feat: enhance GitHub authentication handling in Copilot module

- Added support for optional GitHub external authentication using the `coder_external_auth` data source.
- Updated README to clarify the authentication methods available.
- Simplified the start script to automatically handle GitHub authentication without prompting the user.

This improves the user experience by streamlining the authentication process.

Author: DevelopmentCats

registry/coder-labs/modules/copilot/README.md

@@ -165,7 +165,7 @@ module "copilot" {
 
 The module supports multiple authentication methods (in priority order):
 
-1. **[Coder External Auth](https://coder.com/docs/admin/external-auth) (Recommended)** - Automatic if GitHub external auth is configured in Coder
+1. **[Coder External Auth](https://coder.com/docs/admin/external-auth) (Recommended)** - Automatic if GitHub external auth is configured in Coder with the ID github, otherwise you can change it
 2. **Direct Token** - Pass `github_token` variable (OAuth or Personal Access Token)
 3. **Interactive** - Copilot prompts for login via `/login` command if no auth found
 

registry/coder-labs/modules/copilot/main.tf

@@ -190,6 +190,11 @@ variable "post_install_script" {
 data "coder_workspace" "me" {}
 data "coder_workspace_owner" "me" {}
 
+data "coder_external_auth" "github" {
+  id       = var.external_auth_id
+  optional = true
+}
+
 locals {
   workdir         = trimsuffix(var.workdir, "/")
   app_slug        = "copilot"
@@ -230,13 +235,6 @@ resource "coder_env" "copilot_model" {
   value    = var.copilot_model
 }
 
-resource "coder_env" "github_token" {
-  count    = var.github_token != "" ? 1 : 0
-  agent_id = var.agent_id
-  name     = "GITHUB_TOKEN"
-  value    = var.github_token
-}
-
 module "agentapi" {
   source  = "registry.coder.com/coder/agentapi/coder"
   version = "1.1.1"
@@ -265,6 +263,7 @@ module "agentapi" {
     echo -n '${base64encode(local.start_script)}' | base64 -d > /tmp/start.sh
     chmod +x /tmp/start.sh
     
+    GITHUB_TOKEN='${var.github_token != "" ? var.github_token : data.coder_external_auth.github.access_token}' \
     ARG_WORKDIR='${local.workdir}' \
     ARG_AI_PROMPT='${base64encode(var.ai_prompt)}' \
     ARG_SYSTEM_PROMPT='${base64encode(var.system_prompt)}' \

registry/coder-labs/modules/copilot/scripts/start.sh

@@ -98,30 +98,11 @@ setup_github_authentication() {
 
   if [ -n "${GITHUB_TOKEN:-}" ]; then
     export GH_TOKEN="$GITHUB_TOKEN"
-    echo "✓ Using GitHub token from module configuration"
+    echo "✓ GitHub token configured"
     return 0
   fi
 
-  if command_exists coder; then
-    local github_token
-    if github_token=$(coder external-auth access-token "${ARG_EXTERNAL_AUTH_ID:-github}" 2> /dev/null); then
-      if [ -n "$github_token" ] && [ "$github_token" != "null" ]; then
-        export GITHUB_TOKEN="$github_token"
-        export GH_TOKEN="$github_token"
-        echo "✓ Using Coder external auth OAuth token"
-        return 0
-      fi
-    fi
-  fi
-
-  if command_exists gh && gh auth status > /dev/null 2>&1; then
-    echo "✓ Using GitHub CLI OAuth authentication"
-    return 0
-  fi
-
-  echo "⚠ No GitHub authentication available"
-  echo "  Copilot will prompt for login during first use"
-  echo "  Use the '/login' command in Copilot to authenticate"
+  echo "✓ Copilot will handle authentication automatically"
   return 0
 }