[plan] Fix tool wildcard filtering in MCP gateway (`tools: ["*"]` keeps 0 tools)

[github-actions]

Objective

Fix the MCP gateway so that tools: ["*"] is treated as a wildcard (allow all tools) rather than a literal tool name match, which currently results in 0 tools being retained.

Context

Reported in issue #25494. When gh-aw v0.67.3 compiles a workflow with a tool configuration that results in tools: ["*"] being passed to the MCP gateway v0.2.16, the gateway incorrectly filters all tools out:

[allowed-tools] Filtered 6 tools from elastic-docs: keeping 0 of 6

The v0.2.16 release notes state that ["*"] should allow all tools, but the wildcard appears to be treated as a literal string "*" rather than a glob/wildcard pattern.

This is likely one of the root causes of the silent Copilot CLI exit code 1 regression introduced in v0.67.3.

Investigation Steps

1. Locate the MCP gateway allowed-tools filtering logic (search for allowed-tools or Filtered N tools in the gateway source or action scripts under actions/)
2. Find where the tools list from frontmatter is passed to the gateway binary/container
3. Identify how the ["*"] value is serialized and passed (check pkg/workflow/ and actions/setup/)
4. Determine whether:
   • The gateway itself has a bug in wildcard handling (need to report upstream or pin to a fixed version)
   • OR the compiled lock file is passing ["*"] as a literal string where the gateway expects a different sentinel value (e.g., omitting the field, passing null, or passing an empty list)

Likely Fix Areas

• pkg/workflow/ — compiler logic that emits tool lists into the lock file
• actions/setup/js/*.cjs or actions/setup/sh/*.sh — scripts that pass tool config to the gateway
• Gateway version pinning — may need to pin to a version before v0.2.16 or wait for a gateway fix

Acceptance Criteria

• Root cause of ["*"] wildcard being treated as literal is identified
• Fix is implemented (either in the compiler output, the setup scripts, or by pinning a working gateway version)
• A workflow with tools: bash: true (or any tool) compiled with the fix correctly allows all configured tools through the gateway
• No regression: tool allowlisting (e.g., restricting to specific tools) still works correctly
• Unit or integration test added to prevent regression

References

• Parent issue: Copilot CLI exits with code 1 silently when compiled with v0.67.3 (pre-release) #25494
• Observed log line: [allowed-tools] Filtered 6 tools from elastic-docs: keeping 0 of 6
• MCP gateway version: v0.2.16
• Regression introduced between gh-aw v0.67.1 (working) and v0.67.3 (broken)
  Related to Copilot CLI exits with code 1 silently when compiled with v0.67.3 (pre-release) #25494

Generated by Plan Command for issue #25494 · ● 171.2K · ◷

• expires on Apr 11, 2026, 2:47 PM UTC

[lpcox]

Tracking issue created in gh-aw-mcpg: https://github.com/github/gh-aw-mcpg/issues/github/gh-aw-mcpg#3475

Root cause identified: buildAllowedToolSets() in internal/server/unified.go stored "*" as a literal map key — no tool matched it, so all 6 tools were filtered to 0.

Fix status: PR #3445 ("Support wildcard ["*"] in allowed-tools filtering") was merged to main on 2026-04-09 after v0.2.17 was released. The fix will ship in the next gateway release (v0.2.18+). Once released, gh-aw should update its gateway pin to pick it up.

Generated by Gateway Issue Dispatcher · ● 2M · ◷