Skip to content

fix: auto-inject GH_HOST from GITHUB_SERVER_URL when --env-all is used #1452

Closed
#1453
Closed
fix: auto-inject GH_HOST from GITHUB_SERVER_URL when --env-all is used#1452
#1453
Assignees
lpcoxcopilot-swe-agent
@lpcox

Description

@lpcox
lpcox
opened on Mar 26, 2026

Problem

GH_HOST auto-injection from GITHUB_SERVER_URL is skipped when --env-all is active.

In src/docker-manager.ts (lines 566–606), extractGhHostFromServerUrl() only runs in the else branch — i.e., when --env-all is not used:

if (config.envAll) {
  // passes through host env vars, but does NOT auto-derive GH_HOST
  for (const [key, value] of Object.entries(process.env)) { ... }
} else {
  // ... selective pass-through ...

  // Auto-inject GH_HOST (only runs here!)
  const ghHost = extractGhHostFromServerUrl(process.env.GITHUB_SERVER_URL);
  if (ghHost) {
    environment.GH_HOST = ghHost;
  }
}

Since gh-aw always passes --env-all, GH_HOST is never auto-injected. If the host environment has GITHUB_SERVER_URL set (e.g., https://mycompany.ghe.com) but GH_HOST is not explicitly set, the gh CLI inside the container defaults to github.com.

Impact

On GHES/GHEC runners where GITHUB_SERVER_URL is set but GH_HOST is not in the environment, gh CLI commands inside the AWF sandbox target the wrong GitHub instance. This causes failures in workflows that use gh CLI for PR operations, issue management, etc.

Upstream report: github/gh-aw#23093

Fix

Move the GH_HOST auto-injection after the if/else block so it runs regardless of --env-all:

if (config.envAll) {
  for (const [key, value] of Object.entries(process.env)) { ... }
} else {
  // ... selective pass-through ...
}

// Auto-inject GH_HOST when GITHUB_SERVER_URL points to a GHES/GHEC instance
// This must be AFTER the env-all block so it runs in both paths, and uses
// conditional assignment so an explicit GH_HOST from env-all is not overwritten
const ghHost = extractGhHostFromServerUrl(process.env.GITHUB_SERVER_URL);
if (ghHost && !environment.GH_HOST) {
  environment.GH_HOST = ghHost;
  logger.debug(`Auto-injected GH_HOST=${ghHost} from GITHUB_SERVER_URL`);
}

The !environment.GH_HOST guard ensures that if the host already has GH_HOST set (and it was passed through via --env-all), the explicit value is preserved.

Testing

  • Existing unit tests for extractGhHostFromServerUrl cover the derivation logic
  • Integration tests in tests/integration/gh-host-injection.test.ts cover the container injection
  • Add a test case verifying auto-injection works when envAll: true and GH_HOST is NOT in the host environment (only GITHUB_SERVER_URL is set)

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions