Skip to content

[docs] Update documentation for features from 2026-05-02 #29752

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
github-actions wants to merge 1 commit into from
Closed

[docs] Update documentation for features from 2026-05-02 #29752

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docs/src/content/docs/guides/upgrading.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ gh aw upgrade --dir custom/workflows

## Step 3: Review the Changes

Run `git diff .github/workflows/` to verify the changes. Typical migrations include `sandbox: false` β†’ `sandbox.agent: false`, `daily at` β†’ `daily around`, and removal of deprecated `network.firewall` and `mcp-scripts.mode` fields.
Run `git diff .github/workflows/` to verify the changes. Typical migrations include `sandbox: false` β†’ `sandbox.agent: false`, `app:` β†’ `github-app:`, `daily at` β†’ `daily around`, and removal of deprecated `network.firewall` and `mcp-scripts.mode` fields.

## Step 4: Commit and Push

Expand Down
18 changes: 18 additions & 0 deletions docs/src/content/docs/reference/frontmatter.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -460,6 +460,24 @@ To use a different model, set the `GH_AW_MODEL_AGENT_COPILOT` repository variabl
> [!NOTE]
> Copilot BYOK defaults apply only to `engine: copilot` workflows. Other engines are unchanged.

#### Copilot Requests (`features.copilot-requests`)

> [!NOTE]
> This feature is in **private preview**. It will not work unless your account has been onboarded.

Enables GitHub Actions token authentication for Copilot agent workflows, removing the need for a separate PAT or GitHub App token. When set, the compiler:

1. Injects `copilot-requests: write` into the workflow's GitHub token permissions.
2. Sets `S2STOKENS=true` in the Copilot CLI execution environment, enabling service-to-service token exchange.
3. Activates the `cli-proxy` sidecar so the CLI proxy image is included in container pre-pulls for threat-detection jobs.

```yaml wrap
features:
copilot-requests: true
```

Without this flag, Copilot workflows authenticate using a PAT stored as `COPILOT_GITHUB_TOKEN`. With `copilot-requests: true`, the workflow uses the built-in `github.token` instead. See [Authentication](/gh-aw/reference/auth/) for PAT-based setup.

#### AWF Failure Diagnostics (`features.awf-diagnostic-logs`)

Enables AWF Docker operational diagnostics collection on failure by adding `--diagnostic-logs` to AWF runtime arguments.
Expand Down