ci(eval): pass COPILOT_CLI_TOKEN for Copilot SDK session auth

wbreza · Copilot · wbreza · commit 3f4acc4977bb · 2026-04-16T11:36:28.000-07:00
The copilot-sdk executor in @microsoft/vally-cli reads GITHUB_TOKEN
to create a Copilot session. The default Actions GITHUB_TOKEN doesn't
have Copilot API scope, causing "Session was not created with
authentication info or custom provider" at eval execution time.

Reuse the existing repo secret COPILOT_CLI_TOKEN (a Copilot-enabled
PAT) and expose it as GITHUB_TOKEN to the eval run step.

Co-authored-by: Copilot &lt;223556219+Copilot@users.noreply.github.com&gt;
diff --git a/.github/workflows/eval.yml b/.github/workflows/eval.yml
@@ -30,7 +30,7 @@ jobs:
       - name: Run evaluations
         run: npx @microsoft/vally-cli eval --eval-spec evals/azure-hosted-copilot-sdk/eval.yaml --output-dir ./results --output jsonl
         env:
-          NODE_AUTH_TOKEN: ${{ secrets.VALLY_NPM_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.COPILOT_CLI_TOKEN }}
       - name: Upload results
         if: always()
         uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
