You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Summary: Make scripts/quick-setup.sh reuse an already-configured COPILOT_GITHUB_TOKEN secret by default, and only prompt/write a new token when explicitly requested.
Why a Customer Would Want This
Teams frequently rerun quick setup to add workflows or refresh triggers. Today reruns can still require token handling even when the repository already has COPILOT_GITHUB_TOKEN, which adds friction to an otherwise fast onboarding/update path.
Rough Implementation Sketch
Add a repo-secret existence check before the token prompt/write path (for example via gh secret list --repo "$repo").
If COPILOT_GITHUB_TOKEN already exists, skip prompt + gh secret set and print a clear "reusing existing secret" message.
Add an opt-in flag (for example --force-secret-update) to intentionally rotate/reset the secret when desired.
Keep existing --skip-secret and --dry-run behavior intact.
Why It Won't Be That Hard
This is a small, isolated enhancement in one script (scripts/quick-setup.sh) with centralized option parsing and a single secret-management block, so the change is mostly a conditional branch plus a new flag and help text.
Evidence
scripts/quick-setup.sh:L23-L30 documents existing flags; there is no secret-reuse or force-update mode.
scripts/quick-setup.sh:L215-L251 enters secret handling whenever --skip-secret is false, and writes the secret with gh secret set.
scripts/quick-setup.sh:L241-L243 errors in non-interactive mode when no env token is set, even though a repo secret may already exist.
README.md:L37-L39 positions quick setup as streamlined end-to-end install, so reducing rerun friction aligns with product expectations.
Related but distinct existing ideas: #809 (permission preflight), #888 (existing-file overwrite policy), #1220 (first-run checklist).
Note
🔒 Integrity filter blocked 43 items
The following items were blocked because they don't meet the GitHub integrity level.
#1175list_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#359search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#505search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#476search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#1067search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#704search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#694search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#684search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#547search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#153search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#424search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#239search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#459search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#600search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#1175search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
#1128search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".
... and 27 more items
To allow these resources, lower min-integrity in your GitHub frontmatter:
Feature Idea
Summary: Make
scripts/quick-setup.shreuse an already-configuredCOPILOT_GITHUB_TOKENsecret by default, and only prompt/write a new token when explicitly requested.Why a Customer Would Want This
Teams frequently rerun quick setup to add workflows or refresh triggers. Today reruns can still require token handling even when the repository already has
COPILOT_GITHUB_TOKEN, which adds friction to an otherwise fast onboarding/update path.Rough Implementation Sketch
gh secret list --repo "$repo").COPILOT_GITHUB_TOKENalready exists, skip prompt +gh secret setand print a clear "reusing existing secret" message.--force-secret-update) to intentionally rotate/reset the secret when desired.--skip-secretand--dry-runbehavior intact.Why It Won't Be That Hard
This is a small, isolated enhancement in one script (
scripts/quick-setup.sh) with centralized option parsing and a single secret-management block, so the change is mostly a conditional branch plus a new flag and help text.Evidence
scripts/quick-setup.sh:L23-L30documents existing flags; there is no secret-reuse or force-update mode.scripts/quick-setup.sh:L215-L251enters secret handling whenever--skip-secretis false, and writes the secret withgh secret set.scripts/quick-setup.sh:L241-L243errors in non-interactive mode when no env token is set, even though a repo secret may already exist.README.md:L37-L39positions quick setup as streamlined end-to-end install, so reducing rerun friction aligns with product expectations.#809(permission preflight),#888(existing-file overwrite policy),#1220(first-run checklist).Note
🔒 Integrity filter blocked 43 items
The following items were blocked because they don't meet the GitHub integrity level.
list_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_pull_requests: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".search_issues: has lower integrity than agent requires. The agent cannot read data with integrity below "approved".To allow these resources, lower
min-integrityin your GitHub frontmatter:What is this? | From workflow: Trigger Product Manager Impersonator
Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not.