examples(mcp.proxy): swap github upstream to api.githubcopilot.com over TLS

Drops the local github-mcp-server docker service in favor of GitHub's
public Streamable HTTP endpoint at https://api.githubcopilot.com/mcp/.
Adds a dedicated http→tls→tcp chain for the github route (TLS sni
api.githubcopilot.com, trustcacerts for public CA verification, ALPN
http/1.1, TCP 443). The everything and time routes keep their existing
plain http→tcp path unchanged.

Auth-challenge pass-through still works: an unauthenticated call returns
GitHub's HTTP 401 / WWW-Authenticate: Bearer through Zilla's mcp(server)
which renders the same 4xx + WWW-Authenticate back to the inbound client,
courtesy of the McpResetEx bearer propagation that landed in #1796.

Author: claude

examples/mcp.proxy/README.md

@@ -12,11 +12,15 @@ client ──────►│                            │
               │              ▼             ▼             ▼     │
               │    mcp(client) everything  mcp(client) time   mcp(client) github
               │              │             │             │     │
+              │              ▼             ▼             ▼     │
+              │           http →        http →        http →   │
+              │           tcp           tcp           tls →    │
+              │                                       tcp:443  │
               └──────────────┼─────────────┼─────────────┼─────┘
                              ▼             ▼             ▼
-                      everything:3001  time:3002    github:3003
-                      (reference       (mcp-proxy   (github-mcp-
-                       server)         + uvx)        server http)
+                      everything:3001  time:3002   api.githubcopilot.com:443
+                      (reference       (mcp-proxy   (GitHub Copilot
+                       server)         + uvx)        Streamable HTTP)
 ```
 
 The proxy demonstrates, in one configuration:
@@ -35,32 +39,33 @@ The proxy demonstrates, in one configuration:
   the token at `north_http_server` and `mcp(client)` for the github route
   re-stamps it on the outbound request. The everything and time routes have no
   guard configured, so no Authorization is added on outbound to those upstreams.
-- **Auth-driven challenge pass-through** — `github-mcp-server` is started with
-  `--scope-challenge`, so when an inbound token is missing or under-scoped the
-  upstream's `HTTP 403 + WWW-Authenticate` flows back through the gateway
-  unchanged. Clients that implement RFC 6750 / MCP OAuth can complete the
-  flow externally and retry with the new token.
+- **Auth-driven challenge pass-through** — when an inbound token is missing or
+  under-scoped, the GitHub Copilot upstream responds with
+  `HTTP 401/403 + WWW-Authenticate: Bearer realm="..." scope="..." error="..."`,
+  and Zilla converts the response into a `RESET + McpResetEx.bearer` on the
+  MCP application stream. The proxy and `mcp(server)` re-render that as the
+  same `HTTP 4xx + WWW-Authenticate` back to the inbound client, so RFC 6750
+  / MCP OAuth clients can complete the flow externally and retry with the
+  new token.
 
 ## Requirements
 
 - docker compose
-- optional: a GitHub Personal Access Token to exercise the `github` toolkit route
+- outbound network access to `api.githubcopilot.com:443`
+- optional: a [GitHub Copilot API token](https://docs.github.com/en/copilot)
+  to exercise the `github` toolkit route end-to-end
 
 ## Setup
 
 ```bash
 docker compose up -d
 ```
 
-This starts Zilla plus two reachable upstream MCP servers: a Node `everything`
-reference server on `:3001` and a Python `time` server on `:3002` wrapped by
-`mcp-proxy` for the stdio→HTTP bridge.
-
-To also start the official `github/github-mcp-server` upstream in HTTP mode:
-
-```bash
-docker compose --profile github up -d
-```
+This starts Zilla plus two locally-reachable upstream MCP servers: a Node
+`everything` reference server on `:3001` and a Python `time` server on `:3002`
+wrapped by `mcp-proxy` for the stdio→HTTP bridge. The `github` route is wired
+to GitHub Copilot's public MCP endpoint at `https://api.githubcopilot.com/mcp/`
+— no local container is needed.
 
 ## Verify
 
@@ -104,15 +109,10 @@ the elicitation message and reply via `elicitation/result`).
 
 ### Call a GitHub tool (bearer flows from client through to upstream)
 
-First start the github upstream:
-
-```bash
-docker compose --profile github up -d
-```
-
-Issue a github tool call without an `Authorization` header — `github-mcp-server`
-returns `HTTP 403` with a `WWW-Authenticate` challenge that propagates back
-through the proxy:
+Issue a github tool call without an `Authorization` header. Zilla forwards the
+unauthenticated call to `api.githubcopilot.com/mcp/`, which responds with an
+`HTTP 401` and a `WWW-Authenticate: Bearer ...` challenge. Zilla renders the
+challenge back to the inbound client:
 
 ```bash
 curl -i -N http://localhost:7114/mcp \
@@ -121,16 +121,15 @@ curl -i -N http://localhost:7114/mcp \
     -d '{"jsonrpc":"2.0","id":3,"method":"tools/call","params":{"name":"github/get_me"}}'
 ```
 
-Mint a [GitHub Personal Access Token](https://github.com/settings/tokens),
-then retry with `Authorization: Bearer <PAT>`. Zilla's `identity` guard captures
+Retry with `Authorization: Bearer <token>`. Zilla's `identity` guard captures
 the bearer at `north_http_server`, and the `mcp(client)` for the github route
-re-stamps it on the outbound request — `github-mcp-server` accepts the token
-and the tool call completes:
+re-stamps it on the outbound request — GitHub Copilot accepts the token and
+the tool call completes:
 
 ```bash
-export GITHUB_PERSONAL_ACCESS_TOKEN=ghp_...
+export GITHUB_COPILOT_TOKEN=...
 curl -N http://localhost:7114/mcp \
-    -H "Authorization: Bearer $GITHUB_PERSONAL_ACCESS_TOKEN" \
+    -H "Authorization: Bearer $GITHUB_COPILOT_TOKEN" \
     -H "Content-Type: application/json" \
     -H "Accept: application/json, text/event-stream" \
     -d '{"jsonrpc":"2.0","id":3,"method":"tools/call","params":{"name":"github/get_me"}}'
@@ -154,12 +153,12 @@ memory.
 ## Teardown
 
 ```bash
-docker compose --profile github down -v
+docker compose down -v
 ```
 
 ## References
 
 - [Zilla docs — `binding-mcp`](https://docs.aklivity.io/zilla/latest/reference/config/bindings/binding-mcp.html)
 - [MCP — Streamable HTTP transport](https://modelcontextprotocol.io/docs/concepts/transports)
 - [MCP — elicitation](https://modelcontextprotocol.io/specification/draft/client/elicitation)
-- [`github/github-mcp-server`](https://github.com/github/github-mcp-server)
+- [GitHub Copilot MCP API](https://docs.github.com/en/copilot)

examples/mcp.proxy/compose.yaml

@@ -29,21 +29,13 @@ services:
       PORT: "3001"
 
   time:
-    image: ghcr.io/sparfenyuk/mcp-proxy:latest
+    image: ghcr.io/astral-sh/uv:python3.13-bookworm-slim
     hostname: time
     restart: unless-stopped
     command: >
-      --port 3002 --host 0.0.0.0 --pass-environment --
+      uvx mcp-proxy --port 3002 --host 0.0.0.0 --pass-environment --
       uvx mcp-server-time
 
-  github:
-    image: ghcr.io/github/github-mcp-server:latest
-    hostname: github
-    restart: unless-stopped
-    command: ["http", "--port=3003", "--scope-challenge"]
-    profiles:
-      - github
-
 networks:
   default:
     driver: bridge

examples/mcp.proxy/etc/zilla.yaml

@@ -89,16 +89,24 @@ bindings:
       authorization:
         name: passthrough
     routes:
-      - exit: south_http_client
+      - exit: south_http_client_github
         with:
           headers:
-            :scheme: http
-            :authority: github:3003
-            :path: /mcp
+            :scheme: https
+            :authority: api.githubcopilot.com
+            :path: /mcp/
   south_http_client:
     type: http
     kind: client
     exit: south_tcp_client
+  south_http_client_github:
+    type: http
+    kind: client
+    exit: south_tls_client_github
+  south_tls_client_github:
+    type: tls
+    kind: client
+    exit: south_tcp_client
   south_tcp_client:
     type: tcp
     kind: client