feat: container image digest pinning in actions-lock.json with update/upgrade integration

[Copilot]

All MCP container images (node:lts-alpine, ghcr.io/github/gh-aw-firewall/*, ghcr.io/github/gh-aw-mcpg, ghcr.io/github/github-mcp-server) were pulled by mutable tag with no SHA-256 pinning — node:lts-alpine is additionally floating across LTS generations. This extends the existing action-pin infrastructure to cover Docker images.

Storage — actions-lock.json

New containers section alongside entries, keyed by image tag:

{
  "entries": { ... },
  "containers": {
    "node:lts-alpine": {
      "image": "node:lts-alpine",
      "digest": "sha256:abc123...",
      "pinned_image": "node:lts-alpine@sha256:abc123..."
    }
  }
}

ActionCache gains GetContainerPin / SetContainerPin / DeleteContainerPin. Loading a legacy file (no containers) is fully backward-compatible.

Compilation

• collectDockerImages applies cached pins, substituting tag@sha256:… for any image with a stored entry.
• WorkflowData.DockerImages accumulates the resolved (possibly pinned) refs so they can be surfaced in the lock file.
• WorkflowData.DockerImagePins accumulates full GHAWManifestContainer entries (image, digest, pinned_image) for the manifest.
• Lock file headers now emit a # Container images used: comment section.
• gh-aw-manifest JSON gains a "containers":[…] field with full structured container info including SHA-256 digest when available:

  "containers":[{"image":"ghcr.io/github/gh-aw-mcpg:v0.2.17"},{"image":"node:lts-alpine","digest":"sha256:abc...","pinned_image":"node:lts-alpine@sha256:abc..."}]

Update/Upgrade integration — pkg/cli/update_container_pins.go

UpdateContainerPins() is called from both gh aw update and gh aw upgrade (after action pins, before compile):

1. Scans existing .lock.yml files for download_docker_images.sh invocations to discover in-use image tags.
2. Resolves each tag's digest via docker buildx imagetools inspect (no pull required); falls back to docker pull + docker inspect.
3. Saves pins to actions-lock.json; next compile embeds the @sha256:… suffix.
4. Docker unavailability is non-fatal — the update/upgrade continues without pinning.

[pelikhan]

@copilot

• rename container_pins to containers
• resolve current used containers
• store containers full info in gh-aw-manifest (including sha)

[Copilot]

@copilot

• rename container_pins to containers...

Done in 88fe858:

1. Renamed container_pins → containers — the JSON key in actions-lock.json is now "containers" (both the struct tag and the marshalSorted output).

2. Resolve containers in update command — UpdateContainerPins is now also called from RunUpdateWorkflows (the gh aw update flow), not just from upgrade.

3. Full container info in gh-aw-manifest — added a new GHAWManifestContainer type (image, digest, pinned_image) and changed GHAWManifest.Containers from []string to []GHAWManifestContainer. The manifest now embeds structured objects like:

   "containers":[{"image":"ghcr.io/github/gh-aw-mcpg:v0.2.17"},{"image":"node:lts-alpine","digest":"sha256:abc...","pinned_image":"node:lts-alpine@sha256:abc..."}]

   Images without a cached pin emit only image; pinned images include digest and pinned_image.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/graphql
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw GOMOD GOMODCACHE go env ck '**/*.cjs' '*GOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go (http block)
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw GOMOD GOMODCACHE go env ck '**/*.cjs' '*GOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE ache/go/1.25.8/xGO111MODULE (http block)
  • Triggering command: /usr/bin/gh /usr/bin/gh api graphql -f query=query($owner: String!, $name: String!) { repository(owner: $owner, name: $name) { hasDiscussionsEnabled } } -f owner=github -f name=gh-aw GOMOD GOMODCACHE ortcfg env d/gh-aw/main.go d/gh-aw/capitaliGOMOD 64/bin/go GOINSECURE GOMOD GOMODCACHE ache/go/1.25.8/xGO111MODULE (http block)
• https://api.github.com/repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha ck 'scripts/**/*GOINSECURE GO111MODULE $name) { hasDiscussionsEnabled } } GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE node (http block)
  • Triggering command: /usr/bin/gh gh api /repos/astral-sh/setup-uv/git/ref/tags/eac588ad8def6316056a12d4907a9d4d84ff7a3b --jq .object.sha ck 'scripts/**/*GOINSECURE GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh (http block)
• https://api.github.com/repos/github/gh-aw
  • Triggering command: /usr/bin/gh gh api /repos/github/gh-aw --jq .visibility -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE go env iew.lock.yml GO111MODULE r: $owner, name: $name) { hasDiscussionsEnabled } } GOINSECURE GOMOD GOMODCACHE go (http block)
• https://api.github.com/repos/githubnext/agentics/git/ref/tags/-
  • Triggering command: /usr/bin/gh gh api /repos/githubnext/agentics/git/ref/tags/- --jq .object.sha -json GO111MODULE 64/bin/go GOINSECURE GOMOD GOMODCACHE sh -c "prettier" --che-f GOPROXY 64/bin/go GOSUMDB GOWORK 64/bin/go go (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)