feat(api-proxy): forward COPILOT_INTEGRATION_ID from host env#5147
Conversation
Add support for forwarding COPILOT_INTEGRATION_ID environment variable from host to api-proxy container. This allows consumers to override the default 'agentic-workflows' integration ID when needed for specific model allowlists or other integration requirements. Implementation: - Forward COPILOT_INTEGRATION_ID from host env if explicitly set - Trim and validate the value (ignore empty/whitespace-only values) - Fall back to api-proxy's default 'agentic-workflows' when unset This is intentionally undocumented for limited use cases only. Closes #5132 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
✅ Coverage Check PassedOverall Coverage
📁 Per-file Coverage Changes (1 files)
Coverage comparison generated by |
There was a problem hiding this comment.
⚠️ Not ready to approve
There’s a mismatch between the claimed --env support and the current implementation plus a test reliability issue due to incomplete env cleanup in existing tests.
Pull request overview
Adds an opt-in mechanism for callers to override the api-proxy’s default Copilot integration ID (agentic-workflows) by forwarding COPILOT_INTEGRATION_ID into the api-proxy container (with trimming and whitespace-only suppression), plus unit tests to validate the forwarding behavior.
Changes:
- Forward
COPILOT_INTEGRATION_IDinto the api-proxy container only when it’s non-empty after trimming. - Keep
GITHUB_COPILOT_INTEGRATION_IDintentionally un-forwarded. - Add Jest coverage for set/empty/whitespace/trim/unset cases.
File summaries
| File | Description |
|---|---|
| src/services/api-proxy-service-config.ts | Adds conditional forwarding of COPILOT_INTEGRATION_ID into the api-proxy container env. |
| src/services/api-proxy-service-api-targets.test.ts | Adds unit tests validating forwarding/omission behavior for COPILOT_INTEGRATION_ID. |
Copilot's findings
- Files reviewed: 2/2 changed files
- Comments generated: 2
Note
Your feedback helps us improve the quality of this feature.
Please use 👍 or 👎 to tell us whether this assessment is correct.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| ...(process.env.COPILOT_INTEGRATION_ID?.trim() && { | ||
| COPILOT_INTEGRATION_ID: process.env.COPILOT_INTEGRATION_ID.trim(), | ||
| }), |
| it('should forward COPILOT_INTEGRATION_ID from host env when explicitly set', () => { | ||
| const origCopilot = process.env.COPILOT_INTEGRATION_ID; | ||
| const origGhCopilot = process.env.GITHUB_COPILOT_INTEGRATION_ID; | ||
| process.env.COPILOT_INTEGRATION_ID = 'my-custom-integration'; | ||
| delete process.env.GITHUB_COPILOT_INTEGRATION_ID; |
|
@copilot address review feedback |
|
⏳ Copilot review left inline comments. @lpcox To proceed:
|
- Use getConfigEnvValue() to support --env/--env-file/--env-all for COPILOT_INTEGRATION_ID - Add describe-level beforeEach/afterEach to prevent test flakiness - Add tests for additionalEnv support and precedence - All 9 tests in COPILOT_INTEGRATION_ID forwarding suite passing
Review feedback addressed in commit f8a1456:
All 9 tests in the COPILOT_INTEGRATION_ID forwarding suite are passing, including 2 new tests that verify |
|
🔑 Smoke Copilot PAT reports failed. PAT auth path may have issues... |
|
✅ Smoke Copilot BYOK AOAI (api-key) completed. Copilot AOAI BYOK (api-key) mode operational. 🔓 |
|
📡 Smoke OTel Tracing reports failed. OTel tracing regression detected. |
|
✅ Smoke Copilot BYOK AOAI (Entra) completed. Copilot AOAI BYOK (Entra) mode operational. 🔓 All smoke tests passed; comment posted and label added |
|
❌ Contribution Check failed. Please review the logs for details. |
|
❌ Smoke Claude failed |
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
✅ Smoke Gemini completed. All facets verified. 💎 |
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 |
|
🚀 Security Guard has started processing this pull request |
|
✅ Smoke Copilot BYOK completed. Copilot BYOK mode operational. 🔓 |
|
🔌 Smoke Services — All services reachable! ✅ |
|
✅ Build Test Suite completed successfully! |
|
Chroot tests passed! Smoke Chroot - All security and functionality tests succeeded. |
🔬 Smoke Test ResultsPR: feat(api-proxy): forward COPILOT_INTEGRATION_ID from host env
Overall: FAIL — pre-computed test data was not injected (workflow template expressions unresolved).
|
Smoke Test: Copilot BYOK (Direct) Mode ✅ PASSTest Results:
Mode: Direct BYOK (COPILOT_PROVIDER_API_KEY) → api-proxy sidecar → api.githubcopilot.com All smoke tests passed. Agent is running in direct BYOK mode with api-proxy credential injection enabled.
|
|
@lpcox Overall: PASS
|
|
Smoke test results:
|
Smoke Test Results
Overall: FAIL —
|
|
@lpcox
|
Chroot Version Comparison Results
Overall: ❌ Not all versions match Python and Node.js versions differ between host and chroot environments.
|
🏗️ Build Test Suite Results
Overall: 8/8 ecosystems passed — ✅ PASS
|
|
Smoke Test: Gemini Engine Validation
PR Titles Reviewed:
Overall status: FAIL Warning Firewall blocked 1 domainThe following domain was blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "localhost"See Network Configuration for more information.
|
Summary
Adds support for forwarding
COPILOT_INTEGRATION_IDenvironment variable from host to api-proxy container, allowing consumers to override the default 'agentic-workflows' integration ID when needed for specific model allowlists or other integration requirements.Implementation
COPILOT_INTEGRATION_IDfrom--env,--env-file, or host env (with--env-all)GITHUB_COPILOT_INTEGRATION_ID(remains unused)Testing
Added 7 new test cases covering:
All unit tests pass.
Why This Approach
This is intentionally undocumented for limited use cases:
--envCLI flag, not stdin configUsage
Users can set it via
--envflag:Or via host env with
--env-all:export COPILOT_INTEGRATION_ID=copilot-developer-cli awf --env-all --allow-domains api.githubcopilot.com ...Or in GitHub Actions: