feat: detect OAuth tokens in activation job for COPILOT_GITHUB_TOKEN and GH_AW_GITHUB_TOKEN#44204
Conversation
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Add a new `check-oauth-tokens` step to the activation job that detects OAuth tokens (gho_...) in COPILOT_GITHUB_TOKEN and GH_AW_GITHUB_TOKEN. OAuth tokens are not suitable for automation as they are typically over-provisioned and cannot be scoped to specific repositories. - New script: actions/setup/sh/check_oauth_tokens.sh - New step function: addActivationOAuthTokenCheckStep in compiler_activation_job_builder.go - Step is added after the engine-specific secret validation step - Respects engine.env overrides for COPILOT_GITHUB_TOKEN - Updated wasm golden files and recompiled all workflow lock files - Added 4 tests covering the new step Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
|
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
…okens in getOctokit Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Done in commit
|
|
@copilot merge main and recompile |
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
…heck-for-github-tokens Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Done in commit |
|
✅ PR Code Quality Reviewer completed the code quality review. |
|
✅ Design Decision Gate 🏗️ completed the design decision gate check. |
|
🧠 Matt Pocock Skills Reviewer has completed the skills-based review. ✅ |
|
✅ Test Quality Sentinel completed test quality analysis. |
There was a problem hiding this comment.
Pull request overview
This PR adds an early-fail guardrail to prevent user-scoped OAuth tokens (gho_...) from being used as automation credentials by (1) injecting a new activation-job step that checks key token env vars and (2) hard-failing if global.getOctokit(...) is invoked with an OAuth token. It also regenerates the compiled workflow outputs (goldens and .lock.yml files) to reflect the new activation step.
Changes:
- Add
check_oauth_tokens.shand inject acheck-oauth-tokensactivation step (aftervalidate-secret) to detectgho_...tokens. - Add/extend constants and tests to cover step presence, default secret expressions, and
engine.envoverride behavior. - Regenerate workflow goldens and many compiled
.lock.ymlworkflows to include the new step.
Show a summary per file
| File | Description |
|---|---|
| actions/setup/sh/check_oauth_tokens.sh | New shell script that fails the job if configured tokens are OAuth (gho_...) tokens. |
| actions/setup/js/setup_globals.cjs | Adds a runtime guard to throw if getOctokit is called with a gho_... token. |
| pkg/constants/engine_constants.go | Introduces a constant for GH_AW_GITHUB_MCP_SERVER_TOKEN. |
| pkg/workflow/compiler_activation_job_builder.go | Injects the new check-oauth-tokens activation job step and wires env vars. |
| pkg/workflow/compiler_activation_jobs_test.go | Adds tests asserting presence, ordering, and token expression resolution for the new step. |
| pkg/workflow/testdata/TestWasmGolden_CompileFixtures/basic-copilot.golden | Golden updated to include the new check-oauth-tokens step. |
| pkg/workflow/testdata/TestWasmGolden_CompileFixtures/playwright-cli-mode.golden | Golden updated to include the new check-oauth-tokens step. |
| pkg/workflow/testdata/TestWasmGolden_CompileFixtures/smoke-copilot.golden | Golden updated to include the new check-oauth-tokens step. |
| pkg/workflow/testdata/TestWasmGolden_CompileFixtures/with-imports.golden | Golden updated to include the new check-oauth-tokens step. |
| pkg/workflow/testdata/TestWasmGolden_AllEngines/claude.golden | Golden updated to include the new check-oauth-tokens step. |
| pkg/workflow/testdata/TestWasmGolden_AllEngines/codex.golden | Golden updated to include the new check-oauth-tokens step. |
| pkg/workflow/testdata/TestWasmGolden_AllEngines/copilot.golden | Golden updated to include the new check-oauth-tokens step. |
| pkg/workflow/testdata/TestWasmGolden_AllEngines/gemini.golden | Golden updated to include the new check-oauth-tokens step. |
| pkg/workflow/testdata/TestWasmGolden_AllEngines/pi.golden | Golden updated to include the new check-oauth-tokens step. |
| .github/workflows/ace-editor.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/agent-persona-explorer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/agentic-token-audit.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/agentic-token-optimizer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/agentic-token-trend-audit.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/bot-detection.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/chaos-pr-bundle-fuzzer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/code-simplifier.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/commit-changes-analyzer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/contribution-check.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/copilot-centralization-optimizer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/copilot-opt.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/copilot-pr-merged-report.lock.yml | Regenerated lock workflow including the new activation step and updated manifest secrets list. |
| .github/workflows/constraint-solving-potd.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-agent-of-the-day-blog-writer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-ambient-context-optimizer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-awf-spec-compiler-surfacing.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-byok-ollama-test.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-cli-tools-tester.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-community-attribution.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-compiler-threat-spec-optimizer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-credit-limit-test.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-doc-updater.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-firewall-report.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-function-namer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-issues-report.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-model-inventory.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-model-resolution.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-multi-device-docs-tester.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-performance-summary.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-regulatory.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-security-observability.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-sentrux-report.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-skill-optimizer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-team-status.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/daily-windows-terminal-integration-builder.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/dataflow-pr-discussion-dataset.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/dependabot-burner.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/dependabot-go-checker.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/dependabot-repair.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/deployment-incident-monitor.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/designer-drift-audit.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/eslint-monster.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/example-failure-category-filter.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/example-permissions-warning.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/firewall.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/functional-pragmatist.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/github-remote-mcp-auth-test.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/glossary-maintainer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/gpclean.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/issue-triage-agent.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/jsweep.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/layout-spec-maintainer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/lint-monster.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/mcp-inspector.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/mergefest.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/metrics-collector.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/notion-issue-summary.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/objective-impact-report.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/org-health-report.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/outcome-collector.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/pdf-summary.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/plan.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/poem-bot.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/pr-description-caveman.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/pr-nitpick-reviewer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/pr-triage-agent.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/python-data-charts.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/q.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/refiner.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/release.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/repo-audit-analyzer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/repo-tree-map.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/repository-quality-improver.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/research.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/schema-consistency-checker.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/security-compliance.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/slide-deck-maintainer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-call-workflow.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-ci.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-claude-on-copilot.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-copilot-arm.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-copilot-sdk.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-copilot.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-multi-pr.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-opencode.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-otel-backends.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-pi.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-project.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-service-ports.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-temporary-id.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-test-tools.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-workflow-call-with-inputs.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/smoke-workflow-call.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/spec-enforcer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/stale-repo-identifier.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/sub-issue-closer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/super-linter.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/technical-doc-writer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/terminal-stylist.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/test-dispatcher.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/test-project-url-default.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/test-workflow.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/tidy.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/uk-ai-operational-resilience.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/ubuntu-image-analyzer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/unbloat-docs.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/update-astro.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/video-analyzer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/visual-regression-checker.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/weekly-blog-post-writer.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/weekly-editors-health-check.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/weekly-issue-summary.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/weekly-safe-outputs-spec-review.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/workflow-generator.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/workflow-health-manager.lock.yml | Regenerated lock workflow including the new activation step. |
| .github/workflows/workflow-normalizer.lock.yml | Regenerated lock workflow including the new activation step and MCP gateway config changes. |
| .github/workflows/workflow-skill-extractor.lock.yml | Regenerated lock workflow including the new activation step. |
Review details
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 172/272 changed files
- Comments generated: 2
- Review effort level: Low
| "accept": [ | ||
| "*" | ||
| ], | ||
| "sink-visibility": "public" | ||
| ] | ||
| } | ||
| } |
| "accept": [ | ||
| "*" | ||
| ], | ||
| "sink-visibility": "public" | ||
| ] | ||
| } | ||
| } |
🤖 PR Triage
Rationale: Detects OAuth tokens ( Run §28924016278
|
|
@copilot merge main and recompile |
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
…heck-for-github-tokens Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Done — merged |
|
/smoke-copilot |
|
📰 BREAKING: Smoke Copilot is now investigating this issue comment. Sources say the story is developing... |
|
@copilot please run the
|
SmokePR: feat: detect OAuth tokens in activation job for COPILOT_GITHUB_TOKEN and GH_AW_GITHUB_TOKEN Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
Comment MemoryNote This comment is managed by comment memory.It stores persistent context for this thread in the code block at the top of this comment. Warning Firewall blocked 6 domainsThe following domains were blocked by the firewall during workflow execution:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
|
There was a problem hiding this comment.
Smoke test review submitted.
Warning
Firewall blocked 6 domains
The following domains were blocked by the firewall during workflow execution:
accounts.google.comandroid.clients.google.comclients2.google.comcontentautofill.googleapis.comsafebrowsingohttpgateway.googleapis.comwww.google.com
To allow these domains, add them to the
network.allowedlist in your workflow frontmatter:
network:
allowed:
- defaults
- "accounts.google.com"
- "android.clients.google.com"
- "clients2.google.com"
- "contentautofill.googleapis.com"
- "safebrowsingohttpgateway.googleapis.com"
- "www.google.com"See Network Configuration for more information.
📰 BREAKING: Report filed by Smoke Copilot · 107.1 AIC · ⌖ 7.9 AIC · ⊞ 19.1K
Comment /smoke-copilot to run again
Add label smoke to run again
|
🎉 This pull request is included in a new release. Release: |
Add three new user-facing terms from today's commits: - dismiss-pull-request-review: New safe output capability for dismissing PR reviews authored by the workflow actor (PR #44209) - COPILOT_GITHUB_TOKEN: Fine-grained PAT for Copilot inference, now validated in activation job for OAuth token detection (PR #44204) - restore-memory (jobs.<job-id>.restore-memory): New custom job field for read-only memory store restore in deterministic jobs (PR #44214) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
OAuth tokens (
gho_...) are over-provisioned user-scoped credentials unsuitable for automation — they can't be scoped to specific repositories and are tied to the user's session lifecycle.Changes
actions/setup/sh/check_oauth_tokens.sh(new)COPILOT_GITHUB_TOKENandGH_AW_GITHUB_TOKENforgho_prefix at runtime$GITHUB_STEP_SUMMARYwith link to create a fine-grained PAT, exits 1pkg/workflow/compiler_activation_job_builder.goaddActivationOAuthTokenCheckStepinjects acheck-oauth-tokensstep into every activation jobvalidate-secretstepengine.envoverrides forCOPILOT_GITHUB_TOKEN(same resolution asvalidate-secret)pkg/workflow/compiler_activation_jobs_test.goTestBuildActivationJob_OAuthTokenCheckStep— step and script reference presentTestBuildActivationJob_OAuthTokenCheckStep_DefaultTokenExprs— default secret expressions used without overridesTestBuildActivationJob_OAuthTokenCheckStep_EngineEnvOverride—engine.envoverride honored forCOPILOT_GITHUB_TOKENTestBuildActivationJob_OAuthCheckAfterSecretValidation— ordering: OAuth check followsvalidate-secret