[aw-failures] Smoke Call Workflow 100% startup_failure — caller grants read-only but workflow_call worker needs issues/PR write

[github-actions]

Fix the workflow_call permission grant in the call-workflow compiler — the caller hands the reusable worker a read-only scope it cannot run under, so every run dies at startup.

Severity: P1 — chronic, 100% red since at least 2026-06-23, untracked by any open agentic-workflows issue.

Problem statement

Smoke Call Workflow (.github/workflows/smoke-call-workflow.lock.yml) has concluded startup_failure on every run for at least the last ~3 days. No jobs execute; the run is rejected by GitHub at validation time before any step runs (no logs, no annotations retrievable).

Affected workflows & runs

Run	Created (UTC)	Conclusion
§28140379652 (representative)	2026-06-25T01:18	startup_failure
§28136015184 (comparator)	2026-06-24T23:22	startup_failure
§28119469774	2026-06-24T18:07	startup_failure
28070797235 / 28068825952 / 28059834083	2026-06-23/24	startup_failure

No successful run exists to diff against — the workflow is uniformly red, so the comparator is the nearest prior failed run.

• Caller: .github/workflows/smoke-call-workflow.lock.yml (job call-smoke-workflow-call)
• Worker: .github/workflows/smoke-workflow-call.lock.yml (reusable, on: workflow_call)

Probable root cause — reusable-workflow permission escalation

GitHub rejects a workflow_call invocation at startup when a job in the called workflow requests a permission greater than the caller grants to the calling job.

• Caller grants the reusable job only (smoke-call-workflow.lock.yml):

  permissions:
    contents: read
    pull-requests: read

• Worker jobs request more (smoke-workflow-call.lock.yml, lines ~1143-1146 and ~1667-1670):

  permissions:
    issues: write
    pull-requests: write

issues: write is not granted at all and pull-requests is escalated read→write, so the run never starts. Inputs and secrets were ruled out: the caller's with: (aw_context, payload, task-description) and 7 secrets: match the worker's workflow_call declarations exactly.

Proposed remediation

In the call-workflow safe-output compiler, set the caller job's permissions: for a uses: ./.github/workflows/<worker>.lock.yml invocation to the union of the worker's job-level permissions (here issues: write, pull-requests: write, contents: read), instead of a fixed contents: read, pull-requests: read. Re-running gh aw compile must regenerate the caller lock so the granted scope covers the worker's safe-output jobs.

Success criteria / verification

1. Smoke Call Workflow next scheduled/dispatch run concludes success (not startup_failure).
2. The call-smoke-workflow-call reusable job actually executes and the worker posts its validation comment.
3. A compiler/unit guard asserts caller permission grant ⊇ worker job permission union for workflow_call fan-out, preventing regression.

Related

• Parent report: [aw-failures] Daily Issues Report Generator still 100% red after #40380 closed — Copilot Python SDK driver crashes (ModuleNotFou [Content truncated due to length] #41293
• Sibling (different signature, already tracked): [aw] Daily BYOK Ollama Test failed #41312 — Daily BYOK Ollama Test --rootless AWF install; root cause --rootless requires write access to /usr/local/bin, addressed by [review] fix: rootless AWF install uses $HOME/.local and exports $GITHUB_PATH #41321 (merged 2026-06-24 23:42 UTC, lock regenerated) pending next-run verification.

References: §28140379652 · §28136015184 · §28119469774
Related to #41293

Generated by 🔍 [aw] Failure Investigator (6h) · 152.4 AIC · ⌖ 38.7 AIC · ⊞ 5.3K · ◷

• expires on Jul 1, 2026, 5:38 PM UTC-08:00