Add support for GITHUB_ACTOR and GITHUB_REPOSITORY environment variables with --validate-actor flag in mcp-server command

[Copilot]

Implementation Plan: Add GITHUB_ACTOR and GITHUB_REPOSITORY Environment Variable Support to mcp-server Command

Overview

Add support for the GITHUB_ACTOR and GITHUB_REPOSITORY environment variables to the mcp-server command to determine the role of the current actor (admin, maintain, write) for access control. The actor information is required for audit and logs functionality to work properly. The --validate-actor flag enforces actor validation when enabled.

Changes Made

• GITHUB_ACTOR Support: mcp-server command now reads the GITHUB_ACTOR environment variable to determine the current actor
• GITHUB_REPOSITORY Support: Added GITHUB_REPOSITORY environment variable to MCP server configuration for repository context
  • Passed to agentic-workflows MCP server in both dev and release modes
  • Enables fast path for repository lookup (avoids gh CLI calls)
  • Used by permission checking to determine repository context
• --validate-actor Flag: New flag to enforce actor validation
  • When enabled: Logs and audit tools query GitHub API to verify actor has write+ access
  • When disabled (default): Logs and audit tools work without actor validation (backward compatible)
• Always Mount Tools: Logs and audit tools are always mounted and visible to MCP clients; permission checks happen at runtime when tools are invoked
• GitHub API Integration: Added real-time permission checking via GitHub API
  • Queries /repos/{owner}/{repo}/collaborators/{username}/permission endpoint
  • Validates actor has write, maintain, or admin access
  • Caches permission results for 1 hour (TTL) to avoid excessive API calls
  • Returns detailed error messages with actual role vs required role
  • Fails open if repository context cannot be determined
• Repository Caching: Added repository information caching with 1-hour TTL
  • Caches repository name (owner/repo) for 1 hour
  • Checks GITHUB_REPOSITORY env var first (fast path)
  • Falls back to gh repo view if env var not set
  • Avoids repeated CLI calls for repository lookup
• Runtime Permission Checking: Added checkActorPermission function that validates permissions when restricted tools are called
  • Queries GitHub API to get actor's actual repository role
  • Returns clear error message: "permission denied: insufficient role" with detailed context
  • Error includes actor's actual role, required role, and repository information
• Role-Based Access Control: Logs and audit tools require write+ repository access (updated from maintainer to write)
• Workflow Compilation: GITHUB_ACTOR and GITHUB_REPOSITORY environment variables are passed to agentic-workflows MCP server in both dev and release modes
  • Updated JSON renderer (Copilot/Claude engines)
  • Updated TOML renderer (Codex engine) in both mcp_config_builtin.go and mcp_renderer.go
  • Recompiled all 148 workflows with updated environment variables
• Dockerfile Update: CMD now includes --validate-actor flag to enforce validation in containerized environments

Caching Strategy

• Permission Cache TTL: 1 hour per actor-repository combination
  • Cache Key: {actor}:{repository}
  • Stores actor's permission level in the repository
• Repository Cache TTL: 1 hour
  • Single global cache for repository information
  • Avoids repeated gh repo view CLI calls
• Automatic Expiration: All cache entries automatically expire after TTL
• API Query: GET /repos/{owner}/{repo}/collaborators/{username}/permission
• Accepted Roles: admin, maintain, write

Behavior

Scenario	--validate-actor	GITHUB_ACTOR	Actor Role	Logs/Audit Tools
Default (no flag)	Disabled	Not set	N/A	✅ Mounted, ✅ Allowed
Default (no flag)	Disabled	Set	Any	✅ Mounted, ✅ Allowed
Validation enabled	Enabled	Not set	N/A	✅ Mounted, ❌ Permission denied
Validation enabled	Enabled	Set	read/triage	✅ Mounted, ❌ Permission denied (insufficient role)
Validation enabled	Enabled	Set	write+	✅ Mounted, ✅ Allowed

Error Messages

When GITHUB_ACTOR is not set:

{
  "error": "GITHUB_ACTOR environment variable not set",
  "tool": "logs",
  "reason": "This tool requires at least write access to the repository. Set GITHUB_ACTOR environment variable to enable access."
}

When actor has insufficient permissions:

{
  "error": "insufficient repository permissions",
  "actor": "username",
  "repository": "owner/repo",
  "role": "read",
  "required": "write, maintain, or admin",
  "reason": "Actor username has read access to owner/repo. This tool requires at least write access."
}

Original prompt

The mcp-server command should support a flag called --actor, which receives the value of GITHUB_ACTOR. The command uses this flag to determine the role of the current actor, such as admin, maintainer, or write.

To access logs and use the audit functionality, the actor must have at least maintainer access. Otherwise, these functions are not mounted.

When setting up the agentic-workflows tool, pass this new flag to the CLI so that the server is configured correctly based on the user identity. You can pass the actor value either through the standard GITHUB_ACTOR environment variable or via the --actor flag. The CLI must support both options and handle them consistently in release mode (container) and in development mode (using the build command). Update the documentation to reflect this behavior.

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

---

Changeset

• Type: patch
• Description: Added the MCP server actor validation flag along with GITHUB_ACTOR/GITHUB_REPOSITORY support and documentation updates.

Generated by Changeset Generator

[pelikhan]

@copilot update the minimum required role to write instead of maintainer.

[Copilot]

@copilot update the minimum required role to write instead of maintainer.

Updated the minimum required role from maintainer to write for logs and audit tools in commit ce674cf.

Changes include:

• Help text now shows "requires write+ access"
• Function documentation updated to reflect write access requirement
• Log messages updated to mention "write+ access"
• All comments in the code updated accordingly

[github-actions]

🔍 PR Triage Results

Category: feature | Risk: medium | Priority: 38/100

Scores Breakdown

• Impact: 28/50 - New CLI feature adding --actor flag to mcp-server command for access control
• Urgency: 4/30 - WIP status, 2.5 hours old, new feature not blocking any critical work
• Quality: 6/20 - CI pending, WIP status, large changeset (572 lines across 27 files suggests extensive workflow recompilation)

📋 Recommended Action: defer

Explanation: This WIP PR adds access control functionality via --actor flag. The large changeset (27 files) includes workflow lock file regeneration. Should wait for completion and thorough CI validation given the scope.

Next Steps:

1. Complete implementation and remove [WIP] tag
2. Validate all workflow lock files are correctly regenerated
3. Ensure comprehensive test coverage
4. Wait for CI validation
5. Request review

---

Triaged by PR Triage Agent on 2026-02-12

AI generated by PR Triage Agent

[pelikhan]

@copilot remove --actor flag support, only support env var GITHUB_ACTOR

[Copilot]

@copilot remove --actor flag support, only support env var GITHUB_ACTOR

Removed the --actor flag in commit ff20818. The mcp-server command now only supports the GITHUB_ACTOR environment variable for actor-based access control.

Changes:

• Removed --actor flag from command definition
• Updated help text to only reference GITHUB_ACTOR environment variable
• Simplified examples to show environment variable usage only
• Log messages now mention "GITHUB_ACTOR environment variable" instead of "flag or environment variable"

[pelikhan]

@copilot

• add flag --validate-actor to enforce the actor check
• add flag in Dockerfile entry point args
• when flag is enabled, enforce actor check; otherwise ignore

[github-actions]

✅ Changeset Generator completed successfully!

[github-actions]

📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing...

[github-actions]

🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨

[github-actions]

🧪 Smoke Project is now testing project operations...

[github-actions]

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

[github-actions]

Agent Container Tool Check

Tool	Status	Version
bash	✅	5.2.21
sh	✅	available
git	✅	2.52.0
jq	✅	1.7
yq	✅	4.52.2
curl	✅	8.5.0
gh	✅	2.86.0
node	✅	20.20.0
python3	✅	3.12.3
go	✅	1.24.12
java	✅	21.0.10
dotnet	✅	10.0.102

Result: 12/12 tools available ✅

All required development tools are accessible in the agent container environment.

AI generated by Agent Container Smoke Test

[github-actions]

✅ Smoke Project completed successfully. All project operations validated.

[github-actions]

Smoke Test Results: ✅ PASS

PR Titles Tested:

• Neutralize GitHub Actions workflow commands in user-generated log output #15150: Neutralize GitHub Actions workflow commands in user-generated log output
• Add support for GITHUB_ACTOR and GITHUB_REPOSITORY environment variables with --validate-actor flag in mcp-server command #15084: Add support for GITHUB_ACTOR and GITHUB_REPOSITORY environment variables with --validate-actor flag

Test Results: 8/9 passed

• ✅ GitHub MCP, Safe Inputs, Playwright, File I/O, Discussion, Build, Workflow Dispatch
• ❌ Serena MCP (not available)

Overall: PASS

cc: @pelikhan @Copilot

AI generated by Smoke Copilot

[github-actions]

Merged PRs: chore: add account summary table (#15176); chore: enhance bot report summary (#15175)
GitHub MCP: ✅
Serena MCP: ✅
Playwright: ✅
File write: ✅
Bash cat: ✅
Build: ✅
Overall: PASS

AI generated by Smoke Codex

[github-actions]

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤