amqp-client.js icon indicating copy to clipboard operation
amqp-client.js copied to clipboard
verified publisher icon cloudamqp

Add GitHub Copilot Coding Agent setup configuration to resolve firewall blocking issues

Open Copilot opened this issue 5 months ago • 0 comments

This PR resolves firewall blocking issues that prevent GitHub Copilot Coding Agent from accessing external URLs like esm.ubuntu.com during CI operations.

Problem

The Copilot agent was encountering firewall blocks when trying to access:

  • Ubuntu package repositories (esm.ubuntu.com)
  • npm registry and Node.js dependencies
  • Homebrew formulae and system packages
  • Docker registries and other development dependencies

This resulted in setup failures and warnings about blocked network access.

Solution

Added comprehensive configuration to pre-install dependencies and document required allowlist entries:

1. Setup Steps Configuration (.github/copilot/setup-steps.yml)

  • Pre-installs system packages before firewall restrictions are applied
  • Configures Homebrew and installs mkcert for SSL certificate generation
  • Sets up Node.js environment and installs npm dependencies
  • Creates SSL certificates and RabbitMQ configuration files
  • Starts Docker Compose services
  • Installs Playwright browsers for testing

2. Comprehensive Allowlist Documentation (.github/copilot/ALLOWLIST.md)

Documents all URLs/hosts that should be added to the Copilot agent's firewall allowlist:

  • Ubuntu repositories (esm.ubuntu.com, security.ubuntu.com, archive.ubuntu.com)
  • Node.js ecosystem (registry.npmjs.org, nodejs.org)
  • GitHub dependencies (github.com, raw.githubusercontent.com, api.github.com)
  • Homebrew (formulae.brew.sh, ghcr.io)
  • Docker registries (docker.io, registry-1.docker.io)
  • Certificate authorities and CDNs

3. Documentation Update

Added development section to README explaining the Copilot agent configuration and its purpose.

Benefits

  • Prevents firewall blocking errors during agent execution
  • Pre-configures environment before restrictions are applied
  • Provides clear guidance for repository admins on allowlist configuration
  • Maintains all existing functionality while enabling full Copilot agent support

All changes are minimal and focused specifically on resolving the firewall access issues without affecting the existing codebase or CI workflows.

Fixes #159.

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Copilot avatar Sep 09 '25 11:09 Copilot