From 0efba0219fe5da628f3b6133fad28444179a6d3e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 8 May 2026 09:05:25 +0000 Subject: [PATCH] [instructions] Sync instruction files: client-id preferred, Serena migration - Replace deprecated `app-id:` with `client-id:` in all github-app examples (syntax.md, safe-outputs.md, github-mcp-server.md); mention app-id as legacy alias per schema deprecation marker - Fix github-mcp-server.md: move app credentials under proper github-app: nesting (was incorrectly placed at tools.github level) - Update serena-tool.md: tools.serena has been removed; replace all examples with imports: uses: shared/mcp/serena.md with: languages: [...] Co-Authored-By: Claude Sonnet 4.6 --- .github/aw/github-mcp-server.md | 5 +++-- .github/aw/safe-outputs.md | 4 ++-- .github/aw/serena-tool.md | 27 ++++++++++++++++++--------- .github/aw/syntax.md | 6 +++--- 4 files changed, 26 insertions(+), 16 deletions(-) diff --git a/.github/aw/github-mcp-server.md b/.github/aw/github-mcp-server.md index 14d8834ffeb..d04a541079c 100644 --- a/.github/aw/github-mcp-server.md +++ b/.github/aw/github-mcp-server.md @@ -34,8 +34,9 @@ tools: github: toolsets: [default] # or specific toolsets # Optional: GitHub App authentication - app-id: ${{ vars.APP_ID }} - private-key: ${{ secrets.APP_PRIVATE_KEY }} + github-app: + client-id: ${{ vars.APP_ID }} + private-key: ${{ secrets.APP_PRIVATE_KEY }} ``` > ⚠️ **Do NOT use `mode: remote`** in GitHub Actions workflows. Remote mode does not work with the GitHub Actions token (`GITHUB_TOKEN`) — it requires a special PAT or GitHub App token with MCP access. The default `mode: local` (Docker-based) works with `GITHUB_TOKEN` and should always be used. diff --git a/.github/aw/safe-outputs.md b/.github/aw/safe-outputs.md index 08b787bc02d..29d3bd98b5e 100644 --- a/.github/aw/safe-outputs.md +++ b/.github/aw/safe-outputs.md @@ -948,7 +948,7 @@ Fields that influence permission computation (`add-comment.discussions`, `create - `github-app:` - GitHub App credentials for minting installation access tokens (object) - When configured, generates a token from the app and uses it for all safe output operations (alternative to `github-token`) - Fields: - - `app-id:` - GitHub App ID (required, e.g., `${{ vars.APP_ID }}`) + - `client-id:` - GitHub App client ID (required, e.g., `${{ vars.APP_ID }}`). Use `app-id:` for legacy compatibility. - `private-key:` - GitHub App private key (required, e.g., `${{ secrets.APP_PRIVATE_KEY }}`) - `owner:` - Optional App installation owner (defaults to current repository owner) - `repositories:` - Optional list of repositories to grant access to @@ -957,7 +957,7 @@ Fields that influence permission computation (`add-comment.discussions`, `create ```yaml safe-outputs: github-app: - app-id: ${{ vars.APP_ID }} + client-id: ${{ vars.APP_ID }} private-key: ${{ secrets.APP_PRIVATE_KEY }} create-issue: ``` diff --git a/.github/aw/serena-tool.md b/.github/aw/serena-tool.md index 706ebface3f..c6a2587d613 100644 --- a/.github/aw/serena-tool.md +++ b/.github/aw/serena-tool.md @@ -22,17 +22,21 @@ Serena is a **language service protocol (LSP) MCP server** for semantic code ana ## Configuration -Add to workflow frontmatter: +Import the shared Serena workflow via the `imports:` field — `tools.serena` has been removed: ```yaml -tools: - serena: ["go"] # Specify language(s): go, typescript, python, ruby, rust, java, cpp, csharp +imports: + - uses: shared/mcp/serena.md + with: + languages: ["go"] # Specify language(s): go, typescript, python, ruby, rust, java, cpp, csharp ``` Multi-language repositories: ```yaml -tools: - serena: ["go", "typescript"] # First language is default fallback +imports: + - uses: shared/mcp/serena.md + with: + languages: ["go", "typescript"] # First language is default fallback ``` ## Available Serena Tools @@ -78,8 +82,11 @@ tools: **Best practice**: Use bash for discovery, Serena for analysis ```yaml +imports: + - uses: shared/mcp/serena.md + with: + languages: ["go"] tools: - serena: ["go"] bash: - "find pkg -name '*.go' ! -name '*_test.go'" - "cat go.mod" @@ -97,9 +104,11 @@ tools: Track analysis state across runs: ```yaml -tools: - serena: ["go"] - cache-memory: true # Store analysis history +imports: + - uses: shared/mcp/serena.md + with: + languages: ["go"] +cache-memory: true # Store analysis history ``` Load cache → Analyze new/changed files → Save results → Avoid redundant work diff --git a/.github/aw/syntax.md b/.github/aw/syntax.md index 096519e85bb..390cd1750c6 100644 --- a/.github/aw/syntax.md +++ b/.github/aw/syntax.md @@ -79,7 +79,7 @@ The YAML frontmatter supports these fields: - Mints a single installation access token shared across reactions, status comments, and skip-if queries - Can be defined in a shared agentic workflow and inherited by importing workflows - Fields: - - `app-id:` - GitHub App ID (required, e.g., `${{ vars.APP_ID }}`) + - `client-id:` - GitHub App client ID (required, e.g., `${{ vars.APP_ID }}`). Use `app-id:` for legacy compatibility. - `private-key:` - GitHub App private key (required, e.g., `${{ secrets.APP_PRIVATE_KEY }}`) - `owner:` - Optional installation owner (defaults to current repository owner) - `repositories:` - Optional list of repositories to grant access to @@ -90,7 +90,7 @@ The YAML frontmatter supports these fields: issues: types: [opened] github-app: - app-id: ${{ vars.APP_ID }} + client-id: ${{ vars.APP_ID }} private-key: ${{ secrets.APP_PRIVATE_KEY }} ``` @@ -487,7 +487,7 @@ The YAML frontmatter supports these fields: - `github-token:` - Custom GitHub token - `lockdown:` - Enable lockdown mode to limit content surfaced from public repositories to items authored by users with push access (boolean, default: false) - `github-app:` - GitHub App configuration for token minting; when set, mints an installation access token at workflow start that overrides `github-token` - - `app-id:` - GitHub App ID (required, e.g., `${{ vars.APP_ID }}`) + - `client-id:` - GitHub App client ID (required, e.g., `${{ vars.APP_ID }}`). Use `app-id:` for legacy compatibility. - `private-key:` - GitHub App private key (required, e.g., `${{ secrets.APP_PRIVATE_KEY }}`) - `owner:` - Optional installation owner (defaults to current repository owner) - `repositories:` - Optional list of repositories to grant access to (array)