Refactor agent environment assembly into focused modules

[Copilot]

buildAgentEnvironment() had grown into a single security-sensitive 400+ line function spanning credential filtering, proxy wiring, env passthrough, runtime/toolchain recovery, GitHub Actions integration, and observability/SSL setup. This change splits that logic into focused modules while preserving the existing environment contract and compatibility surface.

• What changed

  • Introduced src/services/agent-environment/ with a small orchestrator in environment-builder.ts
  • Kept src/services/agent-environment.ts as a thin compatibility re-export
  • Updated src/services/agent-service.ts to re-export from the new builder entrypoint

• Security / env filtering

  • Moved exclusion and passthrough policy into dedicated modules:
    • excluded-vars.ts
    • env-passthrough.ts
  • Isolated credential- and proxy-related filtering from the rest of environment assembly for easier auditability

• Environment concerns split by responsibility

  • core-environment.ts — base runtime env
  • proxy-environment.ts — NO_PROXY / sidecar routing
  • host-path-recovery.ts — PATH and toolchain recovery from host / Actions files
  • tool-specific-environment.ts — Copilot / Codex preflight and placeholders
  • github-actions-environment.ts — GH_HOST, env-file, and explicit env overrides
  • api-proxy-environment.ts — AWF runtime flags, DNS, host-access ports, user/workdir wiring
  • observability-environment.ts — OTEL forwarding and SSL bump trust config

• Result

  • The top-level builder now reads as orchestration rather than policy implementation
  • Each env concern can evolve independently without reopening the full security-sensitive function

• Example

  export function buildAgentEnvironment(params: AgentEnvironmentParams): Record<string, string> {
    const excludedEnvVars = buildExclusionSet(params.config);
    const environment = buildCoreEnvironment(params);
  
    buildToolEnvironment({ config: params.config, environment });
    buildProxyEnvironment({ config: params.config, networkConfig: params.networkConfig, environment });
    recoverHostPaths(environment);
    passthroughHostEnvironment({ config: params.config, environment, excludedEnvVars });
    buildOtelEnvironment({ config: params.config, environment, excludedEnvVars });
    buildGitHubActionsEnvironment({ config: params.config, environment, excludedEnvVars });
    buildApiProxyEnvironment({ ...params, environment });
    buildSslEnvironment(environment, params.sslConfig);
  
    return environment;
  }

[github-actions]

⚠️ Coverage Regression Detected

This PR decreases test coverage. Please add tests to maintain coverage levels.

Overall Coverage

Metric	Base	PR	Delta
Lines	95.98%	96.05%	📈 +0.07%
Statements	95.81%	95.88%	📈 +0.07%
Functions	98.02%	97.86%	📉 -0.16%
Branches	89.44%	89.49%	📈 +0.05%

📁 Per-file Coverage Changes (2 files)

File	Lines (Before → After)	Statements (Before → After)
src/services/agent-environment.ts	98.6% → 0.0% (-98.62%)	98.0% → 0.0% (-97.97%)
src/config-writer.ts	83.0% → 85.6% (+2.54%)	83.0% → 85.6% (+2.54%)

✨ New Files (10 files)

• src/services/agent-environment/api-proxy-environment.ts: 100.0% lines
• src/services/agent-environment/core-environment.ts: 100.0% lines
• src/services/agent-environment/env-passthrough.ts: 96.8% lines
• src/services/agent-environment/environment-builder.ts: 93.5% lines
• src/services/agent-environment/excluded-vars.ts: 100.0% lines
• src/services/agent-environment/github-actions-environment.ts: 100.0% lines
• src/services/agent-environment/host-path-recovery.ts: 100.0% lines
• src/services/agent-environment/observability-environment.ts: 100.0% lines
• src/services/agent-environment/proxy-environment.ts: 100.0% lines
• src/services/agent-environment/tool-specific-environment.ts: 100.0% lines

---

Coverage comparison generated by scripts/ci/compare-coverage.ts

[github-actions]

Smoke Test Results: Claude Engine Validation ✅

✅ GitHub API - Recent PRs loaded: 2 entries confirmed
✅ GitHub Check - Playwright check PASS verified
✅ File Verify - smoke-test-claude-26338524399.txt exists

Overall: PASS

💥 [THE END] — Illustrated by Smoke Claude

[github-actions]

Smoke Test Results

✅ GitHub MCP: Fetched PR #3617 ([docs] Add model fallback feature documentation)
❌ GitHub.com connectivity: Cannot verify (env vars not populated)
❌ File write/read: File not found at path

Status: FAIL (partial connectivity)

cc: @Copilot @lpcox

📰 BREAKING: Report filed by Smoke Copilot

[Copilot]

Pull request overview

This PR refactors the security-sensitive agent environment assembly by splitting the former monolithic buildAgentEnvironment() implementation into focused modules under src/services/agent-environment/, while keeping a compatibility re-export in src/services/agent-environment.ts and updating agent-service.ts to re-export the new entrypoint.

Changes:

• Introduced a new orchestrator (environment-builder.ts) and extracted environment concerns into dedicated modules (core, proxy, env passthrough, host PATH/toolchain recovery, GitHub Actions wiring, API-proxy flags, and observability/SSL).
• Kept src/services/agent-environment.ts as a thin re-export layer to preserve the public import surface.
• Updated src/services/agent-service.ts to re-export buildAgentEnvironment from the new builder.

Show a summary per file

File	Description
src/services/agent-service.ts	Re-exports buildAgentEnvironment from the new builder module.
src/services/agent-environment.ts	Compatibility re-export of buildAgentEnvironment and AgentEnvironmentParams.
src/services/agent-environment/types.ts	Defines AgentEnvironmentParams for the refactored builder pipeline.
src/services/agent-environment/environment-builder.ts	Orchestrates the environment assembly steps previously in one large function.
src/services/agent-environment/core-environment.ts	Builds the base container runtime environment (proxy vars, PATH/HOME, tty/no-color, one-shot tokens list).
src/services/agent-environment/tool-specific-environment.ts	Handles tool preflight/placeholder env for Copilot/Codex.
src/services/agent-environment/proxy-environment.ts	Constructs NO_PROXY/no_proxy based on network and feature flags.
src/services/agent-environment/host-path-recovery.ts	Recovers host PATH/toolchain variables (including GHA files) into AWF_* env.
src/services/agent-environment/env-passthrough.ts	Implements --env-all passthrough and the default selective forwarding set.
src/services/agent-environment/observability-environment.ts	Forwards OTEL_* vars (non---env-all) and configures SSL bump trust env.
src/services/agent-environment/github-actions-environment.ts	Derives GH_HOST, reads --env-file, applies --env overrides, and normalizes proxy casing.
src/services/agent-environment/excluded-vars.ts	Centralizes env exclusion policy (system/proxy/AWF internal/credential exclusions).
src/services/agent-environment/api-proxy-environment.ts	Adds AWF runtime flags used by the container entrypoint/iptables/DNS routing.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 13/13 changed files
• Comments generated: 1

[github-actions]

Smoke: FAIL
PRs: [docs] Add model fallback feature documentation; feat(api-proxy): add middle-power model fallback with stale-cache recovery
GitHub PR review ✅ | safeinputs-gh ❌ | Playwright ✅ | Tavily ❌
File/bash ✅ | Discussion query ❌ | Build ✅
Overall status: FAIL

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• registry.npmjs.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "registry.npmjs.org"

See Network Configuration for more information.

🔮 The oracle has spoken through Smoke Codex

[github-actions]

Chroot Test Results

Runtime version comparison between host and chrooted environment:

Runtime	Host Version	Chroot Version	Match?
Python	3.12.13	3.12.3	❌ NO
Node.js	v24.15.0	v22.22.3	❌ NO
Go	go1.22.12	go1.22.12	✅ YES

Overall: Tests did not pass (2/3 runtimes have version mismatches)

The chroot environment is using different system binaries, which is expected behavior. The Go version matches because it's likely being used from the same mounted binary paths.

Tested by Smoke Chroot

[github-actions]

Gemini Engine Validation Results

• GitHub MCP Testing: ❌ (Unable to retrieve PR titles; tools not found)
• GitHub.com Connectivity: ❌ (Status: 000; Squid Proxy 400/35)
• File Writing Testing: ✅ (PASS)
• Bash Tool Testing: ✅ (PASS)

Overall Status: FAIL

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• localhost

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "localhost"

See Network Configuration for more information.

💎 Faceted by Smoke Gemini

[github-actions]

Service Connectivity Test Results

❌ Redis: Connection timeout (host.docker.internal:6379 unreachable)
❌ PostgreSQL pg_isready: No response (host.docker.internal:5432 unreachable)
❌ PostgreSQL query: Skipped (pg_isready failed)

Overall: FAIL — Services are not reachable from AWF sandbox

🔌 Service connectivity validated by Smoke Services

[github-actions]

🏗️ Build Test Suite Results

All build tests completed successfully across all 8 ecosystems!

Ecosystem	Project	Build/Install	Tests	Status
Bun	elysia	✅	1/1 passed	✅ PASS
Bun	hono	✅	1/1 passed	✅ PASS
C++	fmt	✅	N/A	✅ PASS
C++	json	✅	N/A	✅ PASS
Deno	oak	N/A	1/1 passed	✅ PASS
Deno	std	N/A	1/1 passed	✅ PASS
.NET	hello-world	✅	N/A	✅ PASS
.NET	json-parse	✅	N/A	✅ PASS
Go	color	✅	passed	✅ PASS
Go	env	✅	passed	✅ PASS
Go	uuid	✅	passed	✅ PASS
Java	gson	✅	1/1 passed	✅ PASS
Java	caffeine	✅	1/1 passed	✅ PASS
Node.js	clsx	✅	passed	✅ PASS
Node.js	execa	✅	passed	✅ PASS
Node.js	p-limit	✅	passed	✅ PASS
Rust	fd	✅	1/1 passed	✅ PASS
Rust	zoxide	✅	1/1 passed	✅ PASS

Overall: 8/8 ecosystems passed — ✅ PASS

All projects successfully built/installed and passed their tests. The firewall correctly allowed necessary dependencies while maintaining network isolation.

Generated by Build Test Suite for issue #3636 · ● 12.3M · ◷

[github-actions]

Smoke Test: Copilot BYOK (Offline) Mode

Status: PARTIAL VERIFICATION ⚠️

Test Results

• ✅ GitHub MCP connectivity: Retrieved PR [docs] Add model fallback feature documentation #3617 "[docs] Add model fallback feature documentation"
• ⚠️ GitHub.com HTTP: Pre-computed data not available
• ⚠️ File write/read: Pre-computed data not available
• ✅ BYOK inference: Active (this response proves BYOK mode working)

Note: Running in BYOK offline mode (COPILOT_OFFLINE=true) via api-proxy → api.githubcopilot.com

PR Context: Author @Copilot, Assignees: @lpcox, @Copilot

🔑 BYOK report filed by Smoke Copilot BYOK