Skip to content

Allow mai-code-1-flash in Copilot model validation#5831

Merged
lpcox merged 2 commits into
mainfrom
copilot/fix-mai-code-1-flash-allowlist
Jul 3, 2026
Merged

Allow mai-code-1-flash in Copilot model validation#5831
lpcox merged 2 commits into
mainfrom
copilot/fix-mai-code-1-flash-allowlist

Conversation

Copilot AI commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

AWF rejected COPILOT_MODEL=mai-code-1-flash at host-side validation even though the model is already recognized elsewhere in the repo for pricing/routing. This change closes that allowlist drift so valid Copilot configs are not blocked before container startup.

  • What changed

    • Added mai-code-1-flash to SUPPORTED_COPILOT_MODELS in src/copilot-model.ts.
    • Extended the focused validator test coverage in src/copilot-model.test.ts to assert the model is accepted as a canonical supported value.
  • Why this matters

    • Keeps host-side validation aligned with the repo’s existing model catalog/pricing data.
    • Avoids the misleading fallback error path (retired or unsupported) for a model AWF already knows how to handle downstream.
  • Example

    const result = validateCopilotModel('mai-code-1-flash');
    // => { valid: true, resolvedModel: 'mai-code-1-flash' }

Copilot AI changed the title [WIP] Fix SUPPORTED_COPILOT_MODELS to include mai-code-1-flash Allow mai-code-1-flash in Copilot model validation Jul 2, 2026
Copilot finished work on behalf of lpcox July 2, 2026 23:36
Copilot AI requested a review from lpcox July 2, 2026 23:36
@lpcox lpcox marked this pull request as ready for review July 3, 2026 01:40
Copilot AI review requested due to automatic review settings July 3, 2026 01:40

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Aligns AWF’s host-side Copilot model allowlist validation with the repository’s existing Copilot model catalog so that COPILOT_MODEL=mai-code-1-flash is accepted during preflight validation (instead of being rejected before container startup).

Changes:

  • Added mai-code-1-flash to the SUPPORTED_COPILOT_MODELS allowlist used by validateCopilotModel().
  • Extended validateCopilotModel unit tests to assert mai-code-1-flash is accepted as a supported canonical model value.
Show a summary per file
File Description
src/copilot-model.ts Adds mai-code-1-flash to the supported-model allowlist used by host-side validation and canonicalization.
src/copilot-model.test.ts Adds a test-case ensuring mai-code-1-flash is accepted by validateCopilotModel().

Review details

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 2/2 changed files
  • Comments generated: 0
  • Review effort level: Low

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

✅ Copilot review passed with no inline comments.

@copilot Add the ready-for-aw label to this PR to trigger agentic CI smoke tests.

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

✅ Coverage Check Passed

Overall Coverage

Metric Base PR Delta
Lines 98.62% 98.66% 📈 +0.04%
Statements 98.51% 98.55% 📈 +0.04%
Functions 99.56% 99.56% ➡️ +0.00%
Branches 94.42% 94.42% ➡️ +0.00%
📁 Per-file Coverage Changes (1 files)
File Lines (Before → After) Statements (Before → After)
src/workdir-setup.ts 93.0% → 94.8% (+1.74%) 93.0% → 94.8% (+1.74%)

Coverage comparison generated by scripts/ci/compare-coverage.ts

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🔌 Smoke Services — All services reachable! ✅

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Smoke Copilot BYOK completed. Copilot BYOK mode operational. 🔓

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🚀 Security Guard has started processing this pull request

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🔑 Smoke Copilot PAT PAT auth validated. All systems operational. ✅

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Contribution Check completed successfully!

PR #5831 follows the applicable contribution guidelines based on the provided metadata, diff, and CONTRIBUTING.md: focused TypeScript change, adjacent test coverage included, no documentation update needed, clear PR description, and files are in src/.

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Build Test Suite completed successfully!

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Smoke Gemini completed. All facets verified. 💎

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

📡 Smoke OTel Tracing completed. All tracing scenarios validated. ✅

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Smoke Copilot BYOK AOAI (api-key) completed. Copilot AOAI BYOK (api-key) mode operational. 🔓

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Smoke Copilot BYOK AOAI (Entra) completed. Copilot AOAI BYOK (Entra) mode operational. 🔓

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Chroot tests failed Smoke Chroot failed - See logs for details.

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Smoke Claude passed

@github-actions github-actions Bot mentioned this pull request Jul 3, 2026
@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Smoke Test: Copilot PAT Auth — PASS ✅

Test Result
GitHub MCP connectivity
GitHub.com HTTP ✅ 200
File write/read

Auth mode: PAT (COPILOT_GITHUB_TOKEN) | Author: @lpcox | Overall: PASS

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

🔑 PAT report filed by Smoke Copilot PAT
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

✅ Smoke Test: Copilot BYOK (Direct) Mode

  • ✅ GitHub API connectivity (HTTP 200)
  • ✅ File I/O working
  • ✅ BYOK inference via api-proxy sidecar active
  • ✅ Agent container running

Mode: Direct BYOK (COPILOT_PROVIDER_API_KEY) → api-proxy → api.githubcopilot.com

Result: PASS

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

🔑 BYOK report filed by Smoke Copilot BYOK
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Smoke Test: Claude Engine Validation

Check Result
API Status ✅ PASS
GH Check ✅ PASS
File Status ✅ PASS

Overall Result: PASS

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by Smoke Claude for #5831 · 35.5 AIC · ⊞ 5.8K ·
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Smoke Test: Services Connectivity

  • Redis PING: ❌ Network unreachable
  • PostgreSQL pg_isready: ❌ No response
  • PostgreSQL SELECT 1: ❌ Network unreachable

Overall: FAILhost.docker.internal (172.17.0.1) is not reachable from this environment.

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

🔌 Service connectivity validated by Smoke Services
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Smoke Test: Gemini Engine Validation

  • GitHub MCP Testing: ❌ (Found PR chore: update model-to-API mapping (2026-07-02) #5804: 'chore: update model-to-API mapping (2026-07-02)'; unable to fetch second)
  • GitHub.com Connectivity: ❌ (Status 000 - Network is unreachable)
  • File Writing Testing: ✅
  • Bash Tool Testing: ✅

Overall status: FAIL

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • localhost

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "localhost"

See Network Configuration for more information.

💎 Faceted by Smoke Gemini
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🔬 Smoke Test Results

Test Status
GitHub MCP Connectivity
GitHub.com HTTP (200)
File Write/Read ⚠️ (pre-step vars unexpanded)

Overall: PASS (core connectivity verified)

cc @lpcox

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

📰 BREAKING: Report filed by Smoke Copilot
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Smoke test results:\n- PR: chore: upgrade gh-aw to v0.82.2 pre-release and recompile workflows ✅\n- PR: fix: chmod squid logs inside container before compose down ✅\n- PR: Add host/sidecar parity guard for API proxy provider env constants ✅\n- PR: Deduplicate provider auth header construction across runtime, validation, and model fetch paths ✅\n- GitHub query: ✅\n- Browser title check: ❌\n- File write: ✅\n- Discussion query/comment: ✅\n- Build: ✅\n- Overall: FAIL

Warning

Firewall blocked 2 domains

The following domains were blocked by the firewall during workflow execution:

  • awmgmcpg
  • registry.npmjs.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"
    - "registry.npmjs.org"

See Network Configuration for more information.

🔮 The oracle has spoken through Smoke Codex
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🏗️ Build Test Suite Results

Ecosystem Project Build/Install Tests Status
Bun elysia 1/1 passed ✅ PASS
Bun hono 1/1 passed ✅ PASS
C++ fmt N/A ✅ PASS
C++ json N/A ✅ PASS
Deno oak N/A 1/1 passed ✅ PASS
Deno std N/A 1/1 passed ✅ PASS
.NET hello-world N/A ✅ PASS
.NET json-parse N/A ✅ PASS
Go color 1/1 passed ✅ PASS
Go env 1/1 passed ✅ PASS
Go uuid 1/1 passed ✅ PASS
Java gson 1/1 passed ✅ PASS
Java caffeine 1/1 passed ✅ PASS
Node.js clsx All passed ✅ PASS
Node.js execa All passed ✅ PASS
Node.js p-limit All passed ✅ PASS
Rust fd 1/1 passed ✅ PASS
Rust zoxide 1/1 passed ✅ PASS

Overall: 8/8 ecosystems passed — ✅ PASS

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by Build Test Suite for #5831 · 32.3 AIC · ⊞ 6.9K ·
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

🔬 OTEL Tracing Smoke Test Results — Run #28636542008

# Scenario Result Notes
1 Module Loading otel.js loads or gracefully reports absent
2 Test Suite Jest ran with `
3 Env Var Forwarding Grep check in api-proxy-service.ts passed
4 Token Tracker Integration onUsage callback confirmed present in token-tracker-http.js
5 OTEL Diagnostics Post-step pending — agent execution still in progress

Scenarios 1–4 all passed. Scenario 5 (Collect OTEL diagnostics) has not yet run; it fires if: always() after the agent execution step completes.

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

📡 OTel tracing validated by Smoke OTel Tracing
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

$(sed s///g /tmp/gh-aw/agent/comment-body.md)

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

🔑 BYOK (AOAI api-key) report filed by Smoke Copilot BYOK AOAI (api-key)
Add label ready-for-aw to run again

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

🪪 BYOK (AOAI Entra) report filed by Smoke Copilot BYOK AOAI (Entra)
Add label ready-for-aw to run again

@lpcox lpcox merged commit e1a1435 into main Jul 3, 2026
87 of 92 checks passed
@lpcox lpcox deleted the copilot/fix-mai-code-1-flash-allowlist branch July 3, 2026 04:12
Copilot AI added a commit that referenced this pull request Jul 9, 2026
Implements the three-part fix from issue #6024:

1. Single source of truth comment — SUPPORTED_COPILOT_MODELS in
   src/copilot-model.ts now documents exactly which related files must be
   updated when adding or retiring a model.

2. CI guard — new src/copilot-model-catalog-sync.test.ts fails if any
   model added to ai-credits-pricing.js is missing from
   SUPPORTED_COPILOT_MODELS and not explicitly excluded. This catches the
   class of bug fixed in #5831 (mai-code-1-flash) before it ships.

3. Pointer comment in ai-credits-pricing.js — directs contributors to
   add new Copilot CLI models to SUPPORTED_COPILOT_MODELS as well.

testHelpers export added to copilot-model.ts (@internal /
ts-prune-ignore-next) to give the sync test access to the internal Set.
lpcox pushed a commit that referenced this pull request Jul 9, 2026
…atalog (#6039)

* Initial plan

* feat: add CI guard to prevent model allowlist drift

Implements the three-part fix from issue #6024:

1. Single source of truth comment — SUPPORTED_COPILOT_MODELS in
   src/copilot-model.ts now documents exactly which related files must be
   updated when adding or retiring a model.

2. CI guard — new src/copilot-model-catalog-sync.test.ts fails if any
   model added to ai-credits-pricing.js is missing from
   SUPPORTED_COPILOT_MODELS and not explicitly excluded. This catches the
   class of bug fixed in #5831 (mai-code-1-flash) before it ships.

3. Pointer comment in ai-credits-pricing.js — directs contributors to
   add new Copilot CLI models to SUPPORTED_COPILOT_MODELS as well.

testHelpers export added to copilot-model.ts (@internal /
ts-prune-ignore-next) to give the sync test access to the internal Set.

* fix: address review feedback on copilot-model test helpers

- Export testHelpers.supportedCopilotModels as a ReadonlySet defensive copy
  to prevent accidental mutation of the production singleton in tests
- Update normalizeSeparators() comment to accurately describe full
  canonicalization (lowercase + separator replacement), not just separator
  normalization

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment