Add model policy frontmatter + import unioning + env policy overrides

[Copilot]

This change introduces model policy controls in workflow frontmatter (models.allowed, models.disallowed) and maps them to AWF’s allowedModels / disallowedModels config. It also makes policy behavior import-safe by unioning model sets across composed workflows, with centralized environment overrides taking precedence.

• Frontmatter + schema support

  • Extended models frontmatter schema to support policy fields alongside optional pricing providers.
  • Added typed parsing for:
    • models.allowed
    • models.disallowed

• Import compatibility (union semantics)

  • Extended import extraction/results to carry model policy sets from imported workflows.
  • Added workflow merge logic to union policy sets across imports + main workflow.
  • Added conflict handling so disallowed takes precedence when the same model appears in both allowed and disallowed sets.

• Cost data cleanliness + parse warnings

  • Tightened import-side model-cost extraction to only accept valid non-empty models.providers objects.
  • Added import warnings for invalid models.allowed / models.disallowed / models.providers shapes and invalid entries, while safely skipping bad values.

• Centralized policy overrides

  • Added compiler env overrides:
    • GHAW_POLICY_MODELS_ALLOWED
    • GHAW_POLICY_MODELS_DISALLOWED
  • Override values are parsed as model lists and applied with precedence over frontmatter/import-derived policy.

• AWF config mapping

  • Emitted merged/effective policy into AWF config:
    • apiProxy.allowedModels
    • apiProxy.disallowedModels

# workflow frontmatter
models:
  allowed: [gpt-5, claude-sonnet]
  disallowed: [gpt-5-pro]

// generated AWF apiProxy fragment
{
  "allowedModels": ["gpt-5", "claude-sonnet"],
  "disallowedModels": ["gpt-5-pro"]
}

[Copilot]

Pull request overview

Adds end-to-end “model policy” support to gh-aw workflows, allowing authors (and centralized operators via env vars) to control which models are permitted/blocked, and ensuring policies compose safely across imported workflows before being emitted into the generated AWF config.

Changes:

• Extended workflow frontmatter models to support allowed, disallowed, and blocked policy lists (alongside optional pricing providers).
• Propagated model policy through import extraction and merged policies across imports + main workflow using union semantics.
• Emitted effective model policy to AWF config (apiProxy.allowedModels / apiProxy.disallowedModels) with env override precedence.

Show a summary per file

File	Description
pkg/workflow/workflow_builder.go	Extracts main workflow model policy and unions it with imported policy sets into WorkflowData.
pkg/workflow/workflow_builder_model_policy_test.go	Adds unit tests for policy extraction and union merge behavior.
pkg/workflow/model_aliases_test.go	Verifies frontmatter parsing populates parsed model policy lists.
pkg/workflow/frontmatter_types.go	Adds parsed frontmatter fields for model policy lists.
pkg/workflow/frontmatter_parsing.go	Parses model policy lists from raw frontmatter into typed config.
pkg/workflow/compilerenv/manager.go	Adds env-driven policy overrides for allowed/blocked model sets.
pkg/workflow/compilerenv/manager_test.go	Tests env override parsing and “unset” behavior.
pkg/workflow/compiler_types.go	Plumbs merged model policy into WorkflowData.
pkg/workflow/awf_config.go	Maps effective model policy (with env precedence) into AWF apiProxy config.
pkg/workflow/awf_config_test.go	Tests AWF config emission and env override precedence.
pkg/parser/schemas/main_workflow_schema.json	Updates schema for models to include policy fields and make providers optional.
pkg/parser/import_processor.go	Extends ImportsResult to carry extracted model policy sets.
pkg/parser/import_field_extractor.go	Extracts model policy from imported workflows and avoids treating policy keys as aliases.
pkg/parser/import_field_extractor_test.go	Adds tests ensuring model policy is extracted (and not misinterpreted as aliases) and can coexist with model costs.

Review details

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comments suppressed due to low confidence (2)

pkg/parser/import_field_extractor.go:639

• When an imported workflow has models.providers plus model policy keys (allowed/disallowed/blocked), this appends the entire rawModels object into acc.modelCosts. That will later flow into WorkflowData.ModelCosts and into GH_AW_INFO_MODEL_COSTS, leaking policy keys into a payload that is expected to match the models.json pricing structure (providers-only). This can break downstream cost merging/parsing.

	if _, hasProviders := rawModels["providers"]; hasProviders {
		acc.modelCosts = append(acc.modelCosts, rawModels)
		if providers, ok := rawModels["providers"].(map[string]any); ok {
			parserLog.Printf("Extracted model costs from import: providers=%d", len(providers))
		} else {

pkg/workflow/workflow_builder.go:166

• Now that models frontmatter can contain policy keys (allowed/disallowed/blocked) without providers, toolsResult.parsedFrontmatter.ModelCosts may be non-empty even when there is no pricing data (because it unmarshals the whole models object). extractMainModelCostsOverlay currently returns that map as a cost overlay, which can cause policy-only models to be emitted as GH_AW_INFO_MODEL_COSTS and/or pollute the providers overlay with policy keys.

	}

	return workflowData
}

• Files reviewed: 14/14 changed files
• Comments generated: 0
• Review effort level: Low

[github-actions]

🤖 PR Triage

Category	feature
Risk	🔴 High
Priority	High (score 50/100)
Action	⏳ defer · Batch: active-drafts

Score breakdown: Impact 35 · Urgency 5 · Quality 10

New model policy frontmatter controls (models.allowed/disallowed/blocked) with import-safe union semantics (+483/-11, 14 files). Just created (<1 h), draft, no CI yet. Well-described and scoped. Deferred pending CI and agent completion. Part of pr-batch:active-drafts group (#41824, #41822, #41821).

Generated by 🔧 PR Triage Agent · 87.6 AIC · ⌖ 14.9 AIC · ⊞ 5.4K · ◷

[github-actions]

Hey @Copilot 👋 — great work on the model policy frontmatter feature! The addition of models.allowed, models.disallowed, and models.blocked to workflow frontmatter — along with import-safe union semantics and centralized env overrides — is a well-scoped, coherent change.

The PR is well-structured:

• ✅ Clear, detailed description with YAML/JSON examples showing the before/after config shape.
• ✅ Tests across all touched layers: import_field_extractor_test.go, awf_config_test.go, compilerenv/manager_test.go, model_aliases_test.go, and the newly added workflow_builder_model_policy_test.go.
• ✅ No unrelated changes — every file touched is in service of the model policy feature.
• ✅ No new external dependencies introduced.

This looks ready for review. 🚀

Generated by ✅ Contribution Check · 307.9 AIC · ⌖ 20.6 AIC · ⊞ 6K · ◷

[pelikhan]

@copilot merge main and recompile

[pelikhan]

/review

[github-actions]

✅ PR Code Quality Reviewer completed the code quality review.

[github-actions]

🤖 PR Triage (updated)

Attribute	Value
Category	feature
Risk	🔴 High
Priority	🔴 High
Score	69/100
Action	⚡ fast_track
Batch	feature-promo (#41824 + #41777)

Score breakdown: Impact 40 + Urgency 15 + Quality 14 = 69

Assessment: Significant feature introducing model policy frontmatter controls (models.allowed/disallowed/blocked) with import-union semantics and env-based overrides (+536/-18, 14 files). Bot-approved (Test Quality Sentinel 82/100); prior CHANGES_REQUESTED dismissed. No CI checks present. Age: ~18h. ⚠️ Stale labels pr-action:defer and pr-batch:active-drafts remain (auto-removal not supported — manually remove).

Run §28298156610

Generated by 🔧 PR Triage Agent · 74.3 AIC · ⌖ 8.1 AIC · ⊞ 5.4K · ◷

[pelikhan]

@copilot Review the AWF specification to see if it supports wildcards.

[gh-aw-bot]

@copilot please run the pr-finisher skill, address any remaining review feedback, sync this branch with main, and rerun checks after the update.

Generated by 👨‍🍳 PR Sous Chef · 61.3 AIC · ⌖ 1.01 AIC · ⊞ 17.1K · ◷

[gh-aw-bot]

@copilot please run the pr-finisher skill, address the remaining model-policy review feedback, refresh the branch from main, and rerun checks once the branch is current.

Generated by 👨‍🍳 PR Sous Chef · 48.3 AIC · ⌖ 1.02 AIC · ⊞ 17.1K · ◷

[github-actions]

🤖 PR Triage — Run §28307424127

Field	Value
Category	feature
Risk	🔴 High
Score	67/100
Score breakdown	Impact 35 + Urgency 18 + Quality 14
Action	✅ fast_track
Batch	feature-promo (previously with #41777, now merged)

Update from prior run (~26h old): #41777 (LSP frontmatter, the other feature-promo member) has been merged. Bot APPROVED was dismissed. ⚠️ Conflicting labels present: pr-action:defer + pr-action:fast_track and pr-batch:active-drafts (stale). Recommended to remove pr-action:defer and pr-batch:active-drafts. High-value model policy feature (allowed/disallowed/blocked model sets, import unioning, env overrides). Ready for expedited human review.

Generated by 🔧 PR Triage Agent · 64.9 AIC · ⌖ 9.76 AIC · ⊞ 5.4K · ◷

[gh-aw-bot]

@copilot please run the pr-finisher skill, address the remaining review feedback, refresh this branch from main, and rerun checks once it is current.

Generated by 👨‍🍳 PR Sous Chef · 98.1 AIC · ⌖ 0.996 AIC · ⊞ 17.2K · ◷

[github-actions]

PR Triage — Run §28315307719

Category	feature
Risk	high
Priority	high
Score	67/100 — impact 35 · urgency 18 · quality 14
Action	fast_track

Adds model policy frontmatter, import unioning, and env policy overrides (+514/-20, 16 files). Addressing-comment run completed at 01:57 UTC. Batch partner #41777 merged. 30h old — label cleanup needed (pr-action:defer and pr-batch:active-drafts are stale; please remove). Ready for expedited human review.

Generated by 🔧 PR Triage Agent · 82.5 AIC · ⌖ 10.6 AIC · ⊞ 5.4K · ◷

[gh-aw-bot]

@copilot please run the pr-finisher skill, address the remaining review feedback, refresh this branch from main, and rerun checks once the branch is up to date.

Unresolved reviews:

• github-actions: Add model policy frontmatter + import unioning + env policy overrides #41824 (review)

Please fix the blocking policy-conflict, cost-data-cleanliness, and parse-warning issues called out in that review before requesting merge again.

Generated by 👨‍🍳 PR Sous Chef · 89.7 AIC · ⌖ 0.982 AIC · ⊞ 17.3K · ◷