Skip to content

Remove unused buildProviderTargetEnv export from API proxy env config#5682

Merged
lpcox merged 2 commits into
mainfrom
copilot/remove-unused-export-buildprovidertargetenv
Jun 29, 2026
Merged

Remove unused buildProviderTargetEnv export from API proxy env config#5682
lpcox merged 2 commits into
mainfrom
copilot/remove-unused-export-buildprovidertargetenv

Conversation

Copilot AI commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

buildProviderTargetEnv was exported from a security-sensitive API proxy config module but had no external consumers. This unnecessarily expanded the module’s public surface in credential-handling code.

  • API surface reduction

    • Changed buildProviderTargetEnv in src/services/api-proxy-env-config.ts from exported to module-private.
    • Kept behavior intact by continuing to use it internally via buildApiProxyBaseEnv.
  • Test alignment with public contract

    • Updated src/services/api-proxy-service-split.test.ts to stop importing the internal helper directly.
    • Retargeted the session-id normalization assertion to buildApiProxyBaseEnv (the public entry point).
// before
export function buildProviderTargetEnv(config: WrapperConfig): Record<string, string> { ... }

// after
function buildProviderTargetEnv(config: WrapperConfig): Record<string, string> { ... }

Copilot AI changed the title [WIP] Remove unused export buildProviderTargetEnv in api-proxy-env-config Remove unused buildProviderTargetEnv export from API proxy env config Jun 29, 2026
Copilot finished work on behalf of lpcox June 29, 2026 14:07
Copilot AI requested a review from lpcox June 29, 2026 14:07
@lpcox lpcox marked this pull request as ready for review June 29, 2026 14:31
Copilot AI review requested due to automatic review settings June 29, 2026 14:31

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR reduces the public API surface of the security-sensitive API proxy environment configuration by making buildProviderTargetEnv module-private and updating tests to validate behavior through the intended public entry point.

Changes:

  • Made buildProviderTargetEnv non-exported in src/services/api-proxy-env-config.ts while preserving internal usage via buildApiProxyBaseEnv.
  • Updated src/services/api-proxy-service-split.test.ts to stop importing the internal helper and assert session-id normalization via buildApiProxyBaseEnv.
Show a summary per file
File Description
src/services/api-proxy-env-config.ts Removes an unused export to reduce public surface area in credential-handling env construction.
src/services/api-proxy-service-split.test.ts Aligns tests with the public contract by asserting behavior through buildApiProxyBaseEnv.

Review details

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 2/2 changed files
  • Comments generated: 0
  • Review effort level: Low

@github-actions

Copy link
Copy Markdown
Contributor

✅ Copilot review passed with no inline comments.

@copilot Add the ready-for-aw label to this PR to trigger agentic CI smoke tests.

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Contribution Check completed successfully!

Contribution guidelines review complete for PR #5682: no important guideline issues found in the provided PR metadata, diffs, and CONTRIBUTING.md.

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Smoke Claude passed

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

🔑 Smoke Copilot PAT PAT auth validated. All systems operational. ✅

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Smoke Copilot BYOK AOAI (api-key) completed. Copilot AOAI BYOK (api-key) mode operational. 🔓

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Chroot tests passed! Smoke Chroot - All security and functionality tests succeeded.

@github-actions

Copy link
Copy Markdown
Contributor

🚀 Security Guard has started processing this pull request

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

📡 Smoke OTel Tracing completed. All tracing scenarios validated. ✅

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

🔌 Smoke Services — All services reachable! ✅

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Smoke Copilot BYOK completed. Copilot BYOK mode operational. 🔓

@github-actions

Copy link
Copy Markdown
Contributor

✅ Coverage Check Passed

Overall Coverage

Metric Base PR Delta
Lines 98.16% 98.20% 📈 +0.04%
Statements 98.10% 98.13% 📈 +0.03%
Functions 99.54% 99.54% ➡️ +0.00%
Branches 94.14% 94.14% ➡️ +0.00%
📁 Per-file Coverage Changes (1 files)
File Lines (Before → After) Statements (Before → After)
src/workdir-setup.ts 92.7% → 94.5% (+1.82%) 92.7% → 94.5% (+1.82%)

Coverage comparison generated by scripts/ci/compare-coverage.ts

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Smoke Copilot BYOK AOAI (Entra) completed. Copilot AOAI BYOK (Entra) mode operational. 🔓

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Smoke Gemini completed. All facets verified. 💎

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Build Test Suite completed successfully!

@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

@github-actions github-actions Bot mentioned this pull request Jun 29, 2026
@github-actions

Copy link
Copy Markdown
Contributor

🔬 Smoke Test Results

Test Result
GitHub MCP connectivity
GitHub.com HTTP ✅ 200
File write/read ❌ (pre-step data not injected)

Overall: FAIL — pre-computed step outputs (SMOKE_*) were not substituted into the prompt; file test could not be verified.

PR: "Remove unused buildProviderTargetEnv export from API proxy env config"
Author: @Copilot | Assignees: @lpcox @Copilot

📰 BREAKING: Report filed by Smoke Copilot

@github-actions

Copy link
Copy Markdown
Contributor

Smoke Test: Claude Engine Validation

  • API status: ✅ PASS
  • gh check: ✅ PASS
  • File status: ✅ PASS

Overall result: PASS

Generated by Smoke Claude for #5682 · 36.1 AIC · ⊞ 3.3K ·

@github-actions

Copy link
Copy Markdown
Contributor

🔥 Smoke Test: Copilot PAT — PASS

Test Result
GitHub MCP connectivity
github.com HTTP status ✅ 200
File write/read

PR: Remove unused buildProviderTargetEnv export from API proxy env config
Author: @Copilot | Assignees: @lpcox, @Copilot
Auth mode: PAT (COPILOT_GITHUB_TOKEN)

🔑 PAT report filed by Smoke Copilot PAT

@github-actions

Copy link
Copy Markdown
Contributor

Smoke Test: API Proxy OpenTelemetry Tracing

Scenario Status Detail
Module Loading otel.js loads; exports startRequestSpan, setTokenAttributes, setBudgetAttributes, endSpan, endSpanError, shutdown, isEnabled
Test Suite 59/59 tests pass (2 suites: otel.test.js, otel-fanout.test.js)
Env Var Forwarding api-proxy-env-config.ts forwards GH_AW_OTLP_ENDPOINTS, OTEL_EXPORTER_OTLP_ENDPOINT, OTEL_EXPORTER_OTLP_HEADERS, GITHUB_AW_OTEL_TRACE_ID, GITHUB_AW_OTEL_PARENT_SPAN_ID, OTEL_SERVICE_NAME
Token Tracker Integration onUsage callback exists in token-tracker-http.js (line 324); invoked after normalized usage extraction
OTEL Diagnostics Graceful degradation confirmed: falls back to /var/log/api-proxy/otel.jsonl when no OTLP endpoint configured

All scenarios pass. OTEL tracing integration is functioning correctly.

📡 OTel tracing validated by Smoke OTel Tracing

@github-actions

Copy link
Copy Markdown
Contributor

✅ Smoke Test: Copilot BYOK (Direct) Mode — PASS

Test Results

  • GitHub MCP Testing: List PRs verified (2 closed PRs returned)
  • GitHub.com Connectivity: HTTP 200
  • File Write/Read: /etc/hosts readable
  • BYOK Inference Path: Direct mode active (api-proxy → api.githubcopilot.com)

Mode: Direct BYOK via COPILOT_PROVIDER_API_KEY → api-proxy sidecar → Copilot API

@Copilot @lpcox

🔑 BYOK report filed by Smoke Copilot BYOK

@github-actions

Copy link
Copy Markdown
Contributor

Chroot Smoke Test Results

Runtime Host Version Chroot Version Match?
Python Python 3.12.13 Python 3.12.3 ❌ NO
Node.js v24.17.0 v22.23.0 ❌ NO
Go go1.22.12 go1.22.12 ✅ YES

Overall: ❌ FAILED — Python and Node.js versions differ between host and chroot environment.

Tested by Smoke Chroot

@github-actions

Copy link
Copy Markdown
Contributor

Smoke Test

  • chore: upgrade gh-aw to v0.81.6 pre-release
  • [Test Coverage] add branch coverage for ssl-key-storage and config-writer
  • GitHub PR query ✅
  • GH list query ✅
  • GitHub title check ✅
  • File write/read ✅
  • Discussion query/comment ✅
  • npm ci && npm run build
  • Overall: PASS

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • registry.npmjs.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "registry.npmjs.org"

See Network Configuration for more information.

🔮 The oracle has spoken through Smoke Codex

@github-actions

Copy link
Copy Markdown
Contributor

Smoke Test Results

  • GitHub MCP Testing: ❌ (Tools missing)
  • GitHub.com Connectivity: ❌ (SSL Error 35)
  • File Writing Testing: ✅
  • Bash Tool Testing: ✅

Overall status: FAIL

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • localhost

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "localhost"

See Network Configuration for more information.

💎 Faceted by Smoke Gemini

@github-actions

Copy link
Copy Markdown
Contributor

Smoke Test: GitHub Actions Services Connectivity

Check Result
Redis PING ❌ Timeout/no response
PostgreSQL pg_isready ❌ No response
PostgreSQL SELECT 1 ❌ Timeout/no response

Overall: FAILhost.docker.internal is not reachable from this runner. Service containers are unavailable.

🔌 Service connectivity validated by Smoke Services

@github-actions

Copy link
Copy Markdown
Contributor

@lpcox @Copilot
Remove unused buildProviderTargetEnv export from API proxy env config ✅
Stop keyword leakage in api-proxy-env-constants export surface ✅
github.com HTTP ✅
file I/O ✅
BYOK inference ✅
Running in direct BYOK mode (COPILOT_PROVIDER_API_KEY + COPILOT_PROVIDER_BASE_URL) via api-proxy → Azure OpenAI (Foundry, o4-mini-aw)
Overall: PASS

🔑 BYOK (AOAI api-key) report filed by Smoke Copilot BYOK AOAI (api-key)

@github-actions

Copy link
Copy Markdown
Contributor

@lpcox @Copilot

  • GitHub MCP testing: ✅
  • GitHub.com connectivity: ✅
  • File write/read test: ✅
  • BYOK inference test: ✅

Running in direct BYOK mode (AWF_AUTH_TYPE=github-oidc + AWF_AUTH_AZURE_* + COPILOT_PROVIDER_BASE_URL) via api-proxy → Azure OpenAI (Foundry, o4-mini-aw) authenticated via Microsoft Entra

Status: PASS

🪪 BYOK (AOAI Entra) report filed by Smoke Copilot BYOK AOAI (Entra)

@github-actions

Copy link
Copy Markdown
Contributor

🏗️ Build Test Suite Results

Ecosystem Project Build/Install Tests Status
Bun elysia 1/1 passed ✅ PASS
Bun hono 1/1 passed ✅ PASS
C++ fmt N/A ✅ PASS
C++ json N/A ✅ PASS
Deno oak N/A 1/1 passed ✅ PASS
Deno std N/A 1/1 passed ✅ PASS
.NET hello-world N/A ✅ PASS
.NET json-parse N/A ✅ PASS
Go color 1/1 passed ✅ PASS
Go env 1/1 passed ✅ PASS
Go uuid 1/1 passed ✅ PASS
Java gson 1/1 passed ✅ PASS
Java caffeine 1/1 passed ✅ PASS
Node.js clsx All passed ✅ PASS
Node.js execa All passed ✅ PASS
Node.js p-limit All passed ✅ PASS
Rust fd 1/1 passed ✅ PASS
Rust zoxide 1/1 passed ✅ PASS

Overall: 8/8 ecosystems passed — ✅ PASS

Generated by Build Test Suite for #5682 · 56.8 AIC · ⊞ 7.8K ·

@lpcox lpcox merged commit fb44f3b into main Jun 29, 2026
88 of 91 checks passed
@lpcox lpcox deleted the copilot/remove-unused-export-buildprovidertargetenv branch June 29, 2026 15:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants