You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Summary: Add a quick-setup mode that reuses an already-configured COPILOT_GITHUB_TOKEN repository secret so reruns can proceed without requiring token re-entry.
Why a Customer Would Want This
Teams often rerun quick setup to add or refresh workflow files after initial adoption. Today, reruns can still stop at token acquisition even when the repository secret already exists, which creates avoidable friction in CI-like or non-interactive environments.
Rough Implementation Sketch
In scripts/quick-setup.sh, before prompting for a token, check whether COPILOT_GITHUB_TOKEN already exists in the target repo (via gh secret list --repo ...).
If the secret exists and no explicit override is provided, skip prompt/set and continue with a clear log message (for example: "Reusing existing COPILOT_GITHUB_TOKEN secret").
Add an opt-in override flag (for example --force-secret-update) to keep explicit rotation behavior available.
Document the rerun behavior in README.md quick setup text and script help output.
Why It Won't Be That Hard
This is a small, localized change in one script path: token handling already centralizes under --skip-secret logic, so adding a pre-check branch and one optional override flag should not require compiler or workflow schema changes.
Evidence
Current token flow exits in non-interactive runs when env token is absent, with no existing-secret reuse path: scripts/quick-setup.sh#L215-L244.
The script unconditionally calls secret set when a token value is present, rather than first detecting an existing repo secret: scripts/quick-setup.sh#L247-L249.
The project positions quick setup as a primary onboarding and install path: README.md#L28-L39.
Recent activity shows ongoing setup/token friction around quick setup behavior and docs clarity (e.g., #1071, #1144, #1148, #1145).
Note
🔒 Integrity filter blocked 40 items
The following items were blocked because they don't meet the GitHub integrity level.
#359search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#1067search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#1128search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
Mint Ephemeral Tokens #1067list_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
Feature Idea
Summary: Add a quick-setup mode that reuses an already-configured
COPILOT_GITHUB_TOKENrepository secret so reruns can proceed without requiring token re-entry.Why a Customer Would Want This
Teams often rerun quick setup to add or refresh workflow files after initial adoption. Today, reruns can still stop at token acquisition even when the repository secret already exists, which creates avoidable friction in CI-like or non-interactive environments.
Rough Implementation Sketch
scripts/quick-setup.sh, before prompting for a token, check whetherCOPILOT_GITHUB_TOKENalready exists in the target repo (viagh secret list --repo ...).--force-secret-update) to keep explicit rotation behavior available.README.mdquick setup text and script help output.Why It Won't Be That Hard
This is a small, localized change in one script path: token handling already centralizes under
--skip-secretlogic, so adding a pre-check branch and one optional override flag should not require compiler or workflow schema changes.Evidence
scripts/quick-setup.sh#L215-L244.scripts/quick-setup.sh#L247-L249.README.md#L28-L39.#1071,#1144,#1148,#1145).Note
🔒 Integrity filter blocked 40 items
The following items were blocked because they don't meet the GitHub integrity level.
search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".list_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".list_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".list_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".To allow these resources, lower
min-integrityin your GitHub frontmatter:What is this? | From workflow: Trigger Product Manager Impersonator
Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not.