Skip to content

coderjun/copilot-assigner-worker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
src
src
 
 
.gitignore
.gitignore
 
 
CLAUDE.md
CLAUDE.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
wrangler.toml
wrangler.toml
 
 

Repository files navigation

Copilot Assigner Worker

A Cloudflare Worker that assigns GitHub issues to the Copilot coding agent using OAuth authentication.

Why This Exists

GitHub's Copilot coding agent can only be assigned to issues via OAuth-authenticated user sessions. PATs and GitHub Apps cannot see copilot-swe-agent as an assignable actor. This Worker holds an OAuth token and exposes a secure endpoint for GitHub Actions workflows to call.

Setup

1. Install Wrangler CLI

npm install -g wrangler

2. Login to Cloudflare

wrangler login

3. Install Dependencies

cd copilot-assigner-worker
npm install

4. Generate GitHub OAuth Token

You need a GitHub OAuth token from an authenticated user session. The easiest way:

Option A: Use gh auth token (if you have GitHub CLI installed and authenticated)

gh auth token

Option B: Device Flow (manual OAuth flow)

  1. Go to https://github.com/settings/tokens
  2. Create a new fine-grained token (or use OAuth App flow)
  3. But note: Fine-grained PATs may NOT work for Copilot assignment

Option C: Extract from gh CLI's OAuth token

# The gh CLI stores OAuth tokens that have full Copilot access
gh auth token

5. Set Worker Secrets

# Set your GitHub OAuth token
wrangler secret put GITHUB_OAUTH_TOKEN
# When prompted, paste your OAuth token

# Generate and set a webhook secret
openssl rand -hex 32
wrangler secret put WEBHOOK_SECRET
# When prompted, paste the generated secret

6. Deploy the Worker

npm run deploy

This will output your Worker URL like: https://copilot-assigner-worker.<your-subdomain>.workers.dev

7. Add Secrets to GitHub Repository

Add these secrets to your GitHub repository:

  • COPILOT_WORKER_URL: Your Worker URL (e.g., https://copilot-assigner-worker.xyz.workers.dev)
  • COPILOT_WORKER_SECRET: The same webhook secret you set in step 5

Usage

The Worker accepts POST requests with JSON body:

{
  "owner": "your-org",
  "repo": "your-repo",
  "issue_number": 123
}

Headers required:

  • Content-Type: application/json
  • X-Webhook-Secret: <your-webhook-secret>

Example cURL

curl -X POST https://copilot-assigner-worker.xyz.workers.dev \
  -H "Content-Type: application/json" \
  -H "X-Webhook-Secret: your-secret-here" \
  -d '{"owner": "your-org", "repo": "your-repo", "issue_number": 123}'

GitHub Actions Integration

Add this step to your workflow after creating the issue:

- name: Assign to Copilot via Worker
  run: |
    curl -X POST "${{ secrets.COPILOT_WORKER_URL }}" \
      -H "Content-Type: application/json" \
      -H "X-Webhook-Secret: ${{ secrets.COPILOT_WORKER_SECRET }}" \
      -d '{
        "owner": "${{ github.repository_owner }}",
        "repo": "${{ github.event.repository.name }}",
        "issue_number": ${{ steps.create_issue.outputs.issue_number }}
      }'

Local Development

npm run dev

This starts a local dev server. You'll need to set environment variables locally for testing.

Security Notes

  1. Webhook Secret: Always verify the X-Webhook-Secret header to prevent unauthorized requests
  2. OAuth Token: Keep your OAuth token secure - it has your GitHub permissions
  3. CORS: Worker doesn't allow browser requests (no CORS headers) - only server-to-server calls
  4. Rate Limiting: Consider adding rate limiting if you expect high volume

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages