Adapt GH-AW workflows to the PAT pool#25838
Closed
vitek-karas wants to merge 3 commits into
Closed
Conversation
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
rolfbjarne
approved these changes
Jun 30, 2026
Member
|
/azp run |
|
No pipelines are associated with this pull request. |
Member
|
Recreated from origin: #25888 |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adapts the repository’s GH-AW (Agentic Workflows) setup to use a pool of Copilot PATs (rather than a single shared token) to reduce rate-limiting and improve reliability, and adds tooling/docs to manage and validate that pool.
Changes:
- Added a shared
pat_poolworkflow import plus repository onboarding documentation for configuring a numbered PAT secret pool. - Updated existing agentic workflows (code-radiator, ci-postmortem, macios-reviewer) to select a PAT slot and set
COPILOT_GITHUB_TOKENaccordingly, and regenerated the corresponding lock files. - Added a scheduled/manual workflow to validate
COPILOT_PAT_0throughCOPILOT_PAT_9using the Copilot CLI and summarize results.
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/validate-pat-pool.yml | New workflow to validate PAT pool entries and produce a status summary/failure conditions. |
| .github/workflows/shared/pat_pool.README.md | New documentation for onboarding repos and wiring workflows to the PAT pool import. |
| .github/workflows/shared/pat_pool.md | New GH-AW import that selects a non-empty PAT slot and outputs its index. |
| .github/workflows/macios-reviewer.md | Updated agentic workflow frontmatter to import PAT pool and override COPILOT_GITHUB_TOKEN. |
| .github/workflows/macios-reviewer.lock.yml | Regenerated lock file reflecting PAT pool import and secret usage updates. |
| .github/workflows/code-radiator.md | Updated agentic workflow frontmatter to import PAT pool and override COPILOT_GITHUB_TOKEN. |
| .github/workflows/code-radiator.lock.yml | Regenerated lock file reflecting PAT pool import and secret usage updates. |
| .github/workflows/ci-postmortem.md | Updated agentic workflow frontmatter to import PAT pool and override COPILOT_GITHUB_TOKEN. |
| .github/workflows/ci-postmortem.lock.yml | Regenerated lock file reflecting PAT pool import and secret usage updates. |
Comment on lines
+42
to
+44
| needs.pat_pool.outputs.pat_number == '9', secrets.COPILOT_PAT_9, | ||
| 'NO COPILOT PAT AVAILABLE') | ||
| }} |
Comment on lines
+41
to
+44
| needs.pat_pool.outputs.pat_number == '8', secrets.COPILOT_PAT_8, | ||
| needs.pat_pool.outputs.pat_number == '9', secrets.COPILOT_PAT_9, | ||
| 'NO COPILOT PAT AVAILABLE') | ||
| }} |
Comment on lines
+36
to
+39
| needs.pat_pool.outputs.pat_number == '8', secrets.COPILOT_PAT_8, | ||
| needs.pat_pool.outputs.pat_number == '9', secrets.COPILOT_PAT_9, | ||
| 'NO COPILOT PAT AVAILABLE') | ||
| }} |
Comment on lines
2
to
+5
| on: | ||
| workflow_dispatch: | ||
| permissions: {} | ||
|
|
Comment on lines
+108
to
+110
| needs.pat_pool.outputs.pat_number == '9', secrets.COPILOT_PAT_9, | ||
| 'NO COPILOT PAT AVAILABLE') | ||
| }} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
code-radiator,ci-postmortem, andmacios-reviewerto sourceCOPILOT_GITHUB_TOKENfrom the selected PAT slot while continuing to use the existinggh-aw-environmentCOPILOT_PAT_0throughCOPILOT_PAT_9entries and regenerate the affected lock files