Update launcher comment to clarify defensive fallback nature of OIDC check

Copilot · lpcox · web-flow · commit e276b072557e · 2026-04-08T02:54:01.000Z
Agent-Logs-Url: https://github.com/github/gh-aw-mcpg/sessions/b2ecfab2-61b7-47ed-b0ab-6a60c21cffd0 Co-authored-by: lpcox <15877973+lpcox@users.noreply.github.com>
diff --git a/internal/launcher/launcher.go b/internal/launcher/launcher.go
@@ -72,9 +72,10 @@ func New(ctx context.Context, cfg *config.Config) *Launcher {
 		logger.LogInfo("startup", "GitHub Actions OIDC provider initialized")
 	}
 
-	// Pre-populate serverErrors for OIDC-misconfigured servers so /health
-	// reports them as "error" immediately at startup, not only after the
-	// first failed request.
+	// Defensive fallback: pre-populate serverErrors for OIDC-misconfigured servers
+	// so /health reports them as "error" immediately at startup. Normal config
+	// validation (validateAuthConfig) catches this earlier; this handles cases
+	// where validation was bypassed (e.g., tests constructing configs manually).
 	serverErrors := make(map[string]string)
 	for serverID, serverCfg := range cfg.Servers {
 		if serverCfg.Auth != nil && serverCfg.Auth.Type == "github-oidc" && oidcProvider == nil {
