Skip to content

Commit 6784a26

Browse files
emmanuelknafoemmanuelknafo
committed
feat: Enhance Security Agent Workflow with error handling and timeout for Copilot CLI
1 parent 6f6b3c7 commit 6784a26

File tree

1 file changed

+19
-3
lines changed

1 file changed

+19
-3
lines changed

.github/workflows/security-agent-workflow.yml

Lines changed: 19 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -31,15 +31,31 @@ jobs:
3131
GITHUB_REPOSITORY: ${{ github.repository }}
3232
run: |
3333
set -euo pipefail
34+
35+
# Verify agent file exists
36+
if [ ! -f ".github/agents/security-agent.md" ]; then
37+
echo "Error: Security agent file not found"
38+
exit 1
39+
fi
40+
3441
AGENT_PROMPT=$(cat .github/agents/security-agent.md)
3542
PROMPT="$AGENT_PROMPT"
3643
PROMPT+=$'\n\nContext:\n'
3744
PROMPT+="- Repository: $GITHUB_REPOSITORY"
3845
PROMPT+=$'\n\nTask:\n'
39-
PROMPT+=$"\n- Execute the instructions on the full codebase"
40-
PROMPT+=$'\n- Generate the security report at /security-reports/security-assessment-report.md summarizing findings, severity, and remediation guidance.'
46+
PROMPT+="- Execute the instructions on the full codebase"
47+
PROMPT+="- Generate the security report at security-reports/security-assessment-report.md summarizing findings, severity, and remediation guidance."
48+
PROMPT+=$'\n\nIMPORTANT: Complete the analysis and save the report file. Do not wait for user input.'
4149
42-
copilot --prompt "$PROMPT" --allow-all-tools --allow-all-paths < /dev/null
50+
# Run with timeout to prevent hanging
51+
timeout 600 copilot --prompt "$PROMPT" --allow-all-tools --allow-all-paths < /dev/null || {
52+
exit_code=$?
53+
if [ $exit_code -eq 124 ]; then
54+
echo "Warning: Copilot CLI timed out after 10 minutes"
55+
fi
56+
# Continue even if copilot exits non-zero, report may still be generated
57+
echo "Copilot CLI exited with code: $exit_code"
58+
}
4359
4460
- name: Output security report as summary
4561
if: always()

0 commit comments

Comments
 (0)