Prefer python3 for downloading logs in test-quarantine#66279
Merged
Conversation
- Swap Part 1 (unquarantine) and Part 2 (quarantine) so quarantine is investigated first, matching the existing execution priority - Add turn budget awareness guardrail to prevent the agent from exhausting its turn/token budget on investigation and producing zero safe outputs (as happened in run 24238389617) - Fix stale Step 2.4 cross-reference to correctly point to Step 3.1 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Zero outputs is fine when no candidates are found. The bad outcome is finding candidates but failing to create outputs for them. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…ovements' into wtgodbe/quarantine-prompt-improvements
curl is unreliable in the agentic workflow environment due to firewall permission issues (gh-aw#24921). The agent consistently falls back to python3 urllib.request in successful runs. Remove curl from the tools allowlist and instruct the agent to use python3 with urllib.request for all HTTP requests. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
github-actions
bot
added
the
area-infrastructure
Contributor
There was a problem hiding this comment.
Pull request overview
Updates the agentic “test-quarantine” workflow guidance to prefer python3/urllib.request for downloading Helix/Azure DevOps logs in environments where curl/web_fetch can fail due to firewall/network restrictions, and regenerates workflow lock files.
Changes:
- Adjusts the test-quarantine investigation instructions to use
python3/urllib.requestfor downloading and searching console logs. - Adds an API reference note recommending
python3/urllib.requestfor HTTP requests. - Regenerates multiple
.lock.ymlworkflows and updates.github/aw/actions-lock.json(including action SHAs / tool wiring changes from gh-aw compilation).
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/test-quarantine.md | Documentation updates to prefer python3/urllib.request for log downloads and HTTP calls. |
| .github/workflows/test-quarantine.lock.yml | Regenerated lock workflow (gh-aw/compiler/action updates, runtime/logging tweaks). |
| .github/workflows/issue-triage-agent.lock.yml | Regenerated lock workflow (gh-aw/compiler/action updates). |
| .github/workflows/cswin32-update.lock.yml | Regenerated lock workflow (gh-aw/compiler/action updates). |
| .github/workflows/community-pr-issue-check.lock.yml | Regenerated lock workflow (gh-aw/compiler/action updates). |
| .github/workflows/browsertesting-deps-update.lock.yml | Regenerated lock workflow (gh-aw/compiler/action updates). |
| .github/aw/actions-lock.json | Updates pinned action entries used for compilation/locking. |
Comment on lines
+354
to
+363
| **Important: Always use `python3` with `urllib.request` for all HTTP requests.** Do not use `curl` or `web_fetch` — they are unreliable in this environment due to firewall restrictions. For example: | ||
| ```python | ||
| python3 -c " | ||
| import urllib.request, json | ||
| url = 'https://dev.azure.com/dnceng-public/public/_apis/build/builds?definitions=83&api-version=7.1' | ||
| with urllib.request.urlopen(url, timeout=30) as r: | ||
| data = json.loads(r.read()) | ||
| print(json.dumps(data, indent=2)) | ||
| " | ||
| ``` |
Use bash fence since the snippet is a shell command (python3 -c), not a pure Python script. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The workflow often gets blocked from network access due to the network firewall - this shouldn't happen, since the relevant domains (AzDO/Helix) are explicitly in the allowed domains list, and the agent should be running in YOLO mode, but it happens anyways. We tried to fix it with github/gh-aw#24921, but that didn't work. Instead of waiting for a fix, let's prefer using python3 for downloading the logs in the workflow, because when the agent falls back to python3 in previous workflows, it works.