Skip to content

Add debug logging and guide for action pinning version comment flipping #8999

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pelikhan merged 3 commits into from
Jan 5, 2026
Merged

Add debug logging and guide for action pinning version comment flipping #8999

pelikhan merged 3 commits into from
Jan 5, 2026

Conversation

Copy link
Contributor

Copilot AI commented Jan 5, 2026
edited
Loading

When workflows reference the same action with different version tags (e.g., v8 vs v8.0.0), both resolve to identical SHAs but create separate cache entries. This causes compiled lock files to flip between version comments depending on which workflow compiled last.

Changes

Enhanced debug logging across action resolution pipeline:

  • action_pins.go: Logs duplicate SHA detection during resolution
  • action_cache.go: Warns when adding duplicate SHA entries, logs deduplication details
  • action_resolver.go: Logs GitHub API queries with endpoint details

Enable with: DEBUG=workflow:action_* gh aw compile

Debugging guide (specs/debugging-action-pinning.md):

  • Root cause analysis with concrete examples
  • Log interpretation patterns
  • Four solution approaches (consistent versions, cache clearing, exact SHAs, canonical pins)
  • Cache inspection commands and troubleshooting checklist

Test coverage for duplicate detection and deduplication logic.

Example Debug Output

workflow:action_cache WARNING: Adding cache entry actions/github-script@v8 with SHA ed597411 
  that already exists as actions/github-script@v8.0.0
workflow:action_cache This may cause version comment flipping in lock files. 
  Consider using consistent version tags.
workflow:action_cache Deduplicating: keeping actions/github-script@v8.0.0, removing actions/github-script@v8

Resolution

Developers can now:

  1. Enable debug logging to observe the issue in real-time
  2. Inspect cache with cat .github/aw/actions-lock.json | jq
  3. Standardize version tags across workflows (recommended)
  4. Clear cache if needed: rm .github/aw/actions-lock.json

No behavior changes—pure observability enhancement.

Original prompt

When compiling locally, it often happens that the action pinning switches between two versions that point ot the same long sha. Like

    uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
    uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0

This failure only seems to happen on a local dev-folder. Investigate the potential failure points and provide a debuggging plan for the developer (including which logs to enable), add more logs where it can be useful.

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI and others added 2 commits January 5, 2026 14:51
@pelikhan
Add comprehensive logging for action pinning debugging
c2fcbe0 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
@pelikhan
Add tests for duplicate SHA detection and deduplication
e2792d3 
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title [WIP] Investigate action pinning inconsistencies in local compilation Add debug logging and guide for action pinning version comment flipping Jan 5, 2026
Copilot AI requested a review from pelikhan January 5, 2026 14:59
@pelikhan pelikhan marked this pull request as ready for review January 5, 2026 15:10
@pelikhan pelikhan merged commit 5dd0152 into main Jan 5, 2026
4 checks passed
@pelikhan pelikhan deleted the copilot/investigate-local-action-failure branch January 5, 2026 15:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@pelikhan pelikhan pelikhan approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pelikhan