feat(github-copilot): add embedding provider for memory search (#61718)

Merged via squash. Prepared head SHA: 05a78ce7f2 Co-authored-by: feiskyer <676637+feiskyer@users.noreply.github.com> Co-authored-by: vincentkoc <25068+vincentkoc@users.noreply.github.com> Reviewed-by: @vincentkoc
2026-05-06 10:00:42 +00:00 · 2026-04-15 17:39:28 +08:00
parent 7821fae05d
commit 88d3620a85
14 changed files with 1094 additions and 69 deletions
--- a/extensions/github-copilot/auth.test.ts
+++ b/extensions/github-copilot/auth.test.ts
@@ -0,0 +1,96 @@
+import { afterEach, beforeEach, describe, expect, it, vi } from "vitest";
+
+const ensureAuthProfileStoreMock = vi.hoisted(() => vi.fn());
+const listProfilesForProviderMock = vi.hoisted(() => vi.fn());
+const coerceSecretRefMock = vi.hoisted(() => vi.fn());
+const resolveRequiredConfiguredSecretRefInputStringMock = vi.hoisted(() => vi.fn());
+
+vi.mock("openclaw/plugin-sdk/provider-auth", () => ({
+  coerceSecretRef: coerceSecretRefMock,
+  ensureAuthProfileStore: ensureAuthProfileStoreMock,
+  listProfilesForProvider: listProfilesForProviderMock,
+}));
+
+vi.mock("openclaw/plugin-sdk/config-runtime", () => ({
+  resolveRequiredConfiguredSecretRefInputString: resolveRequiredConfiguredSecretRefInputStringMock,
+}));
+
+import { resolveFirstGithubToken } from "./auth.js";
+
+describe("resolveFirstGithubToken", () => {
+  beforeEach(() => {
+    ensureAuthProfileStoreMock.mockReturnValue({
+      profiles: {
+        "github-copilot:github": {
+          type: "token",
+          tokenRef: { source: "file", provider: "default", id: "/providers/github-copilot/token" },
+        },
+      },
+    });
+    listProfilesForProviderMock.mockReturnValue(["github-copilot:github"]);
+    coerceSecretRefMock.mockReturnValue({
+      source: "file",
+      provider: "default",
+      id: "/providers/github-copilot/token",
+    });
+    resolveRequiredConfiguredSecretRefInputStringMock.mockResolvedValue("resolved-profile-token");
+  });
+
+  afterEach(() => {
+    vi.restoreAllMocks();
+    ensureAuthProfileStoreMock.mockReset();
+    listProfilesForProviderMock.mockReset();
+    coerceSecretRefMock.mockReset();
+    resolveRequiredConfiguredSecretRefInputStringMock.mockReset();
+  });
+
+  it("prefers env tokens when available", async () => {
+    const result = await resolveFirstGithubToken({
+      env: { GH_TOKEN: "env-token" } as NodeJS.ProcessEnv,
+    });
+
+    expect(result).toEqual({
+      githubToken: "env-token",
+      hasProfile: true,
+    });
+    expect(resolveRequiredConfiguredSecretRefInputStringMock).not.toHaveBeenCalled();
+  });
+
+  it("returns direct profile tokens before resolving SecretRefs", async () => {
+    ensureAuthProfileStoreMock.mockReturnValue({
+      profiles: {
+        "github-copilot:github": {
+          type: "token",
+          token: "profile-token",
+        },
+      },
+    });
+    coerceSecretRefMock.mockReturnValue(null);
+
+    const result = await resolveFirstGithubToken({
+      env: {} as NodeJS.ProcessEnv,
+    });
+
+    expect(result).toEqual({
+      githubToken: "profile-token",
+      hasProfile: true,
+    });
+  });
+
+  it("resolves non-env SecretRefs when config is available", async () => {
+    const result = await resolveFirstGithubToken({
+      config: { secrets: { defaults: { provider: "default" } } } as never,
+      env: {} as NodeJS.ProcessEnv,
+    });
+
+    expect(result).toEqual({
+      githubToken: "resolved-profile-token",
+      hasProfile: true,
+    });
+    expect(resolveRequiredConfiguredSecretRefInputStringMock).toHaveBeenCalledWith(
+      expect.objectContaining({
+        path: "providers.github-copilot.authProfiles.github-copilot:github.tokenRef",
+      }),
+    );
+  });
+});