fix(openai): send Copilot-Integration-Id header for github-copilot#2475
Merged
dgageot merged 2 commits intodocker:mainfrom Apr 27, 2026
Merged
Conversation
gtardif
previously approved these changes
Apr 23, 2026
GitHub Copilot's API (https://api.githubcopilot.com) rejects requests that don't carry a `Copilot-Integration-Id` header with a `Bad Request` error, making the built-in `github-copilot` provider unusable out of the box. This change: - Adds a generic `provider_opts.http_headers` escape hatch on OpenAI-compatible providers for injecting custom HTTP headers, applied to both the HTTP/SSE and WebSocket transport paths. - Automatically sets `Copilot-Integration-Id: vscode-chat` when the provider is `github-copilot` and the user has not overridden it (header names are compared case-insensitively via `http.CanonicalHeaderKey`). - Sanitizes header values to strip CR/LF characters, preventing header injection via malicious YAML config (RFC 7230 §3.2). - Documents the new option in a dedicated provider page, the providers overview, the Model Configuration reference, the agent schema, and the `examples/github-copilot.yaml` example. Unit tests cover parsing, case-insensitive override, default injection, sanitization, and an end-to-end assertion using an `httptest.Server` to verify the headers actually reach the wire. Fixes docker#2471 Assisted-By: docker-agent
Issue docker#2471 reporter confirmed that the previous default 'vscode-chat' is rejected by the GitHub Copilot API when authenticating with a Personal Access Token (the most common docker-agent setup). 'copilot-developer-cli' is accepted for both OAuth tokens and PATs, so it makes the github-copilot provider usable out of the box without any extra configuration. This also fixes interactive sessions where switching between copilot models would otherwise hit Bad Request responses on every freshly-instantiated client. Users who need a different integration id can still override it via provider_opts.http_headers (the override path is unchanged). Assisted-By: docker-agent
dgageot
force-pushed
the
board/fix-for-docker-agent-github-issue-2471-1ee6aaca
branch
from
ace3d13 to
1dd99e4
Compare
gtardif
approved these changes
Apr 27, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes #2471. The built-in
github-copilotprovider was unusable becausehttps://api.githubcopilot.comrejects requests without aCopilot-Integration-Idheader (Bad Request). This PR adds the missing header and introduces a generic escape hatch for setting custom headers on any OpenAI-compatible provider.Changes
Feature
provider_opts.http_headers— new map of string→string for setting custom HTTP headers on any OpenAI-compatible provider. Applied to both the HTTP/SSE path and the WebSocket transport (Responses API) so behavior is consistent.github-copilotdefault — when the user hasn't set one,Copilot-Integration-Id: vscode-chatis automatically injected. Header names are compared case-insensitively viahttp.CanonicalHeaderKey, so a user-provided header (in any casing) wins.Security
Docs
docs/providers/github-copilot/index.mdpage (setup, config, models, default header, override).docs/_data/nav.ymlanddocs/providers/overview/index.mdupdated to surface GitHub Copilot.docs/configuration/models/index.md.agent-schema.jsonmentionshttp_headersin theprovider_optsdescription.examples/github-copilot.yamldocuments the override.Usage
Out-of-the-box (header injected automatically):
```yaml
models:
copilot:
provider: github-copilot
model: gpt-4o
```
With an override (e.g. a different integration id for an enterprise):
```yaml
models:
copilot:
provider: github-copilot
model: gpt-4o
provider_opts:
http_headers:
Copilot-Integration-Id: my-custom-integration
```
Tests
Unit tests cover:
Validation
Fixes #2471
Assisted-By: docker-agent