[log] Add debug logging to 5 workflow pkg files

pkg/workflow/safe_outputs_domains_validation.go

@@ -23,6 +23,7 @@ func (c *Compiler) validateNetworkAllowedDomains(network *NetworkPermissions) er
 	for i, domain := range network.Allowed {
 		// Skip ecosystem identifiers - they don't need domain pattern validation
 		if isEcosystemIdentifier(domain) {
+			safeOutputsDomainsValidationLog.Printf("Skipping ecosystem identifier: %s", domain)
 			continue
 		}
 
@@ -34,7 +35,13 @@ func (c *Compiler) validateNetworkAllowedDomains(network *NetworkPermissions) er
 		}
 	}
 
-	return collector.Error()
+	if err := collector.Error(); err != nil {
+		safeOutputsDomainsValidationLog.Printf("Network allowed domains validation failed: %v", err)
+		return err
+	}
+
+	safeOutputsDomainsValidationLog.Print("Network allowed domains validation passed")
+	return nil
 }
 
 // isEcosystemIdentifier checks if a domain string is actually an ecosystem identifier
@@ -73,7 +80,13 @@ func (c *Compiler) validateSafeOutputsAllowedDomains(config *SafeOutputsConfig)
 		}
 	}
 
-	return collector.Error()
+	if err := collector.Error(); err != nil {
+		safeOutputsDomainsValidationLog.Printf("Safe outputs allowed domains validation failed: %v", err)
+		return err
+	}
+
+	safeOutputsDomainsValidationLog.Print("Safe outputs allowed domains validation passed")
+	return nil
 }
 
 // validateDomainPattern validates a single domain pattern

pkg/workflow/safe_outputs_env.go

@@ -21,6 +21,8 @@ func applySafeOutputEnvToMap(env map[string]string, data *WorkflowData) {
 		return
 	}
 
+	safeOutputsEnvLog.Printf("Applying safe output env vars: trial_mode=%t, staged=%t", data.TrialMode, data.SafeOutputs.Staged)
+
 	env["GH_AW_SAFE_OUTPUTS"] = "${{ env.GH_AW_SAFE_OUTPUTS }}"
 
 	// Add staged flag if specified
@@ -33,6 +35,7 @@ func applySafeOutputEnvToMap(env map[string]string, data *WorkflowData) {
 
 	// Add branch name if upload assets is configured
 	if data.SafeOutputs.UploadAssets != nil {
+		safeOutputsEnvLog.Printf("Adding upload assets env vars: branch=%s", data.SafeOutputs.UploadAssets.BranchName)
 		env["GH_AW_ASSETS_BRANCH"] = fmt.Sprintf("%q", data.SafeOutputs.UploadAssets.BranchName)
 		env["GH_AW_ASSETS_MAX_SIZE_KB"] = strconv.Itoa(data.SafeOutputs.UploadAssets.MaxSizeKB)
 		env["GH_AW_ASSETS_ALLOWED_EXTS"] = fmt.Sprintf("%q", strings.Join(data.SafeOutputs.UploadAssets.AllowedExts, ","))
@@ -103,13 +106,16 @@ func buildSafeOutputJobEnvVars(trialMode bool, trialLogicalRepoSlug string, stag
 
 	// Pass the staged flag if it's set to true
 	if trialMode || staged {
+		safeOutputsEnvLog.Printf("Setting staged flag: trial_mode=%t, staged=%t", trialMode, staged)
 		customEnvVars = append(customEnvVars, "          GH_AW_SAFE_OUTPUTS_STAGED: \"true\"\n")
 	}
 
 	// Set GH_AW_TARGET_REPO_SLUG - prefer target-repo config over trial target repo
 	if targetRepoSlug != "" {
+		safeOutputsEnvLog.Printf("Setting target repo slug from config: %s", targetRepoSlug)
 		customEnvVars = append(customEnvVars, fmt.Sprintf("          GH_AW_TARGET_REPO_SLUG: %q\n", targetRepoSlug))
 	} else if trialMode && trialLogicalRepoSlug != "" {
+		safeOutputsEnvLog.Printf("Setting target repo slug from trial mode: %s", trialLogicalRepoSlug)
 		customEnvVars = append(customEnvVars, fmt.Sprintf("          GH_AW_TARGET_REPO_SLUG: %q\n", trialLogicalRepoSlug))
 	}
 
@@ -189,6 +195,8 @@ func buildEngineMetadataEnvVars(engineConfig *EngineConfig) []string {
 		return customEnvVars
 	}
 
+	safeOutputsEnvLog.Printf("Building engine metadata env vars: id=%s, version=%s", engineConfig.ID, engineConfig.Version)
+
 	// Add engine ID if present
 	if engineConfig.ID != "" {
 		customEnvVars = append(customEnvVars, fmt.Sprintf("          GH_AW_ENGINE_ID: %q\n", engineConfig.ID))

pkg/workflow/trigger_parser.go

@@ -187,6 +187,7 @@ func parsePushTrigger(tokens []string) (*TriggerIR, error) {
 	if len(tokens) >= 3 && tokens[1] == "to" {
 		// "push to <branch>"
 		branch := strings.Join(tokens[2:], " ")
+		triggerParserLog.Printf("Parsed push-to-branch trigger: branch=%s", branch)
 		return &TriggerIR{
 			Event: "push",
 			Filters: map[string]any{
@@ -201,6 +202,7 @@ func parsePushTrigger(tokens []string) (*TriggerIR, error) {
 	if len(tokens) >= 3 && tokens[1] == "tags" {
 		// "push tags <pattern>"
 		pattern := strings.Join(tokens[2:], " ")
+		triggerParserLog.Printf("Parsed push-tags trigger: pattern=%s", pattern)
 		return &TriggerIR{
 			Event: "push",
 			Filters: map[string]any{
@@ -242,6 +244,7 @@ func parsePullRequestTrigger(tokens []string) (*TriggerIR, error) {
 
 	// Special case: "merged" is not a real type, it's a condition on "closed"
 	if activityType == "merged" {
+		triggerParserLog.Print("Parsed pull_request merged trigger (maps to closed with merge condition)")
 		return &TriggerIR{
 			Event:      "pull_request",
 			Types:      []string{"closed"},
@@ -344,9 +347,12 @@ func parseIssueTrigger(tokens []string) (*TriggerIR, error) {
 	// Check for label filter: "issue opened labeled <label>"
 	if len(tokens) >= 4 && tokens[2] == "labeled" {
 		label := strings.Join(tokens[3:], " ")
+		triggerParserLog.Printf("Parsed issue trigger with label filter: type=%s, label=%s", activityType, label)
 		ir.Conditions = []string{
 			fmt.Sprintf("contains(github.event.issue.labels.*.name, '%s')", label),
 		}
+	} else {
+		triggerParserLog.Printf("Parsed issue trigger: type=%s", activityType)
 	}
 
 	return ir, nil
@@ -407,6 +413,7 @@ func parseManualTrigger(input string) (*TriggerIR, error) {
 		// Check for input specification: "manual with input <name>"
 		if len(tokens) >= 4 && tokens[1] == "with" && tokens[2] == "input" {
 			inputName := tokens[3]
+			triggerParserLog.Printf("Parsed manual trigger with input: %s", inputName)
 			ir.AdditionalEvents["workflow_dispatch"] = map[string]any{
 				"inputs": map[string]any{
 					inputName: map[string]any{
@@ -416,6 +423,8 @@ func parseManualTrigger(input string) (*TriggerIR, error) {
 					},
 				},
 			}
+		} else {
+			triggerParserLog.Print("Parsed manual trigger (workflow_dispatch)")
 		}
 
 		return ir, nil

pkg/workflow/update_entity_helpers.go

@@ -319,6 +319,8 @@ func (c *Compiler) parseUpdateEntityConfigWithFields(
 	outputMap map[string]any,
 	opts UpdateEntityParseOptions,
 ) (*UpdateEntityConfig, map[string]any) {
+	updateEntityHelpersLog.Printf("Parsing update entity config with fields: entity=%s, config_key=%s, fields=%d", opts.EntityType, opts.ConfigKey, len(opts.Fields))
+
 	// Parse base configuration using helper
 	baseConfig, configMap := c.parseUpdateEntityBase(
 		outputMap,
@@ -348,6 +350,7 @@ func (c *Compiler) parseUpdateEntityConfigWithFields(
 		opts.CustomParser(configMap)
 	}
 
+	updateEntityHelpersLog.Printf("Completed parsing update entity config: entity=%s", opts.EntityType)
 	return baseConfig, configMap
 }
 

pkg/workflow/yaml.go

@@ -237,6 +237,8 @@ func MarshalWithFieldOrder(data map[string]any, priorityFields []string) ([]byte
 //	orderedPerms := OrderMapFields(permissions, []string{})
 //	// orderedPerms will have: contents, issues, pull-requests
 func OrderMapFields(data map[string]any, priorityFields []string) yaml.MapSlice {
+	yamlLog.Printf("Ordering map fields: total=%d, priority=%d", len(data), len(priorityFields))
+
 	var orderedData yaml.MapSlice
 
 	// Phase 1: Add priority fields in the specified order