Merge origin/main into copilot/fix-difc-proxy-404-error

Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>

Author: Copilot

docs/CONFIGURATION.md

@@ -160,9 +160,10 @@ Run `./awmg --help` for full CLI options. Key flags:
     }
     ```
 
-- **`tools`** (optional): List of tool names intended to be exposed from this server
-  - **Note**: This field is stored but not currently enforced at runtime; all tools from the backend are always exposed regardless of this value
-  - Example: `["get_file_contents", "search_code"]`
+- **`tools`** (optional): List of tool names to allow for this server
+  - Enforced at runtime: tools not in this list are hidden from `tools/list` responses and rejected when invoked via `tools/call` (for example, as an MCP/tool error)
+  - Use `["*"]` (wildcard) to allow all tools (default behavior when field is omitted)
+  - Example: `["get_file_contents", "search_code"]` (only these tools are accessible)
 
 - **`registry`** (optional): Informational URI to the server's entry in an MCP registry
   - Used for documentation and discoverability purposes only; not used at runtime

guards/github-guard/rust-guard/src/labels/mod.rs

@@ -4797,6 +4797,37 @@ mod tests {
         }
     }
 
+    #[test]
+    fn test_apply_tool_labels_granular_pr_update_tools_writer_integrity() {
+        let ctx = default_ctx();
+        let repo_id = "github/copilot";
+        let tool_args = json!({
+            "owner": "github",
+            "repo": "copilot",
+            "pullNumber": 42
+        });
+
+        for tool in &[
+            "update_pull_request_body",
+            "update_pull_request_draft_state",
+            "update_pull_request_state",
+            "update_pull_request_title",
+        ] {
+            let (secrecy, integrity, _desc) = apply_tool_labels(
+                tool,
+                &tool_args,
+                repo_id,
+                vec![],
+                vec![],
+                String::new(),
+                &ctx,
+            );
+
+            assert_eq!(secrecy, vec![] as Vec<String>, "{} secrecy mismatch", tool);
+            assert_eq!(integrity, writer_integrity(repo_id, &ctx), "{} should have writer integrity", tool);
+        }
+    }
+
     #[test]
     fn test_apply_tool_labels_granular_pr_review_tools_writer_integrity() {
         let ctx = default_ctx();
@@ -4826,8 +4857,8 @@ mod tests {
                 &ctx,
             );
 
-            assert_eq!(secrecy, vec![] as Vec<String>, "{tool} secrecy mismatch");
-            assert_eq!(integrity, writer_integrity(repo_id, &ctx), "{tool} should have writer integrity");
+            assert_eq!(secrecy, vec![] as Vec<String>, "{} secrecy mismatch", tool);
+            assert_eq!(integrity, writer_integrity(repo_id, &ctx), "{} should have writer integrity", tool);
         }
     }
 

guards/github-guard/rust-guard/src/labels/tool_rules.rs

@@ -533,49 +533,30 @@ pub fn apply_tool_labels(
             integrity = writer_integrity(repo_id, ctx);
         }
 
-        // === Granular issue update tools (repo-scoped writes) ===
+        // === Granular repo-scoped write operations ===
+        // Covers granular issue PATCH tools, sub-issue management, granular PR PATCH tools,
+        // and PR review tools. All follow: S = S(repo), I = writer.
         "update_issue_assignees"
         | "update_issue_body"
         | "update_issue_labels"
         | "update_issue_milestone"
         | "update_issue_state"
         | "update_issue_title"
-        | "update_issue_type" => {
-            // Granular PATCH tools that modify individual issue fields.
-            // S = S(repo); I = writer
-            secrecy = apply_repo_visibility_secrecy(&owner, &repo, repo_id, secrecy, ctx);
-            integrity = writer_integrity(repo_id, ctx);
-        }
-
-        // === Sub-issue management tools (repo-scoped writes) ===
-        "add_sub_issue" | "remove_sub_issue" | "reprioritize_sub_issue" => {
-            // Sub-issue link creation, removal, and reordering.
-            // S = S(repo); I = writer
-            secrecy = apply_repo_visibility_secrecy(&owner, &repo, repo_id, secrecy, ctx);
-            integrity = writer_integrity(repo_id, ctx);
-        }
-
-        // === Granular PR update tools (repo-scoped read-write) ===
-        "update_pull_request_body"
+        | "update_issue_type"
+        | "add_sub_issue"
+        | "remove_sub_issue"
+        | "reprioritize_sub_issue"
+        | "update_pull_request_body"
         | "update_pull_request_draft_state"
         | "update_pull_request_state"
-        | "update_pull_request_title" => {
-            // Granular PATCH tools that modify individual PR fields.
-            // S = S(repo); I = writer
-            secrecy = apply_repo_visibility_secrecy(&owner, &repo, repo_id, secrecy, ctx);
-            integrity = writer_integrity(repo_id, ctx);
-        }
-
-        // === PR review tools (repo-scoped writes) ===
-        "add_pull_request_review_comment"
+        | "update_pull_request_title"
+        | "add_pull_request_review_comment"
         | "create_pull_request_review"
         | "delete_pending_pull_request_review"
         | "request_pull_request_reviewers"
         | "resolve_review_thread"
         | "submit_pending_pull_request_review"
         | "unresolve_review_thread" => {
-            // PR review creation, commenting, submission, and thread resolution.
-            // S = S(repo); I = writer
             secrecy = apply_repo_visibility_secrecy(&owner, &repo, repo_id, secrecy, ctx);
             integrity = writer_integrity(repo_id, ctx);
         }
@@ -746,16 +727,17 @@ fn check_file_secrecy(
     ctx: &PolicyContext,
 ) -> Vec<String> {
     let path_lower = path.to_lowercase();
+    let segments: Vec<&str> = path_lower.split('/').collect();
 
     // Check for sensitive file extensions/names
     for pattern in SENSITIVE_FILE_PATTERNS {
-        if path_lower.ends_with(pattern) || path_lower.split('/').any(|seg| seg.starts_with(*pattern)) {
+        if path_lower.ends_with(pattern) || segments.iter().any(|seg| seg.starts_with(*pattern)) {
             return policy_private_scope_label(owner, repo, repo_id, ctx);
         }
     }
 
     // Get filename
-    let filename = path_lower.rsplit('/').next().unwrap_or(&path_lower);
+    let filename = segments.last().copied().unwrap_or(path_lower.as_str());
 
     // Check for sensitive keywords in filename
     for keyword in SENSITIVE_FILE_KEYWORDS {

internal/cmd/proxy.go

@@ -189,7 +189,7 @@ func runProxy(cmd *cobra.Command, args []string) error {
 	// Resolve GitHub API URL: flag → env vars → default
 	apiURL := proxyAPIURL
 	if apiURL == "" {
-		apiURL = proxy.DeriveGitHubAPIURL()
+		apiURL = envutil.DeriveGitHubAPIURL("")
 	}
 	if apiURL == "" {
 		apiURL = proxy.DefaultGitHubAPIBase

internal/config/expand.go

@@ -0,0 +1,133 @@
+package config
+
+import (
+	"fmt"
+	"os"
+	"regexp"
+
+	"github.com/github/gh-aw-mcpg/internal/config/rules"
+)
+
+// Variable expression pattern: ${VARIABLE_NAME}
+var varExprPattern = regexp.MustCompile(`\$\{([A-Za-z_][A-Za-z0-9_]*)\}`)
+
+// expandVariablesCore is the shared implementation for variable expansion.
+// It works with byte slices and handles the core expansion logic, tracking undefined variables.
+// This eliminates code duplication between expandVariables and ExpandRawJSONVariables.
+// It returns the expanded bytes, a slice of undefined variable names, and an error
+// (currently always nil).
+func expandVariablesCore(data []byte, contextDesc string) ([]byte, []string, error) {
+	logValidation.Printf("Expanding variables: context=%s", contextDesc)
+	var undefinedVars []string
+
+	result := varExprPattern.ReplaceAllFunc(data, func(match []byte) []byte {
+		// Extract variable name (remove ${ and })
+		varName := string(match[2 : len(match)-1])
+
+		if envValue, exists := os.LookupEnv(varName); exists {
+			logValidation.Printf("Expanded variable: %s (found in environment)", varName)
+			return []byte(envValue)
+		}
+
+		// Track undefined variable
+		undefinedVars = append(undefinedVars, varName)
+		logValidation.Printf("Undefined variable: %s", varName)
+		return match // Keep original if undefined
+	})
+
+	logValidation.Printf("Variable expansion completed: context=%s, undefined_count=%d", contextDesc, len(undefinedVars))
+	return result, undefinedVars, nil
+}
+
+// expandVariables expands variable expressions in a string.
+// value is the source string and jsonPath identifies the config location for errors.
+// It returns the expanded string and an error if any variable is undefined.
+func expandVariables(value, jsonPath string) (string, error) {
+	result, undefinedVars, _ := expandVariablesCore([]byte(value), fmt.Sprintf("jsonPath=%s", jsonPath))
+
+	if len(undefinedVars) > 0 {
+		logValidation.Printf("Variable expansion failed: undefined variables=%v", undefinedVars)
+		return "", rules.UndefinedVariable(undefinedVars[0], jsonPath)
+	}
+
+	return string(result), nil
+}
+
+// ExpandRawJSONVariables expands all ${VAR} expressions in JSON data before schema validation.
+// This ensures the schema validates the expanded values, not the variable syntax.
+// It collects undefined variables and reports the first undefined variable as an error.
+func ExpandRawJSONVariables(data []byte) ([]byte, error) {
+	result, undefinedVars, _ := expandVariablesCore(data, "raw JSON data")
+
+	if len(undefinedVars) > 0 {
+		logValidation.Printf("Variable expansion failed: undefined variables=%v", undefinedVars)
+		return nil, rules.UndefinedVariable(undefinedVars[0], "configuration")
+	}
+
+	return result, nil
+}
+
+// expandEnvVariables expands all variable expressions in an env map.
+// env is the map to expand and serverName is used for config-path error context.
+// It returns a new map with expanded values or an error if any variable is undefined.
+func expandEnvVariables(env map[string]string, serverName string) (map[string]string, error) {
+	logValidation.Printf("Expanding env variables for server: %s, count=%d", serverName, len(env))
+	result := make(map[string]string, len(env))
+
+	for key, value := range env {
+		jsonPath := fmt.Sprintf("mcpServers.%s.env.%s", serverName, key)
+
+		expanded, err := expandVariables(value, jsonPath)
+		if err != nil {
+			return nil, err
+		}
+
+		result[key] = expanded
+	}
+
+	logValidation.Printf("Env variable expansion completed for server: %s", serverName)
+	return result, nil
+}
+
+// expandTracingVariables expands ${VAR} expressions in TracingConfig fields.
+// This is called for TOML-loaded configs before validation, mirroring the
+// stdin JSON path where ExpandRawJSONVariables handles expansion.
+func expandTracingVariables(cfg *TracingConfig) error {
+	if cfg == nil {
+		return nil
+	}
+
+	if cfg.Endpoint != "" {
+		expanded, err := expandVariables(cfg.Endpoint, "gateway.opentelemetry.endpoint")
+		if err != nil {
+			return err
+		}
+		cfg.Endpoint = expanded
+	}
+
+	if cfg.TraceID != "" {
+		expanded, err := expandVariables(cfg.TraceID, "gateway.opentelemetry.traceId")
+		if err != nil {
+			return err
+		}
+		cfg.TraceID = expanded
+	}
+
+	if cfg.SpanID != "" {
+		expanded, err := expandVariables(cfg.SpanID, "gateway.opentelemetry.spanId")
+		if err != nil {
+			return err
+		}
+		cfg.SpanID = expanded
+	}
+
+	if cfg.Headers != "" {
+		expanded, err := expandVariables(cfg.Headers, "gateway.opentelemetry.headers")
+		if err != nil {
+			return err
+		}
+		cfg.Headers = expanded
+	}
+
+	return nil
+}