feat: auto-forward OTEL_* env vars with one-shot token protection for headers

[Copilot]

New Feature

In standalone AWF (without --env-all), OTEL_* variables were silently dropped and OTEL_EXPORTER_OTLP_HEADERS — which typically contains Authorization: Bearer <token> — was unprotected in /proc/self/environ.

Changes

• src/services/agent-environment.ts

  • Auto-forward all OTEL_* host vars in the selective passthrough block (no --env-all required); respects EXCLUDED_ENV_VARS and deduplication
  • Add COPILOT_OTEL_FILE_EXPORTER_PATH to alwaysForwardVars
  • Add four OTEL header vars to AWF_ONE_SHOT_TOKENS — cached on first getenv() call and removed from /proc/self/environ via the LD_PRELOAD library:

    OTEL_EXPORTER_OTLP_HEADERS
    OTEL_EXPORTER_OTLP_TRACES_HEADERS
    OTEL_EXPORTER_OTLP_METRICS_HEADERS
    OTEL_EXPORTER_OTLP_LOGS_HEADERS
    

• src/services/agent-environment-credentials.test.ts — tests for OTEL_* forwarding in default mode, absence when unset, one-shot token list coverage, and COPILOT_OTEL_FILE_EXPORTER_PATH passthrough

• docs/environment.md — new OpenTelemetry (OTEL) Environment Variables section covering automatic forwarding, one-shot credential protection, OTLP/HTTP vs gRPC network constraints (port 4317 is blocked; use http/protobuf), and a variable category reference table

Network note

OTLP/HTTP (http/protobuf, default port 4318→443) works through Squid. OTLP/gRPC (port 4317) is blocked by the default DROP rule — users should set OTEL_EXPORTER_OTLP_PROTOCOL=http/protobuf. The OTLP collector domain must be in --allow-domains.

[github-actions]

Documentation Preview

Documentation build failed for this PR. View logs.

Built from commit 77f6b5a

[Copilot]

Pull request overview

This PR improves OpenTelemetry support in the AWF agent container by automatically forwarding OTEL_* environment variables (without requiring --env-all) and ensuring OTLP header credentials are protected via the one-shot token mechanism.

Changes:

• Automatically forward all host OTEL_* env vars in default (selective passthrough) mode, while respecting EXCLUDED_ENV_VARS and deduplication.
• Extend one-shot token protection (AWF_ONE_SHOT_TOKENS) to include OTLP header variables that commonly contain bearer tokens.
• Add tests for OTEL forwarding behavior and document OTEL env var handling and network constraints.

Show a summary per file

File	Description
src/services/agent-environment.ts	Adds default-mode passthrough of OTEL_* vars, forwards COPILOT_OTEL_FILE_EXPORTER_PATH, and protects OTEL header vars via AWF_ONE_SHOT_TOKENS.
src/services/agent-environment-credentials.test.ts	Adds unit tests validating OTEL passthrough behavior and one-shot token list coverage.
docs/environment.md	Documents OTEL automatic forwarding, one-shot token protection, and OTLP network requirements.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 3/3 changed files
• Comments generated: 1

[lpcox]

@copilot recompile smoke codex

[Copilot]

@copilot recompile smoke codex

Done — recompiled smoke-codex and ran post-processing. The lock file was updated in commit ci: recompile smoke-codex workflow.

[github-actions]

🔥 Smoke Test: Copilot BYOK — PASS

Test	Result
GitHub MCP connectivity	⚠️ 401 (token scope limited in sandbox)
GitHub.com HTTP	✅
File write/read	✅ (smoke-test-copilot-byok-25899820207.txt)
BYOK inference (this response)	✅

Running in BYOK offline mode (COPILOT_OFFLINE=true) via api-proxy → api.githubcopilot.com.

Overall: PASS ✅

🔑 BYOK report filed by Smoke Copilot BYOK

[github-actions]

🔬 Smoke Test Results

Test	Status
GitHub MCP connectivity	❌ 401 Bad credentials
GitHub.com HTTP connectivity	❌ Template vars unexpanded
File write/read	❌ Template vars unexpanded

Overall: FAIL — workflow template variables (${{ steps.smoke-data.outputs.* }}) were not substituted before agent execution, and GitHub MCP returned 401 Bad credentials.

No label applied due to failures.

📰 BREAKING: Report filed by Smoke Copilot

[github-actions]

Smoke Test Results (Claude Engine Validation)

❌ GitHub API - Failed: Bad credentials error with gh CLI auth
✅ Playwright - Passed: Navigated to github.com, title contains "GitHub"
✅ File verify - Passed: Marker file exists with expected content

Overall: FAIL (2/3 tests passed)

One test failed due to GitHub CLI authentication not being properly configured in the workflow environment.

💥 [THE END] — Illustrated by Smoke Claude

[github-actions]

Smoke Test Results

• GitHub MCP: ❌ (mcpscripts CLI not found)
• GitHub.com Connectivity: ❌ (Status 000/Exit 35)
• File Writing: ✅
• Bash Tool: ✅

PR Titles:

1. Refactor option parser utilities into domain-focused modules with compatibility wrappers (Refactor option parser utilities into domain-focused modules with compatibility wrappers #3160)
2. (Unable to retrieve second PR title)

Overall Status: FAIL

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• localhost

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "localhost"

See Network Configuration for more information.

💎 Faceted by Smoke Gemini

[github-actions]

Chroot Version Comparison Results

Runtime	Host Version	Chroot Version	Match?
Python	Python 3.12.13	Python 3.12.3	❌
Node.js	v24.15.0	v20.20.2	❌
Go	go1.22.12	go1.22.12	✅

Overall: FAILED — Python and Node.js versions differ between host and chroot environments.

Tested by Smoke Chroot

[github-actions]

🏗️ Build Test Suite Results

Ecosystem	Project	Build/Install	Tests	Status
Bun	elysia	✅	1/1 passed	✅ PASS
Bun	hono	✅	1/1 passed	✅ PASS
C++	fmt	✅	N/A	✅ PASS
C++	json	✅	N/A	✅ PASS
Deno	oak	N/A	1/1 passed	✅ PASS
Deno	std	N/A	1/1 passed	✅ PASS
.NET	hello-world	✅	N/A	✅ PASS
.NET	json-parse	✅	N/A	✅ PASS
Go	color	✅	1/1 passed	✅ PASS
Go	env	✅	1/1 passed	✅ PASS
Go	uuid	✅	1/1 passed	✅ PASS
Java	gson	✅	1/1 passed	✅ PASS
Java	caffeine	✅	1/1 passed	✅ PASS
Node.js	clsx	✅	All passed	✅ PASS
Node.js	execa	✅	All passed	✅ PASS
Node.js	p-limit	✅	All passed	✅ PASS
Rust	fd	✅	1/1 passed	✅ PASS
Rust	zoxide	✅	1/1 passed	✅ PASS

Overall: 8/8 ecosystems passed — ✅ PASS

Generated by Build Test Suite for issue #3180 · ● 3.8M · ◷

[github-actions]

Smoke Test Results — FAIL

Check	Result
Redis PING	❌ Timeout (no response)
PostgreSQL pg_isready	❌ No response on port 5432
PostgreSQL SELECT 1	❌ Timeout (no response)

host.docker.internal is not reachable from this runner environment — service containers appear unavailable. Overall: FAIL

🔌 Service connectivity validated by Smoke Services

[github-actions]

Smoke Codex: FAIL
PRs: feat: auto-forward OTEL_* env vars with one-shot token protection for headers; fix(api-proxy): route GPT-5 family models to /responses regardless of auth path
✅ GitHub PR review, Playwright, file/bash, build
❌ safeinputs-gh, Tavily search, discussion query
Overall status: FAIL

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• registry.npmjs.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "registry.npmjs.org"

See Network Configuration for more information.

🔮 The oracle has spoken through Smoke Codex