Prune non-schema entries from SharedWorkflowForbiddenFields#37236
Merged
Conversation
Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Clean up dead entries in SharedWorkflowForbiddenFields
Prune non-schema entries from Jun 6, 2026
SharedWorkflowForbiddenFields
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Updates the shared-workflow import restrictions by allowing a few previously forbidden top-level fields, and aligns docs/tests with the updated forbidden-field list.
Changes:
- Removed
command,roles, andtimeout_minutesfromSharedWorkflowForbiddenFields. - Updated the forbidden-fields import rejection test cases to stop expecting those fields to be rejected.
- Updated constants documentation to reflect the new forbidden-fields list.
Show a summary per file
| File | Description |
|---|---|
| pkg/workflow/forbidden_fields_import_test.go | Removes rejection test cases for fields that are no longer forbidden. |
| pkg/constants/constants.go | Updates the canonical forbidden-fields list and its inline documentation. |
| pkg/constants/README.md | Updates the README example to match the revised forbidden-fields list. |
Copilot's findings
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comments suppressed due to low confidence (1)
pkg/workflow/forbidden_fields_import_test.go:1
- The test claims it is using
SharedWorkflowForbiddenFields, but the map keys don’t appear to match the constant list: the constant usesenvironment(notenv). This means the test likely isn’t validating rejection forenvironmentat all. Update the test case key/YAML to useenvironment, or (preferably) derive/validate the test cases againstSharedWorkflowForbiddenFieldsso drift is caught automatically.
//go:build integration
- Files reviewed: 3/3 changed files
- Comments generated: 3
Comment on lines
19
to
20
| // Use the SharedWorkflowForbiddenFields constant and create YAML examples for each | ||
| forbiddenFieldYAML := map[string]string{ |
Comment on lines
332
to
347
| var SharedWorkflowForbiddenFields = []string{ | ||
| "on", // Trigger field - only for main workflows | ||
| "command", // Command for workflow execution | ||
| "concurrency", // Concurrency control | ||
| "container", // Container configuration | ||
| "environment", // Deployment environment | ||
| "features", // Feature flags | ||
| "github-token", // GitHub token configuration | ||
| "if", // Conditional execution | ||
| "name", // Workflow name | ||
| "roles", // Role requirements | ||
| "run-name", // Run display name | ||
| "runs-on", // Runner specification | ||
| "sandbox", // Sandbox configuration | ||
| "strict", // Strict mode | ||
| "timeout-minutes", // Timeout in minutes | ||
| "timeout_minutes", // Timeout in minutes (underscore variant) | ||
| "tracker-id", // Tracker ID | ||
| } |
| // Forbidden fields fall into these categories: | ||
| // - Workflow triggers: on (defines it as a main workflow) | ||
| // - Workflow execution: command, run-name, runs-on, concurrency, if, timeout-minutes, timeout_minutes | ||
| // - Workflow execution: run-name, runs-on, concurrency, if, timeout-minutes |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
SharedWorkflowForbiddenFieldscontained entries that cannot match real top-level frontmatter keys (command,roles,timeout_minutes), which made shared-workflow restrictions noisier and misleading relative tomain_workflow_schema.json. This change tightens the list to schema-real fields only.Schema-aligned forbidden field list
/pkg/constants/constants.go:commandrolestimeout_minutestimeout-minutes(the actual top-level schema key).Documentation/comment alignment
SharedWorkflowForbiddenFieldsto remove references to deleted keys.Integration test fixture cleanup
/pkg/workflow/forbidden_fields_import_test.gofor the deleted forbidden keys, keeping fixture coverage aligned with the canonical constant.