. Closes #23566.

---

Feature 1 — github-app on any custom HTTP MCP server

Users can now add a github-app block to any entry under mcp-servers: (or tools:):

mcp-servers:
  my-server:
    url: "https://api.example.com/mcp"
    github-app:
      app-id: "${{ vars.APP_ID }}"
      private-key: "${{ secrets.APP_PRIVATE_KEY }}"
      owner: "my-org"            # optional
      repositories:              # optional; omit for triggering repo, use ["*"] for org-wide
        - "my-repo"

What the compiler generates:

1. A token-mint step (<server>-mcp-app-token) before the agent step using actions/create-github-app-token, with permissions derived from the job's permission block.
2. The minted token is exported as MCP_<SERVER>_APP_TOKEN and forwarded to the gateway container.
3. The gateway config auto-injects "Authorization": "Bearer ${MCP_<SERVER>_APP_TOKEN}" for that server.
4. A token-invalidation step (always runs, even on failure) revokes the installation token after the job.

---

Feature 2 — auth.type: github-oidc on any custom HTTP MCP server

Based on issue #23566:

mcp-servers:
  my-server:
    url: "https://api.example.com/mcp"
    auth:
      type: github-oidc
      audience: "https://api.example.com"   # recommended – sets the OIDC 'aud' claim

What the compiler generates:

1. id-token: write is automatically injected into the agent job's permissions (no manual frontmatter required).
2. ACTIONS_ID_TOKEN_REQUEST_URL and ACTIONS_ID_TOKEN_REQUEST_TOKEN are forwarded to the gateway container so it can request fresh OIDC JWTs.
3. The auth block is included verbatim in the gateway's JSON config for that server.

The gateway is responsible for acquiring/refreshing tokens (~5 min lifetime) and injecting them as Authorization: Bearer <token> on each proxied request.

---

Mutual exclusivity

github-app and auth are mutually exclusive on the same server. This is enforced by both the JSON schema and Go-level validation in getMCPConfig().

---

Changes

File	What changed
pkg/types/mcp.go	New MCPServerAuth struct; Auth *MCPServerAuth field on BaseMCPServerConfig
pkg/parser/schemas/mcp_config_schema.json	github-app and auth properties + mutual-exclusion and HTTP-only constraints
pkg/parser/schemas/main_workflow_schema.json	github-app and auth added to http_mcp_tool definition
pkg/workflow/mcp_config_custom.go	Parse auth/github-app from raw config; auto-inject Authorization header; render auth in gateway JSON
pkg/workflow/mcp_config_validation.go	Register github-app and auth as known tool fields
pkg/workflow/compiler_custom_mcp_steps.go (new)	Mint/invalidate step generators; hasCustomMCPServerOIDCAuth helper
pkg/workflow/compiler_yaml_main_job.go	Call new step generators at the right points
pkg/workflow/mcp_environment.go	Export per-server app-token env vars; add OIDC env vars when needed
pkg/workflow/tools.go	Auto-inject id-token: write when OIDC auth is detected
pkg/workflow/schemas/mcp-gateway-config.schema.json	auth block added to httpServerConfig
pkg/workflow/custom_mcp_auth_test.go (new)	Comprehensive tests for all new scenarios