Bump gh-aw to v0.79.8 and disable AIC guardrails on reviewer workflow#390
Open
jonathanpeppers wants to merge 5 commits into
Open
Bump gh-aw to v0.79.8 and disable AIC guardrails on reviewer workflow#390jonathanpeppers wants to merge 5 commits into
jonathanpeppers wants to merge 5 commits into
Conversation
GitHub announced on 2026-06-11 that agentic workflows can use the built-in `GITHUB_TOKEN` for Copilot CLI inference instead of a stored PAT, with AI credits billed to the org: https://github.blog/changelog/2026-06-11-agentic-workflows-no-longer-need-a-personal-access-token/ Add `copilot-requests: write` to the workflow permissions so gh-aw wires `${{ github.token }}` into `COPILOT_GITHUB_TOKEN` and the `secrets.COPILOT_GITHUB_TOKEN` PAT is no longer required. Recompiled with gh aw v0.79.8. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Updates the repository’s gh-aw Copilot PR reviewer workflow to use GitHub’s built-in GITHUB_TOKEN (via ${{ github.token }}) for Copilot CLI inference, aligning with the new agentic workflows auth model and removing reliance on a stored PAT/secret for inference.
Changes:
- Added
copilot-requests: writepermission to the reviewer workflow skill definition. - Regenerated the compiled workflow lock file with
gh aw v0.79.8, switching Copilot inference auth fromsecrets.COPILOT_GITHUB_TOKENto${{ github.token }}and updating related generated wiring. - Bumped gh-aw action pins/versions to
v0.79.8in maintenance and action lock metadata.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| .github/workflows/android-tools-reviewer.md | Adds copilot-requests: write to enable Copilot inference calls using the built-in token. |
| .github/workflows/android-tools-reviewer.lock.yml | Regenerated compiled workflow: uses ${{ github.token }} for COPILOT_GITHUB_TOKEN, removes secrets.COPILOT_GITHUB_TOKEN references, updates gh-aw version/pins and generated env wiring. |
| .github/workflows/agentics-maintenance.yml | Updates generated header and bumps gh-aw action references to v0.79.8. |
| .github/aw/actions-lock.json | Updates locked gh-aw action entries to v0.79.8 SHAs. |
Set both `max-daily-ai-credits: -1` and `max-ai-credits: -1` in the PR reviewer workflow frontmatter so it isn''t throttled by the system default ceilings (5000 daily / 1000 per run). `-1` is the documented disable value in the agentic workflow frontmatter spec. After recompiling: - The `Check daily workflow token guardrail` step and its plumbing drop out of the lock file. - `GH_AW_MAX_AI_CREDITS` for the agent job is hardcoded to `"-1"`, disabling firewall enforcement and token steering. The threat-detection job''s separate 400 AIC cap is left alone. Mirrors dotnet/java-interop#1471. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Setting `max-ai-credits: -1` disables both AIC enforcement *and* token steering, which is the mechanism the AWF firewall uses to inject Copilot provider credentials into outbound requests. With it off, the api-proxy returns 403 on model calls. Use `100M` (effectively unlimited) so per-run cost is uncapped while token steering stays on. After recompiling, the lock file shows `GH_AW_MAX_AI_CREDITS: "100000000"` and `enableTokenSteering:true` is preserved. `max-daily-ai-credits: -1` is left as-is since that flag''s `-1` only toggles the daily guardrail and doesn''t touch token steering. Mirrors dotnet/java-interop#1472. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The "GITHUB_TOKEN-billed-to-org" feature (https://github.blog/changelog/2026-06-11-agentic-workflows-no-longer-need-a-personal-access-token/) requires the "Allow use of Copilot CLI billed to the organization" Copilot policy to be enabled at the org level. The `dotnet` org has not enabled that policy yet, so the GITHUB_TOKEN flow returns HTTP 403 from `api.githubcopilot.com/models`. Re-adding the `COPILOT_GITHUB_TOKEN` secret to the `copilot-pr-reviewer` environment is faster than getting the org policy enabled, so revert to the PAT-based flow for now. Only the `copilot-requests: write` line in the workflow markdown is reverted. The gh-aw CLI v0.79.8 bump from the earlier commit and the AIC guardrail tweaks are intentionally left in place. Mirrors dotnet/java-interop#1473. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
jonathanpeppers
changed the title
Earlier commit capped at 100M based on a theory that `-1` was the cause of the auth 403. The 403 reproduced under `100M` too, so the cap was not the issue and `-1` (truly unlimited / disabled) is the preferred value. Mirrors the second revert in dotnet/java-interop#1473. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What changed
1. Bump gh-aw CLI to v0.79.8
Regenerated lock files with the latest gh-aw CLI:
.github/aw/actions-lock.json.github/workflows/agentics-maintenance.yml.github/workflows/android-tools-reviewer.lock.ymlThe pinned
github/gh-aw-actions/setupaction moves fromv0.79.6(5c2fe86) tov0.79.8(c0338fe).2. Disable AIC guardrails on the reviewer workflow
Added two lines to
.github/workflows/android-tools-reviewer.md:-1means unlimited / guardrail disabled. The system defaults (5000/day,1000/run) were tripping the/reviewworkflow withDaily workflow AIC guardrail exceeded.After recompiling, the lock file shows
GH_AW_MAX_AI_CREDITS: "-1"for the agent job and theCheck daily workflow token guardrailplumbing drops out. The threat-detection job's separate400AIC default is left alone.Diff stat
Out of scope
Mirrors dotnet/java-interop#1471 + #1473.
COPILOT_GITHUB_TOKEN,ANDROID_TEAM_PAT,GH_AW_GITHUB_TOKEN, andGH_AW_GITHUB_MCP_SERVER_TOKENare untouched. Copilot CLI inference still uses theCOPILOT_GITHUB_TOKENPAT.The
copilot-requests: writeopt-in for org-billed Copilot CLI inference is not adopted in this PR — thedotnetorg has not enabled the required "Allow use of Copilot CLI billed to the organization" Copilot policy yet (dotnet/java-interop saw HTTP 403 in production after merging the equivalent change there). Can be revisited once that policy is enabled.