Add --retry 3 with delay to curl downloads to handle transient 502s

[Copilot]

Public runners occasionally return 502s when downloading binaries (Copilot CLI, AWF), causing workflow failures. Both install scripts now use curl's built-in --retry and --retry-delay flags to retry up to 3 times with a 5-second delay between attempts.

Changes

• install_copilot_cli.sh — Added --retry 3 --retry-delay 5 to checksums and tarball downloads
• install_awf_binary.sh — Added --retry 3 --retry-delay 5 to checksums, Linux binary, and macOS binary downloads

# Before
curl -fsSL -o "${TEMP_DIR}/SHA256SUMS.txt" "${CHECKSUMS_URL}"

# After
curl -fsSL --retry 3 --retry-delay 5 -o "${TEMP_DIR}/SHA256SUMS.txt" "${CHECKSUMS_URL}"

install-gh-aw.sh and actions/setup-cli/install.sh already implement manual retry loops and are unchanged.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Retry downloads automatically</issue_title>
<issue_description>Im seeing occasional 502s using public runners when downloading various binaries like the copilot cli, awf binary, etc

It would be nice if we just automatically retried downloads maybe 3 times before calling it quits</issue_description>

Comments on the Issue (you are @copilot in this section)

@pelikhan Add 3 retry to download copilot cli (us curl arguments)

• Fixes Retry downloads automatically #17839

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

---

Changeset

• Type: patch
• Description: Added curl retry flags to the installer scripts so transient 502s during downloads automatically retry.

Generated by Changeset Generator for issue #17841

Warning

⚠️ Firewall blocked 2 domains

The following domains were blocked by the firewall during workflow execution:

• codeload.github.com
• github.com

---

---

✨ PR Review Safe Output Test - Run 22296099308

💥 [THE END] — Illustrated by Smoke Claude

[pelikhan]

@copilot usual exponential backup delays between releases

[Copilot]

@copilot usual exponential backup delays between releases

Done in 51dbc49. Replaced --retry 3 with a curl_with_retry helper function in both scripts that implements exponential backoff: first retry waits 5s, second waits 10s (doubles each time), matching the pattern already used in install-gh-aw.sh.

[pelikhan]

@copilot use builtin retry support in curl instead of function

[Copilot]

@copilot use builtin retry support in curl instead of function

Done in 55db7c3. Removed the curl_with_retry helper function and replaced all calls with curl -fsSL --retry 3 --retry-delay 5 directly.

[github-actions]

📰 BREAKING: Smoke Copilot is now investigating this pull request. Sources say the story is developing...

[github-actions]

✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟

[github-actions]

🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨

[github-actions]

🤖 Smoke test results for @pelikhan and @Copilot:

Test	Status
GitHub MCP	✅

Overall: PASS (10/12 — Serena & Playwright MCP tools unavailable)

📰 BREAKING: Report filed by Smoke Copilot

[github-actions]

Simple, targeted fix for transient 502s. The retry flags are applied consistently across both install scripts. Minor suggestion: consider --retry-connrefused for broader coverage.

📰 BREAKING: Report filed by Smoke Copilot

[github-actions]

The --retry-delay 5 adds up to ~15s extra time on a fully failing download. This is a reasonable tradeoff for reliability. The flags are consistent across both scripts. ✅

[github-actions]

Smoke Test Results

PR titles: feat(release): celebrate community issue authors in release highlights; fix(duplicate-code-detector): require noop when no duplication found
GitHub MCP (2 merged PR titles) ✅
Serena activate + find_symbol ✅
Playwright page title ❌ (tool unavailable)
Web-fetch GitHub ✅
File write + cat ✅
Build gh-aw ✅
Overall: FAIL

🔮 The oracle has spoken through Smoke Codex

[github-actions]

📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤

[github-actions]

✅ Commit pushed: e3d1f0c

[github-actions]

💥 Automated smoke test review - all systems nominal!

💥 [THE END] — Illustrated by Smoke Claude

[Copilot]

Pull request overview

This PR adds curl retry flags to installer scripts to handle transient 502 Bad Gateway errors that occasionally occur when downloading binaries on public runners. The changes add --retry 3 --retry-delay 5 flags to all curl download commands in two installer scripts.

Changes:

• Added retry flags to curl commands in install_copilot_cli.sh for checksums and tarball downloads
• Added retry flags to curl commands in install_awf_binary.sh for checksums and binary downloads across Linux and macOS
• Added changeset documentation for the patch

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
actions/setup/sh/install_copilot_cli.sh	Added --retry 3 --retry-delay 5 to 2 curl commands (checksums and tarball downloads)
actions/setup/sh/install_awf_binary.sh	Added --retry 3 --retry-delay 5 to 3 curl commands (checksums, Linux binary, and macOS binary downloads)
.changeset/patch-retry-downloads.md	Added changeset documentation describing the retry functionality

Comments suppressed due to low confidence (3)

actions/setup/sh/install_copilot_cli.sh:94

• The --retry flag by default only retries on transient network errors (connection failures, timeouts) but does NOT retry on HTTP error codes like 502 Bad Gateway. To retry on HTTP errors, you need to add the --retry-all-errors flag. The curl command should be:

curl -fsSL --retry 3 --retry-delay 5 --retry-all-errors -o "${TEMP_DIR}/${TARBALL_NAME}" "${TARBALL_URL}"

Note: --retry-all-errors was added in curl 7.71.0 (June 2020). If backward compatibility with older curl versions is a concern, you may need to check the curl version first or implement manual retry logic instead.

curl -fsSL --retry 3 --retry-delay 5 -o "${TEMP_DIR}/${TARBALL_NAME}" "${TARBALL_URL}"

actions/setup/sh/install_awf_binary.sh:102

• The --retry flag by default only retries on transient network errors (connection failures, timeouts) but does NOT retry on HTTP error codes like 502 Bad Gateway. To retry on HTTP errors, you need to add the --retry-all-errors flag. The curl command should be:

curl -fsSL --retry 3 --retry-delay 5 --retry-all-errors -o "${TEMP_DIR}/${awf_binary}" "${binary_url}"

Note: --retry-all-errors was added in curl 7.71.0 (June 2020). If backward compatibility with older curl versions is a concern, you may need to check the curl version first or implement manual retry logic instead.

  curl -fsSL --retry 3 --retry-delay 5 -o "${TEMP_DIR}/${awf_binary}" "${binary_url}"

actions/setup/sh/install_awf_binary.sh:127

• The --retry flag by default only retries on transient network errors (connection failures, timeouts) but does NOT retry on HTTP error codes like 502 Bad Gateway. To retry on HTTP errors, you need to add the --retry-all-errors flag. The curl command should be:

curl -fsSL --retry 3 --retry-delay 5 --retry-all-errors -o "${TEMP_DIR}/${awf_binary}" "${binary_url}"

Note: --retry-all-errors was added in curl 7.71.0 (June 2020). If backward compatibility with older curl versions is a concern, you may need to check the curl version first or implement manual retry logic instead.

  curl -fsSL --retry 3 --retry-delay 5 -o "${TEMP_DIR}/${awf_binary}" "${binary_url}"

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The --retry flag by default only retries on transient network errors (connection failures, timeouts) but does NOT retry on HTTP error codes like 502 Bad Gateway. To retry on HTTP errors, you need to add the --retry-all-errors flag. The curl command should be:

curl -fsSL --retry 3 --retry-delay 5 --retry-all-errors -o "${TEMP_DIR}/SHA256SUMS.txt" "${CHECKSUMS_URL}"

Note: --retry-all-errors was added in curl 7.71.0 (June 2020). If backward compatibility with older curl versions is a concern, you may need to check the curl version first or implement manual retry logic instead.

This issue also appears on line 94 of the same file.

See below for a potential fix:

curl -fsSL --retry 3 --retry-delay 5 --retry-all-errors -o "${TEMP_DIR}/SHA256SUMS.txt" "${CHECKSUMS_URL}"

# Download binary tarball
echo "Downloading binary from ${TARBALL_URL}..."
curl -fsSL --retry 3 --retry-delay 5 --retry-all-errors -o "${TEMP_DIR}/${TARBALL_NAME}" "${TARBALL_URL}"

[Copilot]

The --retry flag by default only retries on transient network errors (connection failures, timeouts) but does NOT retry on HTTP error codes like 502 Bad Gateway. To retry on HTTP errors, you need to add the --retry-all-errors flag. The curl command should be:

curl -fsSL --retry 3 --retry-delay 5 --retry-all-errors -o "${TEMP_DIR}/checksums.txt" "${CHECKSUMS_URL}"

Note: --retry-all-errors was added in curl 7.71.0 (June 2020). If backward compatibility with older curl versions is a concern, you may need to check the curl version first or implement manual retry logic instead.

This issue also appears in the following locations of the same file:

• line 102
• line 127

Suggested change

	curl -fsSL --retry 3 --retry-delay 5 -o "${TEMP_DIR}/checksums.txt" "${CHECKSUMS_URL}"
	curl -fsSL --retry 3 --retry-delay 5 --retry-all-errors -o "${TEMP_DIR}/checksums.txt" "${CHECKSUMS_URL}"