feat(github-copilot): add embedding provider for memory search (#61718)

Merged via squash. Prepared head SHA: 05a78ce7f2 Co-authored-by: feiskyer <676637+feiskyer@users.noreply.github.com> Co-authored-by: vincentkoc <25068+vincentkoc@users.noreply.github.com> Reviewed-by: @vincentkoc
2026-05-06 11:50:43 +00:00 · 2026-04-15 17:39:28 +08:00
parent 7821fae05d
commit 88d3620a85
14 changed files with 1094 additions and 69 deletions
--- a/extensions/github-copilot/auth.ts
+++ b/extensions/github-copilot/auth.ts
@@ -0,0 +1,65 @@
+import type { OpenClawConfig } from "openclaw/plugin-sdk/config-runtime";
+import { resolveRequiredConfiguredSecretRefInputString } from "openclaw/plugin-sdk/config-runtime";
+import {
+  coerceSecretRef,
+  ensureAuthProfileStore,
+  listProfilesForProvider,
+} from "openclaw/plugin-sdk/provider-auth";
+import { PROVIDER_ID } from "./models.js";
+
+export async function resolveFirstGithubToken(params: {
+  agentDir?: string;
+  config?: OpenClawConfig;
+  env: NodeJS.ProcessEnv;
+}): Promise<{
+  githubToken: string;
+  hasProfile: boolean;
+}> {
+  const authStore = ensureAuthProfileStore(params.agentDir, {
+    allowKeychainPrompt: false,
+  });
+  const profileIds = listProfilesForProvider(authStore, PROVIDER_ID);
+  const hasProfile = profileIds.length > 0;
+  const envToken =
+    params.env.COPILOT_GITHUB_TOKEN ?? params.env.GH_TOKEN ?? params.env.GITHUB_TOKEN ?? "";
+  const githubToken = envToken.trim();
+  if (githubToken || !hasProfile) {
+    return { githubToken, hasProfile };
+  }
+
+  const profileId = profileIds[0];
+  const profile = profileId ? authStore.profiles[profileId] : undefined;
+  if (profile?.type !== "token") {
+    return { githubToken: "", hasProfile };
+  }
+  const directToken = profile.token?.trim() ?? "";
+  if (directToken) {
+    return { githubToken: directToken, hasProfile };
+  }
+  const tokenRef = coerceSecretRef(profile.tokenRef);
+  if (tokenRef?.source === "env" && tokenRef.id.trim()) {
+    return {
+      githubToken: (params.env[tokenRef.id] ?? process.env[tokenRef.id] ?? "").trim(),
+      hasProfile,
+    };
+  }
+
+  if (tokenRef && params.config) {
+    try {
+      const resolved = await resolveRequiredConfiguredSecretRefInputString({
+        config: params.config,
+        env: params.env,
+        value: profile.tokenRef,
+        path: `providers.github-copilot.authProfiles.${profileId ?? "default"}.tokenRef`,
+      });
+      return {
+        githubToken: resolved?.trim() ?? "",
+        hasProfile,
+      };
+    } catch {
+      return { githubToken: "", hasProfile };
+    }
+  }
+
+  return { githubToken: "", hasProfile };
+}