Require environment input to pat_pool shared workflow.#832
Merged
Conversation
jeffhandley
commented
Jun 25, 2026
jeffhandley
commented
Member
- Updates the PAT pool shared workflow to latest version
- Updates the validate-pat-pool workflow to match other repos
- Updates all agentic workflows to use the updated PAT pool import with the standard secret names used across other repos
- The new version of the import does not require the 'needs' workaround but the issue-triage workflow's 'roles: all' configuration requires a different workaround to ensure the pre_activation job exists for the pat_pool job to be able to depend on it (necessary for ordering).
- Updates the PAT pool shared workflow to latest version - Updates the validate-pat-pool workflow to match other repos - Updates all agentic workflows to use the updated PAT pool import with the standard secret names used across other repos - The new version of the import does not require the 'needs' workaround but the issue-triage workflow's 'roles: all' configuration requires a different workaround to ensure the pre_activation job exists for the pat_pool job to be able to depend on it (necessary for ordering).
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the repository’s Agentic Workflows “PAT pool” integration to require an explicit environment input, standardizes PAT secret names to COPILOT_PAT_0..9, and updates the affected workflows (and their generated lockfiles) to consume PATs via the shared import while running inside a dedicated copilot-pat-pool environment.
Changes:
- Require an
environmentinput inshared/pat_pool.mdand makepat_pooldepend onpre_activationfor ordering. - Migrate PAT secret naming/selection from
COPILOT_GITHUB_TOKEN[_N]toCOPILOT_PAT_0..9across agentic workflows and lockfiles. - Update PAT pool documentation and the validation workflow to reflect environment-scoped usage.
Reviewed changes
Copilot reviewed 19 out of 19 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/validate-pat-pool.yml | Validates COPILOT_PAT_0..9 and runs under the copilot-pat-pool environment. |
| .github/workflows/shared/pat_pool.README.md | Documents environment setup, env secrets, and updated PAT pool usage. |
| .github/workflows/shared/pat_pool.md | Makes environment a required import input; expands pool to 10 slots; orders after pre_activation. |
| .github/workflows/pr-malicious-scan.agent.md | Updates workflow frontmatter to import pat_pool with environment + new secret names. |
| .github/workflows/pr-malicious-scan.agent.lock.yml | Regenerated compiled workflow reflecting env + COPILOT_PAT_0..9. |
| .github/workflows/markdown-linter.md | Updates workflow frontmatter to import pat_pool with environment + new secret names. |
| .github/workflows/markdown-linter.lock.yml | Regenerated compiled workflow reflecting env + COPILOT_PAT_0..9. |
| .github/workflows/issue-triage.md | Updates workflow frontmatter to import pat_pool with environment; adds workaround to force pre_activation. |
| .github/workflows/issue-triage.lock.yml | Regenerated compiled workflow reflecting env + COPILOT_PAT_0..9 and new pre_activation behavior. |
| .github/workflows/issue-investigate.md | Updates workflow frontmatter to import pat_pool with environment + new secret names. |
| .github/workflows/issue-investigate.lock.yml | Regenerated compiled workflow reflecting env + COPILOT_PAT_0..9. |
| .github/workflows/devops-health-investigate.md | Updates workflow frontmatter to import pat_pool with environment + new secret names. |
| .github/workflows/devops-health-investigate.lock.yml | Regenerated compiled workflow reflecting env + COPILOT_PAT_0..9. |
| .github/workflows/devops-health-groom.md | Updates workflow frontmatter to import pat_pool with environment + new secret names. |
| .github/workflows/devops-health-groom.lock.yml | Regenerated compiled workflow reflecting env + COPILOT_PAT_0..9. |
| .github/workflows/devops-health-check.md | Updates workflow frontmatter to import pat_pool with environment + new secret names. |
| .github/workflows/devops-health-check.lock.yml | Regenerated compiled workflow reflecting env + COPILOT_PAT_0..9. |
| .github/workflows/close-stale-prs.agent.md | Updates workflow frontmatter to import pat_pool with environment + new secret names. |
| .github/workflows/close-stale-prs.agent.lock.yml | Regenerated compiled workflow reflecting env + COPILOT_PAT_0..9. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Contributor
|
👋 @jeffhandley — this PR has 2 unresolved review thread(s). When you're ready, please address the feedback and push an update; the triage bot will pick up the next state automatically. (Add the |
Evangelink
approved these changes
Jun 25, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.