Fix claude engine github provider: inject COPILOT_GITHUB_TOKEN for api-proxy configuration

Copilot · pelikhan · web-flow · commit 6e6463fa1ec2 · 2026-06-23T03:41:24.000Z
When model-provider: github is used with the claude engine, the compiled workflow
sets ANTHROPIC_API_KEY=${{ secrets.COPILOT_GITHUB_TOKEN }} and routes ANTHROPIC_BASE_URL
to port 10002 (copilot provider). However, the api-proxy container needs COPILOT_GITHUB_TOKEN
set directly in the host environment to configure the copilot backend at that port.

Without COPILOT_GITHUB_TOKEN in the step env, the api-proxy copilot provider shows ❌
(unconfigured) and every inference request returns 401 Unauthorized.

The fix injects COPILOT_GITHUB_TOKEN alongside ANTHROPIC_API_KEY when firewall is enabled
and model-provider is github. The --exclude-env COPILOT_GITHUB_TOKEN flag already prevents
the raw token from reaching the agent container.

Co-authored-by: pelikhan &lt;4175913+pelikhan@users.noreply.github.com&gt;
diff --git a/.github/workflows/smoke-claude-on-copilot.lock.yml b/.github/workflows/smoke-claude-on-copilot.lock.yml
diff --git a/pkg/workflow/claude_engine.go b/pkg/workflow/claude_engine.go
@@ -382,6 +382,15 @@ func (e *ClaudeEngine) GetExecutionSteps(workflowData *WorkflowData, logFile str
 	if isFirewallEnabled(workflowData) && provider != LLMProviderAnthropic {
 		env["ANTHROPIC_BASE_URL"] = llmProviderGatewayBaseURL(provider)
 	}
+	// When using the GitHub/Copilot provider (model-provider: github), the api-proxy container
+	// needs COPILOT_GITHUB_TOKEN in the host environment to configure the copilot provider at
+	// port CopilotLLMGatewayPort. ANTHROPIC_API_KEY alone (set above) is forwarded into the
+	// agent container but is insufficient to configure the api-proxy's copilot backend.
+	// COPILOT_GITHUB_TOKEN is already excluded from the agent container via ExcludeEnvVarNames,
+	// so injecting it here only makes it available to the api-proxy, not to the agent process.
+	if isFirewallEnabled(workflowData) && provider == LLMProviderGitHub {
+		env["COPILOT_GITHUB_TOKEN"] = llmProviderSecretExpression(provider, workflowData)
+	}
 	injectWorkflowCallNetworkAllowedEnv(env, workflowData)
 	// Indicate the phase: "agent" for the main run, "detection" for threat detection
 	// Include the compiler version so agents can identify which gh-aw version generated the workflow
diff --git a/pkg/workflow/claude_engine_test.go b/pkg/workflow/claude_engine_test.go
@@ -193,6 +193,9 @@ func TestClaudeEngineLLMProviderGitHubUsesCopilotCredentials(t *testing.T) {
 	assert.Contains(t, stepContent, "GH_AW_LLM_PROVIDER: github")
 	assert.Contains(t, stepContent, "ANTHROPIC_API_KEY: ${{ secrets.COPILOT_GITHUB_TOKEN }}")
 	assert.Contains(t, stepContent, fmt.Sprintf("ANTHROPIC_BASE_URL: http://host.docker.internal:%d", constants.CopilotLLMGatewayPort))
+	// COPILOT_GITHUB_TOKEN must also be set directly so the api-proxy can configure the
+	// copilot provider. It is excluded from the agent container via ExcludeEnvVarNames.
+	assert.Contains(t, stepContent, "COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }}")
 }
 
 func TestClaudeEngineAllowsMountedMCPCLICommandsInRestrictedBash(t *testing.T) {

Original file line number	Diff line number	Diff line change
`@@ -193,6 +193,9 @@ func TestClaudeEngineLLMProviderGitHubUsesCopilotCredentials(t *testing.T) {`
`193`	`193`	`assert.Contains(t, stepContent, "GH_AW_LLM_PROVIDER: github")`
`194`	`194`	`assert.Contains(t, stepContent, "ANTHROPIC_API_KEY: ${{ secrets.COPILOT_GITHUB_TOKEN }}")`
`195`	`195`	`assert.Contains(t, stepContent, fmt.Sprintf("ANTHROPIC_BASE_URL: http://host.docker.internal:%d", constants.CopilotLLMGatewayPort))`
	`196`	`+ // COPILOT_GITHUB_TOKEN must also be set directly so the api-proxy can configure the`
	`197`	`+ // copilot provider. It is excluded from the agent container via ExcludeEnvVarNames.`
	`198`	`+ assert.Contains(t, stepContent, "COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }}")`
`196`	`199`	`}`
`197`	`200`
`198`	`201`	`func TestClaudeEngineAllowsMountedMCPCLICommandsInRestrictedBash(t *testing.T) {`