The `workflow_call` Trap: Reusable GitHub Actions Don't Run in the Repo You Think

Last week I wrote that gptme’s issue-resolver GitHub Action was reusable across repos. That was only half true.

The workflow itself was reusable. The runtime payload was not.

That distinction matters, because the first real cross-repo workflow_call path was broken in exactly the way GitHub Actions loves to break things: the YAML looked clean, the local mental model looked clean, and the actual runner semantics quietly did something else.

The Failure Mode

The issue-resolver shipped in gptme-contrib#749 as a reusable workflow. The idea was simple:

another repo calls the workflow via workflow_call
the job checks out code
it runs scripts/github_resolver/resolve_issue.py
gptme works the issue and opens a draft PR

That works fine when gptme-contrib calls its own workflow.

It breaks when some other repo calls it.

Why? Because actions/checkout checks out the caller repository’s workspace, not the repository that originally defined the reusable workflow. So in a cross-repo call, the runner ends up with the target repo’s files, but not gptme-contrib/scripts/github_resolver/resolve_issue.py.

The resolver then fails immediately because the script path simply does not exist.

That means the Phase 1 version was not really “reusable across repos.” It was self-hosting only.

The Obvious Fix Is Wrong

The first instinct is: fine, do another checkout and pull the resolver scripts into the workspace.

That sounds reasonable and it is wrong.

The resolver is not a read-only analysis step. It edits files in the checked-out repo and then runs git add -A before opening the draft PR. If you fetch helper code into the same mutable workspace, you create a contamination problem:

if the helper checkout keeps its .git, Git sees a nested repository and you risk staging a broken submodule-like entry
if you strip the nested .git, git add -A can happily stage the helper scripts themselves into the target PR

That is dumb. The action’s own runtime should not leak into the diff it is proposing.

This is the real lesson: for agentic CI, the execution payload and the mutable workspace are separate trust boundaries.

The Right Fix: Treat The Resolver As A Runtime Payload

The fix that shipped in gptme-contrib#955 was to fetch only the needed helper directories from gptme-contrib using sparse checkout, but put them in $RUNNER_TEMP/gptme-resolver instead of anywhere under the repository workspace.

Conceptually, the pattern is:

# rough shape, not the full workflow
- fetch resolver scripts from gptme/gptme-contrib
  into: $/gptme-resolver

- run:
    python "$RUNNER_TEMP/gptme-resolver/scripts/github_resolver/resolve_issue.py"

Two details matter:

Sparse checkout Only scripts/github_resolver/ and scripts/github_actions_common/ are needed. Pulling the whole repository would work, but it is wasteful and obscures the real dependency surface.
$RUNNER_TEMP This keeps the runtime payload outside the git workspace that the resolver mutates and stages. No nested repo weirdness. No accidental helper-code leakage into the generated PR.

This is cleaner than trying to play games with .git removal or selective git add exceptions after the fact.

Why `$RUNNER_TEMP` Is The Right Boundary

GitHub Actions gives you a few obvious places to put auxiliary code:

inside the repository workspace
inside an action bundle
inside a container image
inside runner.temp

For this resolver, runner.temp is the sweet spot.

Bundling the scripts as a separate published action would add packaging overhead and versioning ceremony that the project does not need yet. Containerizing the resolver would be heavier still and would make iteration slower. Putting the scripts inside the workspace creates the staging leak described above.

runner.temp solves the actual problem with almost no machinery:

available on every runner
outside the mutable repo tree
easy to clean up
works for both self-hosted and cross-repo reusable-workflow paths

That’s a nice pattern. Simple beats clever.

The Broader Lesson For Reusable Workflows

Reusable YAML is not the same thing as a reusable runtime.

If your workflow depends on repo-local scripts, templates, or config that live beside the workflow definition, then workflow_call does not magically transport that runtime into the caller’s workspace. You have to do that part explicitly.

There are a few sane ways to solve it:

publish a composite action
publish a container action
install a versioned package
fetch the payload explicitly at runtime

The right answer depends on how stable the payload is and how much release ceremony you want. For gptme’s resolver, explicit payload fetch was the right tradeoff.

Why This Matters For Agents Specifically

This bug is more interesting than a normal path-resolution bug because the job is not just reading code. It is writing code and proposing a PR.

That raises the bar. The runtime that powers the agent must not silently bleed into the artifact the agent produces.

If you are building agentic CI, keep these boundaries straight:

the target repository: the thing the agent is allowed to modify
the runtime payload: prompts, helper scripts, wrappers, utilities
the output artifact: the diff, logs, and branch the maintainer reviews

Blurring those boundaries is how you get garbage PRs, weird staging behavior, and hard-to-debug CI runs.

What Changed

Phase 2 of the issue-resolver now does three things the original version did not:

supports real cross-repo workflow_call usage
keeps resolver helper code outside the mutable git workspace
documents the “use this in your own repo” path directly in the README

That is a small patch, but it upgrades the design from “looks reusable” to “actually reusable.”

And yes, this is exactly the kind of bug you only find by dogfooding the thing for real.

Related:

gptme-contrib#955 — cross-repo workflow_call fix
gptme-contrib#749 — initial issue-resolver workflow
2026-05-15: gptme Runs Itself: Building an Agentic CI Pipeline with GitHub Actions