Add --codespaces flag to init command for devcontainer generation with additional repository support #5966

Copilot · 2025-12-09T16:14:42Z

Add --codespaces flag to init command for devcontainer generation with additional repository support

Summary

Adds --codespaces flag to gh aw init for generating devcontainer.json configured for agentic workflows in GitHub Codespaces.

Changes

New flag: gh aw init --codespaces creates .devcontainer/gh-aw/devcontainer.json (in subfolder to avoid conflicts with existing devcontainer configurations)
Flexible syntax: Flag supports three usage patterns:
- --codespaces - Current repo only (no value needed)
- --codespaces repo - Current repo + single additional repo
- --codespaces repo,repo2 - Current repo + comma-separated list of additional repos
Simplified syntax: Owner is automatically extracted from git remote and prepended to repository names
Backward compatible: Full owner/repo format supported, but owner must match current repo's organization
Validation: Returns error if specified owner doesn't match current repo's owner
Configuration: Universal image with proper permissions following GitHub Codespaces documentation
- Current repo: actions:write, contents:write, discussions:read, issues:read, pull-requests:write, workflows:write
- Additional repos: actions:read, contents:read, discussions:read, issues:read, pull-requests:read, workflows:read
- Note: Permissions can only be set for repositories in the same organization
Setup: postCreateCommand installs gh-aw CLI and @github/copilot globally
Extensions: Preconfigures GitHub.copilot and GitHub.copilot-chat VSCode extensions
Build integration: Added to Makefile recompile target to automatically generate devcontainer during build process

Implementation

pkg/cli/devcontainer.go: Core logic for devcontainer.json generation with support for additional repositories, includes documentation references, automatic owner extraction from git remote, and owner validation
pkg/cli/init_command.go: String flag with NoOptDefVal for optional value support
pkg/cli/init.go: Integration into InitRepository flow with codespaceEnabled boolean
Makefile: Uses --codespaces in recompile target to generate devcontainer during build
Tests cover idempotency, permission configuration, extension setup, additional repository handling, owner validation, and all usage patterns
File location: .devcontainer/gh-aw/devcontainer.json to prevent overriding existing devcontainer configurations

Usage

# Basic usage - creates devcontainer with current repo only
gh aw init --codespaces

# With single additional repository (owner automatically prepended from git remote)
gh aw init --codespaces repo1

# With multiple repositories (comma-separated)
gh aw init --codespaces repo1,repo2

# Backward compatible: full owner/repo format works if owner matches
gh aw init --codespaces myorg/repo1,myorg/repo2

# Validation: Error if owner doesn't match
gh aw init --codespaces otherorg/repo1  # Error: not in same organization

Build Integration

The make recompile target now includes the --codespaces flag:

recompile: sync-templates build
	./$(BINARY_NAME) init --codespaces
	./$(BINARY_NAME) compile --validate --verbose --purge

This ensures that .devcontainer/gh-aw/devcontainer.json is automatically created during the build process with permissions configured for the current repository.

Generated devcontainer.json

Location: .devcontainer/gh-aw/devcontainer.json

{
  "name": "Agentic Workflows Development",
  "image": "mcr.microsoft.com/devcontainers/universal:latest",
  "customizations": {
    "codespaces": {
      "repositories": {
        "myorg/myrepo": { 
          "permissions": { 
            "actions": "write",
            "contents": "write",
            "discussions": "read",
            "issues": "read",
            "pull-requests": "write",
            "workflows": "write" 
          } 
        },
        "myorg/repo1": { 
          "permissions": { 
            "actions": "read",
            "contents": "read",
            "discussions": "read",
            "issues": "read",
            "pull-requests": "read",
            "workflows": "read"
          } 
        },
        "myorg/repo2": { 
          "permissions": { 
            "actions": "read",
            "contents": "read",
            "discussions": "read",
            "issues": "read",
            "pull-requests": "read",
            "workflows": "read"
          } 
        }
      }
    }
  },
  "postCreateCommand": "curl -fsSL https://raw.githubusercontent.com/githubnext/gh-aw/refs/heads/main/install-gh-aw.sh | bash && npm install -g @github/copilot"
}

Permissions Reference

Permissions are configured according to GitHub Codespaces documentation:

Current repository: Receives standard codespace write access (actions:write, contents:write, pull-requests:write) plus workflows:write to enable triggering GitHub Actions, plus read access for issues and discussions
Additional repositories: Receive standard codespace read access for all configured permissions (actions, contents, discussions, issues, pull-requests, workflows)
Note: Repository permissions can only be set for repositories in the same organization as the codespace repository. The command validates this constraint and returns an error if violated.

Original prompt

Add a "--codespace" flag to "init" command that creates a custom devcontainer.json file for agentic workflows in the project.

uses universal image

configures permissions to allow workflows: write so that actions can be triggers

read access to githubnext/gh-aw releases

pre install "gh aw" extension cli

pre install @github/copilot

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

pelikhan · 2025-12-09T16:27:42Z

@copilot the codespaces flag takes a list of additional repository specs for which read permissions will be given

- Added --codespace flag to init command - Created ensureDevcontainerConfig function in pkg/cli/devcontainer.go - Generates devcontainer.json with universal image - Configures workflows: write permission for current repo - Adds read access to githubnext/gh-aw releases - Pre-installs gh aw extension CLI and @github/copilot via postCreateCommand - Updated InitRepository function to support codespace parameter - Added comprehensive unit tests for devcontainer functionality - Updated existing init tests to include new codespace parameter Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

All tests pass, linting and formatting complete Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

pelikhan · 2025-12-09T16:49:27Z

@copilot the permissions for the current repo should be : all the default codespaces permissions + workspace: write

- Changed --codespace from boolean to StringSlice flag - Flag now accepts comma-separated list of repository specs - Additional repositories get contents: read permissions - Updated help text and examples to show usage - Updated InitRepository signature to accept []string instead of bool - Updated ensureDevcontainerConfig to process additional repos - Added new test for additional repository configuration - Updated all existing tests to match new signature Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot · 2025-12-09T16:56:13Z

@copilot the codespaces flag takes a list of additional repository specs for which read permissions will be given

Updated! The --codespace flag now accepts a comma-separated list of repository specs for read access. Usage: gh aw init --codespace owner/repo1,owner/repo2. All specified repositories will receive contents: read permissions in the generated devcontainer.json. Commit: 2d20e01

pelikhan · 2025-12-09T16:59:48Z

@copilot the other repos should have default codespace permissions but readonly + workflow read

- Current repo now gets contents:write, pull-requests:write, workflows:write - Previously only had workflows:write - Updated help text to reflect default Codespaces permissions - All tests passing Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot · 2025-12-09T17:03:59Z

@copilot the permissions for the current repo should be : all the default codespaces permissions + workspace: write

Updated! The current repository now receives default Codespaces permissions (contents:write, pull-requests:write) plus workflows:write. Previously it only had workflows:write. Commit: ce22062

- Additional repos now get contents:read, pull-requests:read, workflows:read - Previously only had contents:read - Updated help text to reflect default Codespaces read permissions - All tests passing Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot · 2025-12-09T17:10:48Z

@copilot the other repos should have default codespace permissions but readonly + workflow read

Updated! Additional repositories now receive default Codespaces read permissions (contents:read, pull-requests:read) plus workflows:read. Previously they only had contents:read. Commit: 3cb6f9b

pelikhan · 2025-12-09T17:21:12Z

@copilot the command must create a devcontainer.json ina non-default location (subfolder) so that it does not override any existing devcontainer.json

- Changed location from .devcontainer/devcontainer.json to .devcontainer/gh-aw/devcontainer.json - This prevents overriding existing devcontainer configurations - Updated help text and success messages to reflect new location - Updated all tests to check new path - All tests passing Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot · 2025-12-09T17:27:49Z

@copilot the command must create a devcontainer.json ina non-default location (subfolder) so that it does not override any existing devcontainer.json

Updated! The devcontainer.json is now created at .devcontainer/gh-aw/devcontainer.json instead of .devcontainer/devcontainer.json. This subfolder approach prevents overriding any existing devcontainer configurations. Verified with tests that show the original devcontainer.json is preserved when present. Commit: c6339fa

pelikhan · 2025-12-09T18:34:16Z

@copilot also give actions:write to current repo

- Changed actions permission from read to write for current repository - Current repo now has: actions:write, contents:write, discussions:read, issues:read, pull-requests:write, workflows:write - Additional repos still have: actions:read, contents:read, discussions:read, issues:read, pull-requests:read, workflows:read - Updated help text to reflect actions:write - All tests passing Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot · 2025-12-09T18:39:46Z

@copilot also give actions:write to current repo

Added! Current repository now has actions:write permission. Full permissions for current repo: actions:write, contents:write, discussions:read, issues:read, pull-requests:write, workflows:write. Commit: 0fdc94d

pelikhan · 2025-12-09T18:43:55Z

@copilot if the user gives an org, validate it is the same org as the current repo

# Backward compatible: full owner/repo format still works
gh aw init --codespaces owner/repo1,owner/repo2

- Validates that when full owner/repo format is used, the owner matches current repo - Returns error if repository is from different organization - Maintains backward compatibility with full owner/repo syntax when owner matches - Added test TestEnsureDevcontainerConfigWithOwnerValidation - All tests passing Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot · 2025-12-09T18:50:33Z

@copilot if the user gives an org, validate it is the same org as the current repo

...

Added validation! When using full owner/repo format, the command now validates that the owner matches the current repository's owner. Returns error: repository 'otherorg/repo1' is not in the same organization as the current repository (expected owner: 'myorg') if validation fails. Added test coverage. Commit: 7edb484

pelikhan · 2025-12-09T19:02:03Z

@copilot add the --codespace flag on the init command that gets run as part of the project build.

- Updated Makefile recompile target to include --codespaces flag - Uses --codespaces , to create devcontainer with current repo only - This ensures devcontainer.json is created during build process - All tests passing Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot · 2025-12-09T19:12:54Z

@copilot add the --codespace flag on the init command that gets run as part of the project build.

Added! The make recompile target now includes --codespaces , flag, which creates .devcontainer/gh-aw/devcontainer.json with permissions configured for the current repository during the build process. The comma syntax triggers devcontainer creation with no additional repositories beyond the current one. Commit: e100cdd

pelikhan · 2025-12-09T19:14:28Z

Makefile

 .PHONY: recompile
 recompile: sync-templates build
-	./$(BINARY_NAME) init
+	./$(BINARY_NAME) init --codespaces ,


@copilot add support for no argument with --codespaces which means "current repo only"

Implemented! The --codespaces flag now supports being used without arguments for current repo only. Use --codespaces= (with equals sign but no value) to create devcontainer with just the current repository. The Makefile has been updated to use this syntax. Commit: b217ad1

- Changed --codespaces from StringSlice to String flag with NoOptDefVal - Flag now works with --codespaces= (no value) to create devcontainer for current repo only - Updated Makefile to use --codespaces= instead of --codespaces , - Added support for comma-separated repo names: --codespaces=repo1,repo2 - Updated help text and examples to show new syntax - Added test TestInitCommandWithCodespacesNoArgs - All tests passing Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

pelikhan · 2025-12-09T19:42:42Z

@copilot Flag syntax should be:

--codespaces
--codespaces repo
--codespaces repo,repo2

- Changed syntax to support: --codespaces, --codespaces repo, --codespaces repo,repo2 - Uses NoOptDefVal with space to allow flag without value - Trims spaces from repo string to handle NoOptDefVal marker - Updated Makefile to use --codespaces instead of --codespaces= - Updated help text and examples - Updated tests to verify NoOptDefVal is set correctly - All three syntaxes tested and working Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot · 2025-12-09T19:54:05Z

@copilot Flag syntax should be:

--codespaces...

Updated! The flag now supports all three syntax patterns:

--codespaces (current repo only)
--codespaces repo (space-separated, single repo)
--codespaces repo,repo2 (comma-separated list)

The Makefile now uses --codespaces instead of --codespaces=. All tests passing. Commit: 873d0ee

Initial plan

aa45f9e

Copilot AI assigned Copilot and pelikhan Dec 9, 2025

Copilot started work on behalf of pelikhan December 9, 2025 16:15 View session

Initial plan for --codespace flag implementation

af82e17

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot AI and others added 2 commits December 9, 2025 16:32

Complete implementation with validation

c6cc88b

All tests pass, linting and formatting complete Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot AI changed the title ~~[WIP] Add --codespace flag to init command for devcontainer setup~~ Add --codespace flag to init command for devcontainer generation Dec 9, 2025

Copilot AI requested a review from pelikhan December 9, 2025 16:42

Copilot finished work on behalf of pelikhan December 9, 2025 16:42

Copilot started work on behalf of pelikhan December 9, 2025 16:43 View session

Copilot AI changed the title ~~Add --codespace flag to init command for devcontainer generation~~ Add --codespace flag to init command for devcontainer generation with additional repository support Dec 9, 2025

Copilot finished work on behalf of pelikhan December 9, 2025 16:58

Copilot started work on behalf of pelikhan December 9, 2025 16:58 View session

Copilot finished work on behalf of pelikhan December 9, 2025 17:05

Copilot started work on behalf of pelikhan December 9, 2025 17:06 View session

Copilot finished work on behalf of pelikhan December 9, 2025 17:13

Copilot started work on behalf of pelikhan December 9, 2025 17:21 View session

Copilot started work on behalf of pelikhan December 9, 2025 18:34 View session

Copilot finished work on behalf of pelikhan December 9, 2025 18:41

Copilot started work on behalf of pelikhan December 9, 2025 18:44 View session

Copilot finished work on behalf of pelikhan December 9, 2025 18:52

Copilot started work on behalf of pelikhan December 9, 2025 19:02 View session

pelikhan reviewed Dec 9, 2025

View reviewed changes

Copilot AI requested a review from pelikhan December 9, 2025 19:15

Copilot finished work on behalf of pelikhan December 9, 2025 19:15

Copilot started work on behalf of pelikhan December 9, 2025 19:15 View session

Copilot finished work on behalf of pelikhan December 9, 2025 19:30

Copilot started work on behalf of pelikhan December 9, 2025 19:43 View session

pelikhan merged commit 0bc2a46 into main Dec 9, 2025
5 checks passed

pelikhan deleted the copilot/add-codespace-flag-init-command branch December 9, 2025 19:56

Copilot AI restored the copilot/add-codespace-flag-init-command branch December 9, 2025 19:56

Copilot stopped work on behalf of pelikhan due to an error December 9, 2025 19:56
Copilot has encountered an error. See logs for additional details.

pelikhan deleted the copilot/add-codespace-flag-init-command branch December 15, 2025 04:50

github-actions bot mentioned this pull request Dec 15, 2025

Claude Engine Smoke Test Results - Run 20222375357 #6472

Closed

Add --codespaces flag to init command for devcontainer generation with additional repository support #5966

Add --codespaces flag to init command for devcontainer generation with additional repository support #5966

Uh oh!

Conversation

Copilot AI commented Dec 9, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!