BUG: Downstream 'GH_AW_SAFE_OUTPUTS_CONFIG_PATH' and 'GH_AW_SAFE_OUTPUTS_TOOLS_PATH' variables not available as env vars due to GITHUB_OUTPUT-only write

[grahame-white]

Summary

In workflows compiled by gh-aw v0.64.0, the Set runtime paths step writes the safe outputs paths (GH_AW_SAFE_OUTPUTS_CONFIG_PATH, GH_AW_SAFE_OUTPUTS_TOOLS_PATH, etc.) only to $GITHUB_OUTPUT, not $GITHUB_ENV. However, downstream steps (e.g., Start MCP Gateway, Start Safe Outputs MCP HTTP Server, and any containers running MCPs) require these as true environment variables at runtime—including for Docker -e injection and in-process scripts.

What failed

• Set runtime paths only writes to $GITHUB_OUTPUT.
• Downstream jobs/containers reference these variables as env vars, so they're empty/undefined.

Why it failed

• A security fix to eliminate $GITHUB_ENV writes (to mitigate injection risk) was applied, but the workflow compiler did not update downstream steps to explicitly pass the output as an env: value (e.g., env: GH_AW_SAFE_OUTPUTS_CONFIG_PATH: ${{ steps.set-runtime-paths.outputs.GH_AW_SAFE_OUTPUTS_CONFIG_PATH }}).

Root cause

• Compiler-side in pkg/workflow/compiler_yaml_helpers.go, only $GITHUB_OUTPUT is used for these vars, and required downstream env: thread-through is missing.

Supporting evidence / References

• PR Review Copilot observation 1, 3, 5, 6, 7, 9, 11
• Compiler code: generateSetRuntimePathsStep() in pkg/workflow/compiler_yaml_helpers.go
• Gaps in lockfile configs: reviewed in the above PR for all affected workflows

Proposed fix

• Compiler: For every downstream step/Job/container that references these variables (especially Docker -e), explicitly pass them as environment variables using outputs from the set-runtime-paths step (e.g., GH_AW_SAFE_OUTPUTS_CONFIG_PATH: ${{ steps.set-runtime-paths.outputs.GH_AW_SAFE_OUTPUTS_CONFIG_PATH }}).
• Add tests to ensure all required safe output variables are present both as outputs and in the runtime env for every path-consuming job/step.

Implementation plan

1. Patch workflow YAML compiler:
   • Ensure affected jobs propagate required vars from outputs to step/job env.
   • Add regression/unit tests in compiler to validate env propagation.
2. Run a full round-trip integration (compile sample workflows, verify resulting .lock.yml threads the variables correctly up to container run).

[lpcox]

@grahame-white thanks, I am looking into it