feat: configure Copilot CLI offline+BYOK mode when api-proxy is enabled with COPILOT_API_KEY by Copilot · Pull Request #1923 · github/gh-aw-firewall

Copilot · 2026-04-11T21:18:50Z

When AWF's API proxy sidecar handles Copilot inference via COPILOT_API_KEY, Copilot CLI would still attempt a GitHub OAuth handshake — unnecessary latency and an auth failure mode. This adds the new offline+BYOK env vars to eliminate that dependency.

Changes

src/docker-manager.ts

When enableApiProxy && copilotApiKey, inject three new agent env vars:
- COPILOT_OFFLINE=true — skip GitHub OAuth handshake for inference
- COPILOT_PROVIDER_BASE_URL=http://172.30.0.30:10002 — point Copilot CLI's BYOK provider at the sidecar
- COPILOT_PROVIDER_API_KEY=placeholder-token-for-credential-isolation — placeholder set early (pre---env-all) so the real key never reaches the agent
Add COPILOT_PROVIDER_API_KEY to AWF_ONE_SHOT_TOKENS
Offline+BYOK env vars are only set for the copilotApiKey path; the copilotGithubToken flow is unchanged

containers/agent/api-proxy-health-check.sh

Verify COPILOT_PROVIDER_API_KEY is the placeholder value (credential isolation check)
Log COPILOT_PROVIDER_BASE_URL when offline+BYOK mode is active

docs/api-proxy-sidecar.md

Document the three new agent container env vars in the environment variables table

Env var flow (BYOK path)

Host: COPILOT_API_KEY=cpat_real_key
        ↓ (held by sidecar, never forwarded to agent)
Agent:  COPILOT_OFFLINE=true
        COPILOT_PROVIDER_BASE_URL=http://172.30.0.30:10002
        COPILOT_PROVIDER_API_KEY=placeholder-token-for-credential-isolation
        COPILOT_API_URL=http://172.30.0.30:10002   ← legacy compat
        COPILOT_API_KEY=placeholder-token-for-credential-isolation

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

github.blog
- Triggering command: /home/REDACTED/work/_temp/ghcca-node/node/bin/node /home/REDACTED/work/_temp/ghcca-node/node/bin/node --enable-source-maps /home/REDACTED/work/_temp/copilot-developer-action-main/dist/index.js (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Configure Actions setup steps to set up my environment, which run before the firewall is enabled
Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/dac02eb8-4902-453e-813b-887f091740f0

Copilot

Pull request overview

This PR updates AWF’s api-proxy + Copilot BYOK flow so the agent-side Copilot CLI runs in offline+BYOK mode (skipping the GitHub OAuth handshake) when inference is routed through the api-proxy using COPILOT_API_KEY, while keeping the GitHub-token-based Copilot flow unchanged.

Changes:

Inject COPILOT_OFFLINE, COPILOT_PROVIDER_BASE_URL, and a placeholder COPILOT_PROVIDER_API_KEY into the agent environment for the enableApiProxy + copilotApiKey path.
Add COPILOT_PROVIDER_API_KEY to AWF_ONE_SHOT_TOKENS and extend agent-side health checks to validate placeholder credential isolation.
Document the new env vars in the api-proxy sidecar documentation.

Show a summary per file

File	Description
`src/docker-manager.ts`	Sets offline+BYOK Copilot env vars and adds `COPILOT_PROVIDER_API_KEY` to one-shot-token protection for the api-proxy BYOK path.
`src/docker-manager.test.ts`	Adds unit tests asserting the new Copilot offline+BYOK env var behavior and one-shot-token list inclusion.
`containers/agent/api-proxy-health-check.sh`	Extends preflight checks to validate `COPILOT_PROVIDER_API_KEY` is a placeholder and logs BYOK base URL when present.
`docs/api-proxy-sidecar.md`	Documents the new Copilot offline+BYOK env vars passed to the agent container.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Files reviewed: 4/4 changed files
Comments generated: 1

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

github-actions · 2026-04-11T21:31:51Z

Documentation Preview

Documentation build failed for this PR. View logs.

Built from commit e2bcdc7

The checkDockerHost function used a Set of two hardcoded socket paths (/var/run/docker.sock, /run/docker.sock) to validate DOCKER_HOST. Any other unix socket path (e.g. /tmp/custom-docker.sock) was incorrectly rejected as an external daemon. All unix:// sockets are local by definition — only TCP endpoints (tcp://host:port) indicate an external Docker daemon incompatible with AWF's network isolation model. Replace the Set lookup with a unix:// prefix check. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

github-actions · 2026-04-11T21:48:03Z

✅ Coverage Check Passed

Overall Coverage

Metric	Base	PR	Delta
Lines	85.28%	85.40%	📈 +0.12%
Statements	85.14%	85.25%	📈 +0.11%
Functions	87.50%	87.50%	➡️ +0.00%
Branches	77.56%	77.63%	📈 +0.07%

📁 Per-file Coverage Changes (2 files)

File	Lines (Before → After)	Statements (Before → After)
`src/cli.ts`	61.1% → 61.0% (-0.06%)	61.5% → 61.5% (-0.05%)
`src/docker-manager.ts`	85.9% → 86.4% (+0.44%)	85.5% → 86.0% (+0.43%)

Coverage comparison generated by scripts/ci/compare-coverage.ts

github-actions · 2026-04-11T21:50:38Z

Smoke Test Results (run 24292329628)

✅ GitHub MCP: "fix: accept any unix socket in checkDockerHost" / "fix: use gh CLI and Bearer auth for setup action latest version fetch"
✅ Playwright: GitHub page title contains "GitHub"
✅ File Write: /tmp/gh-aw/agent/smoke-test-claude-24292329628.txt created
✅ Bash: File content verified

Overall: PASS

💥 [THE END] — Illustrated by Smoke Claude

github-actions · 2026-04-11T21:51:03Z

🔥 Smoke Test Results — PASS

Test	Result
GitHub MCP (`list_pull_requests`)	✅ PR #1924 "fix: accept any unix socket in checkDockerHost"
GitHub.com connectivity (HTTP)	✅ 200
File write/read	✅ `smoke-test-copilot-24292329645.txt` verified

Overall: PASS | Author: @app/copilot-swe-agent | Assignees: @lpcox, @Copilot

📰 BREAKING: Report filed by Smoke Copilot

github-actions · 2026-04-11T21:51:18Z

Smoke Test: GitHub Actions Services Connectivity ✅

All checks passed:

Service	Check	Result
Redis `host.docker.internal:6379`	`PING`	`+PONG` ✅
PostgreSQL `host.docker.internal:5432`	`pg_isready`	`accepting connections` ✅
PostgreSQL `smoketest` db	`SELECT 1`	`1` ✅

Note: redis-cli unavailable (no sudo); used Python socket to verify Redis — same protocol result.

🔌 Service connectivity validated by Smoke Services

github-actions · 2026-04-11T21:51:27Z

Chroot Version Comparison Results

Runtime	Host Version	Chroot Version	Match?
Python	`Python 3.12.13`	`Python 3.12.3`	❌ NO
Node.js	`v24.14.1`	`v20.20.2`	❌ NO
Go	`go1.22.12`	`go1.22.12`	✅ YES

Overall result: ❌ Not all tests passed — Python and Node.js versions differ between host and chroot environments.

Tested by Smoke Chroot

github-actions · 2026-04-11T21:53:37Z

🏗️ Build Test Suite Results

Ecosystem	Project	Build/Install	Tests	Status
Bun	elysia	✅	1/1 passed	✅ PASS
Bun	hono	✅	1/1 passed	✅ PASS
C++	fmt	✅	N/A	✅ PASS
C++	json	✅	N/A	✅ PASS
Deno	oak	N/A	1/1 passed	✅ PASS
Deno	std	N/A	1/1 passed	✅ PASS
.NET	hello-world	✅	N/A	✅ PASS
.NET	json-parse	✅	N/A	✅ PASS
Go	color	✅	1/1 passed	✅ PASS
Go	env	✅	1/1 passed	✅ PASS
Go	uuid	✅	1/1 passed	✅ PASS
Java	gson	✅	1/1 passed	✅ PASS
Java	caffeine	✅	1/1 passed	✅ PASS
Node.js	clsx	✅	passed	✅ PASS
Node.js	execa	✅	passed	✅ PASS
Node.js	p-limit	✅	passed	✅ PASS
Rust	fd	✅	1/1 passed	✅ PASS
Rust	zoxide	✅	1/1 passed	✅ PASS

Overall: 8/8 ecosystems passed — ✅ PASS

Generated by Build Test Suite for issue #1923 · ● 922.6K · ◷

github-actions · 2026-04-12T12:55:40Z

Smoke test summary (run 24307173096)

feat: configure Copilot CLI offline+BYOK mode when api-proxy is enabled with COPILOT_API_KEY
fix: accept any unix socket in checkDockerHost
GitHub MCP review: ✅
safeinputs-gh PR query: ❌
Playwright github.com title contains GitHub: ✅
Tavily search: ❌
File write/read + bash cat: ✅
Discussion query + mystical discussion comment: ❌
npm ci && npm run build: ✅
Overall status: FAIL

🔮 The oracle has spoken through Smoke Codex

Initial plan

4b8c74a

Copilot AI assigned Copilot and lpcox Apr 11, 2026

Copilot started work on behalf of lpcox April 11, 2026 21:18 View session

Copilot AI linked an issue Apr 11, 2026 that may be closed by this pull request

Support Copilot CLI offline mode + BYOK for gatewayed deployments #1922

Closed

feat: support Copilot CLI offline mode + BYOK for api-proxy deployments

a1aa098

Agent-Logs-Url: https://github.com/github/gh-aw-firewall/sessions/dac02eb8-4902-453e-813b-887f091740f0

Copilot AI changed the title ~~[WIP] Support Copilot CLI offline mode and BYOK for gatewayed deployments~~ feat: configure Copilot CLI offline+BYOK mode when api-proxy is enabled with COPILOT_API_KEY Apr 11, 2026

Copilot finished work on behalf of lpcox April 11, 2026 21:25

Copilot AI requested a review from lpcox April 11, 2026 21:25

lpcox marked this pull request as ready for review April 11, 2026 21:27

lpcox requested a review from Mossaka as a code owner April 11, 2026 21:27

Copilot AI review requested due to automatic review settings April 11, 2026 21:27

Copilot started reviewing on behalf of lpcox April 11, 2026 21:28 View session

Copilot AI reviewed Apr 11, 2026

View reviewed changes

Comment thread containers/agent/api-proxy-health-check.sh

Potential fix for pull request finding

7cc3412

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>