Lock file generator drops permissions on agent job and omits them on detection job #23572
Description
Issue Draft for github/gh-aw
Title: Lock file generator drops permissions on agent job and omits them on detection job
Description
The lock file generator produces insufficient permissions: for the agent and detection jobs when the source .md file specifies permissions: read-all with features: copilot-requests: true.
The agent job only receives copilot-requests: write — all other scopes from read-all are dropped. The detection job receives no permissions: block at all.
Source configuration
# repo-assist.md
permissions: read-all
features:
copilot-requests: trueWhat the lock file generates
| Job | contents | issues | pull-requests | discussions | copilot-requests |
|---|---|---|---|---|---|
| activation | read | write | write | write | — |
| agent | ❌ missing | ❌ missing | ❌ missing | ❌ missing | write |
| detection | (no permissions block at all — inherits workflow-level {}) |
❌ missing | |||
| push_repo_memory | write | — | — | — | — |
| conclusion | write | — | — | write | — |
Failures observed
1. agent job — checkout fails (no contents: read)
##[error]fatal: repository 'https://github.com/octodemo/octocat_supply-symmetrical-orbit/' not found
The process '/usr/bin/git' failed with exit code 128
actions/checkout uses the default GITHUB_TOKEN, which only has copilot-requests: write. Three retries, all failed.
2. agent job — GraphQL API fails (no issues: read)
GraphQL: Resource not accessible by integration (repository.issues)
The "Fetch repo data for task weighting" step runs gh issue list and gh pr list, which require issues and pull-requests scopes.
3. detection job — copilot-cli auth fails (no copilot-requests: write)
Error: Authentication failed (Request ID: E828:18E55B:99C31A:A99D84:69CAB689)
Your GitHub token may be invalid, expired, or lacking the required permissions.
The detection job has no permissions: block, so it inherits the workflow-level permissions: {} (empty). copilot-cli uses COPILOT_GITHUB_TOKEN: ${{ github.token }} which has zero scopes.
Expected behavior
- The
agentjob should receive the workflow-levelpermissions: read-allscopes merged withcopilot-requests: writefromfeatures:, not replaced by it. - The
detectionjob should receive at minimumcopilot-requests: writesince it runscopilot-cli.
Workaround applied
I manually patched the lock file to add the missing permissions across three commits:
- Added
contents: readto theagentjob — fixed the checkout failure - Added
issues: write,pull-requests: write,discussions: writeto theagentjob — fixed the GraphQL API failure - Added
copilot-requests: writeto thedetectionjob — fixed the copilot-cli auth failure
Agent job (final):
permissions:
contents: read
copilot-requests: write
discussions: write
issues: write
pull-requests: writeDetection job (added):
permissions:
copilot-requests: writeAdditional note
The agent job may also need contents: write (not just read) since it creates PRs with code changes. My workaround uses read for now, but this could surface as another failure.
References
- Source:
.github/workflows/repo-assist.md - Lock file:
.github/workflows/repo-assist.lock.yml