feat: add build-test-dotnet workflow

[Mossaka]

Summary

• Add build-test-dotnet.md agentic workflow that clones and builds .NET test projects through the AWF firewall
• Validates NuGet package restore and dotnet build work correctly with proxy configuration
• Test repo: Mossaka/gh-aw-firewall-test-dotnet with two projects:
  • hello-world: minimal console app (no external deps)
  • json-parse: console app with Newtonsoft.Json NuGet dependency
• Add build-test-dotnet.lock.yml to postprocess script

Test plan

• CI build/lint/test checks pass
• Build Test .NET workflow triggers on PR
• Agent successfully clones test repo, restores NuGet packages, and builds both projects

🤖 Generated with Claude Code

[github-actions]

💫 TO BE CONTINUED... Smoke Claude failed! Our hero faces unexpected challenges...

[github-actions]

📰 DEVELOPING STORY: Smoke Copilot reports failed. Our correspondents are investigating the incident...

[github-actions]

✅ Coverage Check Passed

Overall Coverage

Metric	Base	PR	Delta
Lines	82.02%	82.02%	➡️ +0.00%
Statements	82.06%	82.06%	➡️ +0.00%
Functions	81.95%	81.95%	➡️ +0.00%
Branches	75.51%	75.51%	➡️ +0.00%

---

Coverage comparison generated by scripts/ci/compare-coverage.ts

[github-actions]

🌑 The shadows whisper... Smoke Codex failed. The oracle requires further meditation...

[Copilot]

Pull request overview

Adds a new agentic “Build Test .NET” workflow to validate that cloning, NuGet restore, and building .NET projects work through the AWF firewall, and wires its generated lockfile into the smoke-workflow postprocessing script.

Changes:

• Add .github/workflows/build-test-dotnet.md defining the agentic .NET build/test procedure and expected PR comment output.
• Add compiled workflow .github/workflows/build-test-dotnet.lock.yml.
• Register the new lockfile in scripts/ci/postprocess-smoke-workflows.ts so it receives the standard postprocessing (local awf build, etc.).

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

File	Description
scripts/ci/postprocess-smoke-workflows.ts	Includes the new .NET lock workflow in the postprocessing list.
.github/workflows/build-test-dotnet.md	Defines the agent prompt/spec for cloning and running restore/build/run on .NET test projects.
.github/workflows/build-test-dotnet.lock.yml	Generated compiled workflow implementing the agentic run + safe outputs plumbing.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

dotnet build implicitly performs a restore and dotnet run implicitly builds again. Since this workflow already runs dotnet restore explicitly (and wants to report restore/build/run separately), consider using dotnet build --no-restore and dotnet run --no-build (and/or --no-restore) to avoid duplicate restores/builds and to make the per-step status reporting unambiguous.

Suggested change

	- `hello-world`: `cd /tmp/test-dotnet/hello-world && dotnet restore && dotnet build && dotnet run`
	- `json-parse`: `cd /tmp/test-dotnet/json-parse && dotnet restore && dotnet build && dotnet run`
	- `hello-world`: `cd /tmp/test-dotnet/hello-world && dotnet restore && dotnet build --no-restore && dotnet run --no-build --no-restore`
	- `json-parse`: `cd /tmp/test-dotnet/json-parse && dotnet restore && dotnet build --no-restore && dotnet run --no-build --no-restore`

[github-actions]

🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨

[github-actions]

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

[github-actions]

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

[github-actions]

Deno Build Test Results

Project	Tests	Status
oak	1/1	✅ PASS
std	1/1	✅ PASS

Overall: ✅ PASS

All Deno tests passed successfully.

AI generated by Build Test Deno

[github-actions]

Node.js Build Test Results

Project	Install	Tests	Status
clsx	✅	PASS	PASS
execa	✅	PASS	PASS
p-limit	✅	PASS	PASS

Overall: PASS ✅

All Node.js projects built and tested successfully.

AI generated by Build Test Node.js

[github-actions]

Smoke Test Results - Claude Engine

Last 2 merged PRs:

• feat: add skip-unset mode to one-shot token library with value preview (enabled by default)
• fix: add missing secure_getenv initialization in one-shot-token library

✅ GitHub MCP: Retrieved PRs successfully
✅ Playwright: Verified GitHub homepage title
✅ File Writing: Created test file
✅ Bash: Verified file contents

Status: PASS

AI generated by Smoke Claude

[github-actions]

Build Test: Bun ✅

Project	Install	Tests	Status
elysia	✅	1/1	PASS
hono	✅	1/1	PASS

Overall: PASS

All Bun projects built and tested successfully.

AI generated by Build Test Bun

[github-actions]

.NET Build Test Results

Project	Restore	Build	Run	Status
hello-world	✅	✅	✅	PASS
json-parse	✅	✅	✅	PASS

Overall: PASS ✅

All .NET projects successfully restored, built, and ran with expected output.

AI generated by Build Test .NET

[github-actions]

Rust Build Test Results

Project	Build	Tests	Status
fd	✅	1/1	PASS
zoxide	✅	1/1	PASS

Overall: PASS ✅

All Rust projects built and tested successfully.

AI generated by Build Test Rust

[github-actions]

C++ Build Test Results

Project	CMake	Build	Status
fmt	✅	✅	PASS
json	✅	✅	PASS

Overall: PASS

All C++ projects built successfully.

AI generated by Build Test C++

[github-actions]

Build Test: Java - Results

Test Summary

Project	Compile	Tests	Status
gson	❌	N/A	FAIL
caffeine	❌	N/A	FAIL

Overall: FAIL

Error Details

Both projects failed during the Maven compilation phase with the same error:

Error: Unsupported or unrecognized SSL message

Root Cause: Maven unable to download dependencies from Maven Central Repository (https://repo.maven.apache.org/maven2)

Full Error Message:

Plugin org.apache.maven.plugins:maven-resources-plugin:3.3.1 or one of its dependencies could not be resolved:
The following artifacts could not be resolved: org.apache.maven.plugins:maven-resources-plugin:pom:3.3.1 (absent): 
Could not transfer artifact org.apache.maven.plugins:maven-resources-plugin:pom:3.3.1 from/to central (https://repo.maven.apache.org/maven2): 
Unsupported or unrecognized SSL message

Analysis

This appears to be a network connectivity/firewall issue preventing Maven from accessing Maven Central. The SSL handshake is failing, suggesting either:

1. Network restrictions blocking HTTPS traffic to Maven Central
2. SSL/TLS configuration issues in the test environment
3. Missing CA certificates

Recommendation

Verify that the GitHub Actions runner environment has:

• Outbound HTTPS access to repo.maven.apache.org
• Proper CA certificate configuration
• No firewall rules blocking Maven Central access

---

Test Repository: Mossaka/gh-aw-firewall-test-java
Workflow Run: #21878734415

AI generated by Build Test Java

[github-actions]

Go Build Test Results

Project	Download	Tests	Status
color	✅	1/1	PASS
env	✅	1/1	PASS
uuid	✅	1/1	PASS

Overall: PASS ✅

All Go projects successfully downloaded dependencies and passed tests.

AI generated by Build Test Go

[github-actions]

feat: add skip-unset mode to one-shot token library with value preview (enabled by default) | feat: add one-shot token LD_PRELOAD library for single-use token access
Tests: 1✅ 2✅ 3✅ 4❌ 5✅ 6✅ 7✅ 8✅
Overall: FAIL

AI generated by Smoke Codex

[github-actions]

Smoke Test Results

Last 2 Merged PRs:

• feat: add skip-unset mode to one-shot token library with value preview (enabled by default) #640: feat: add skip-unset mode to one-shot token library with value preview (enabled by default)
• feat: add one-shot token LD_PRELOAD library for single-use token access #604: feat: add one-shot token LD_PRELOAD library for single-use token access

Test Results:

• ✅ GitHub MCP: Retrieved PR data successfully
• ✅ Playwright: Page title contains "GitHub"
• ✅ File Write: Created test file
• ✅ Bash: Verified file content

Overall: PASS

cc @Mossaka

AI generated by Smoke Copilot