Add digest-aware AWF runtime image pinning via image-tag metadata

[Copilot]

AWF workflows were SHA-pinning the setup action but still pulling runtime containers by mutable tag only (squid, agent/agent-act, iptables-init via agent image, api-proxy, cli-proxy). This change adds optional per-image digest pinning to close that integrity gap while keeping backward compatibility for tag-only releases.

• Digest-aware image-tag format (new shared contract)

  • Added parsing/building utility in src/image-tag.ts.
  • Supported format:
    • 0.25.18
    • 0.25.18,squid=sha256:...,agent=sha256:...,agent-act=sha256:...,api-proxy=sha256:...,cli-proxy=sha256:...
  • Runtime image refs now become repo/image:tag@sha256:... when digest metadata is present.

• Runtime compose image resolution

  • src/docker-manager.ts now resolves GHCR image refs through the new parser/builder.
  • Applies to:
    • squid-proxy
    • agent / agent-act
    • iptables-init (inherits the agent image, so digest pin follows automatically)
    • api-proxy
    • cli-proxy

• Predownload path parity

  • src/commands/predownload.ts now uses the same digest-aware resolution, so pre-pulled images match runtime refs.

• Setup action output now carries digest metadata

  • action.yml now fetches release containers.txt (if available), extracts per-image digests, normalizes case, and emits enriched image-tag output.
  • pull-images: true now pulls pinned refs when digests exist; otherwise falls back to tag-only behavior.

• Docs/workflow updates

  • Updated docs/github_actions.md and docs/usage.md to document digest metadata format.
  • Updated .github/workflows/test-action.yml to validate image-tag as 0.7.0* (base tag with optional digest metadata).

• Targeted test coverage

  • Added tests in src/docker-manager.test.ts and src/commands/predownload.test.ts for digest-appended refs and invalid digest metadata handling.

// now supported end-to-end
const imageTag =
  '0.25.18,' +
  'squid=sha256:aaaaaaaa...,' +
  'agent=sha256:bbbbbbbb...,' +
  'api-proxy=sha256:cccccccc...';

// resolves to:
// ghcr.io/github/gh-aw-firewall/squid:0.25.18@sha256:aaaaaaaa...
// ghcr.io/github/gh-aw-firewall/agent:0.25.18@sha256:bbbbbbbb...
// ghcr.io/github/gh-aw-firewall/api-proxy:0.25.18@sha256:cccccccc...

[github-actions]

Documentation Preview

Documentation build failed for this PR. View logs.

Built from commit 14c1c39

[github-actions]

⚠️ Coverage Regression Detected

This PR decreases test coverage. Please add tests to maintain coverage levels.

Overall Coverage

Metric	Base	PR	Delta
Lines	84.33%	84.39%	📈 +0.06%
Statements	83.56%	83.63%	📈 +0.07%
Functions	87.39%	87.46%	📈 +0.07%
Branches	74.78%	74.76%	📉 -0.02%

📁 Per-file Coverage Changes (1 files)

File	Lines (Before → After)	Statements (Before → After)
src/docker-manager.ts	86.8% → 87.1% (+0.31%)	86.4% → 86.7% (+0.30%)

✨ New Files (1 files)

• src/image-tag.ts: 80.6% lines

---

Coverage comparison generated by scripts/ci/compare-coverage.ts

[Copilot]

Pull request overview

Updates AWF runtime container image resolution to support digest pinning, allowing the CLI and setup action to produce/pull name:tag@sha256:... references when digest metadata is available.

Changes:

• Added digest-aware --image-tag parsing and runtime image reference construction.
• Switched Docker Compose generation and predownload image lists to use digest-pinned image references when provided.
• Updated setup action and docs/tests to propagate and validate digest-enriched image-tag metadata.

Show a summary per file

File	Description
src/image-tag.ts	Introduces parsing for digest-enriched image tags and builds registry/name:tag@digest refs.
src/docker-manager.ts	Uses digest-aware image refs for squid/agent/api-proxy/cli-proxy in generated compose.
src/docker-manager.test.ts	Adds coverage to assert compose images include per-image digests.
src/commands/predownload.ts	Resolves images using digest-aware refs for preset runtime images.
src/commands/predownload.test.ts	Adds tests for digest metadata handling and rejection of invalid digests.
src/cli.ts	Updates --image-tag help text to mention digest metadata format.
docs/usage.md	Documents optional digest metadata format for --image-tag.
docs/github_actions.md	Updates action output documentation for digest-enriched image-tag.
action.yml	Enhances setup action to read containers.txt, emit digest-enriched image-tag, and pull pinned images when available.
.github/workflows/test-action.yml	Adjusts workflow assertion to accept image-tag metadata with optional digest suffixes.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comments suppressed due to low confidence (1)

src/cli.ts:2279

• The predownload --image-tag option description lists only squid, agent, and api-proxy, but resolveImages() now also supports digest metadata for cli-proxy and agent-act. Please update the description/example so users know which digest keys are accepted.

  .option(
    '--image-tag <tag>',
    'Container image tag. Supports optional digest metadata: <tag>,squid=sha256:...,agent=sha256:...,api-proxy=sha256:...',
    'latest'
  )

• Files reviewed: 10/10 changed files
• Comments generated: 3

[github-actions]

⚠️ Coverage Regression Detected

This PR decreases test coverage. Please add tests to maintain coverage levels.

Overall Coverage

Metric	Base	PR	Delta
Lines	84.33%	84.39%	📈 +0.06%
Statements	83.56%	83.63%	📈 +0.07%
Functions	87.39%	87.46%	📈 +0.07%
Branches	74.78%	74.76%	📉 -0.02%

📁 Per-file Coverage Changes (1 files)

File	Lines (Before → After)	Statements (Before → After)
src/docker-manager.ts	86.8% → 87.1% (+0.31%)	86.4% → 86.7% (+0.30%)

✨ New Files (1 files)

• src/image-tag.ts: 80.6% lines

---

Coverage comparison generated by scripts/ci/compare-coverage.ts

[github-actions]

⚠️ Coverage Regression Detected

This PR decreases test coverage. Please add tests to maintain coverage levels.

Overall Coverage

Metric	Base	PR	Delta
Lines	84.33%	84.39%	📈 +0.06%
Statements	83.56%	83.63%	📈 +0.07%
Functions	87.39%	87.46%	📈 +0.07%
Branches	74.78%	74.76%	📉 -0.02%

📁 Per-file Coverage Changes (1 files)

File	Lines (Before → After)	Statements (Before → After)
src/docker-manager.ts	86.8% → 87.1% (+0.31%)	86.4% → 86.7% (+0.30%)

✨ New Files (1 files)

• src/image-tag.ts: 80.6% lines

---

Coverage comparison generated by scripts/ci/compare-coverage.ts

[github-actions]

Smoke Test Results

✅ GitHub MCP Testing — Last 2 merged PRs retrieved
✅ Playwright Testing — github.com title verified
✅ File Writing — Test file created successfully
✅ Bash Tool Testing — File verified

Status: PASS

💥 [THE END] — Illustrated by Smoke Claude

[github-actions]

🤖 Smoke Test Results

• ✅ MCP: Handle unversioned OpenAI /responses paths in API proxy sidecar (Handle unversioned OpenAI /responses paths in API proxy sidecar #2080, merged)
• ✅ GitHub.com connectivity: HTTP 200
• ✅ File write/read: Smoke test passed for Copilot at Sat Apr 18 23:06:17 UTC 2026

Overall: PASS

PR by @app/copilot-swe-agent, assigned to @lpcox @Copilot

📰 BREAKING: Report filed by Smoke Copilot

[github-actions]

Smoke Test: GitHub Actions Services Connectivity ✅

All checks passed:

Check	Result
Redis PING (host.docker.internal:6379)	✅ PONG
PostgreSQL ready (host.docker.internal:5432)	✅ accepting connections
SELECT 1 on smoketest db as postgres	✅ returned 1

Note: redis-cli was not available; Redis was tested via raw TCP with nc.

🔌 Service connectivity validated by Smoke Services

[github-actions]

Chroot Version Comparison Results

Runtime	Host Version	Chroot Version	Match?
Python	Python 3.12.13	Python 3.12.3	❌ NO
Node.js	v24.14.1	v20.20.2	❌ NO
Go	go1.22.12	go1.22.12	✅ YES

Overall: ❌ Not all tests passed. Python and Node.js versions differ between host and chroot environments.

Tested by Smoke Chroot

[github-actions]

🏗️ Build Test Suite Results

Ecosystem	Project	Build/Install	Tests	Status
Bun	elysia	✅	1/1 passed	✅ PASS
Bun	hono	✅	1/1 passed	✅ PASS
C++	fmt	✅	N/A	✅ PASS
C++	json	✅	N/A	✅ PASS
Deno	oak	N/A	1/1 passed	✅ PASS
Deno	std	N/A	1/1 passed	✅ PASS
.NET	hello-world	✅	N/A	✅ PASS
.NET	json-parse	✅	N/A	✅ PASS
Go	color	✅	all passed	✅ PASS
Go	env	✅	all passed	✅ PASS
Go	uuid	✅	all passed	✅ PASS
Java	gson	✅	1/1 passed	✅ PASS
Java	caffeine	✅	1/1 passed	✅ PASS
Node.js	clsx	✅	all passed	✅ PASS
Node.js	execa	✅	all passed	✅ PASS
Node.js	p-limit	✅	all passed	✅ PASS
Rust	fd	✅	1/1 passed	✅ PASS
Rust	zoxide	✅	1/1 passed	✅ PASS

Overall: 8/8 ecosystems passed — ✅ PASS

Generated by Build Test Suite for issue #2086 · ● 1.1M · ◷

[github-actions]

🔥 Smoke Test: Copilot BYOK (Offline Mode)

Test	Status
GitHub MCP (list PRs)	✅ PR #2086: "Add digest-aware AWF runtime image pinning via image-tag metadata"
GitHub.com connectivity	⚠️ Pre-step data unavailable (template vars not substituted — scheduled run)
File write/read	⚠️ Pre-step data unavailable (template vars not substituted — scheduled run)
BYOK inference (agent response)	✅

Running in BYOK offline mode (COPILOT_OFFLINE=true) via api-proxy → api.githubcopilot.com

Overall: PARTIAL PASS (scheduled run; no PR context for pre-step data)

PR #2086 author: copilot-swe-agent · Assignees: @lpcox, @Copilot

🔑 BYOK report filed by Smoke Copilot BYOK