Skip to content

Engine configuration

The engine field specifies which engine to use for the agentic task. The string form is an engine identifier (currently only copilot is supported). The object form uses id for the engine identifier plus additional options like model selection and timeout.

# Simple string format (engine identifier, defaults to copilot)
engine: copilot
# Object format with additional options
engine:
id: copilot
model: claude-opus-4.7
timeout-minutes: 30
FieldTypeDefaultDescription
idstringcopilotEngine identifier. Currently only copilot (GitHub Copilot CLI) is supported.
modelstringclaude-opus-4.7AI model to pass to the Copilot CLI --model flag. Any model ID supported by GitHub Copilot is accepted (e.g., claude-sonnet-4.7, claude-opus-4.7). The compiler does not validate the value — an unrecognised ID produces a runtime error from the CLI.
timeout-minutesinteger(none)Maximum time in minutes the agent job is allowed to run. Sets timeoutInMinutes on the Agent job in the generated pipeline.
versionstring(none)Engine CLI version to install (e.g., "1.0.43", "latest"). Overrides the pinned COPILOT_CLI_VERSION. Set to "latest" to use the newest available version.
agentstring(none)Custom agent file identifier (Copilot only). Adds --agent <name> to the CLI invocation, selecting a custom agent from .github/agents/.
api-targetstring(none)Custom API endpoint hostname for GHES/GHEC (e.g., "api.acme.ghe.com"). Adds --api-target <hostname> to the CLI invocation and adds the hostname to the AWF network allowlist.
argslist[]Custom CLI arguments appended after compiler-generated args. Subject to shell-safety validation and blocked from overriding compiler-controlled flags (see args reference below).
envmap(none)Engine-specific environment variables merged into the sandbox step’s env: block. Keys must be valid env var names; values must not contain ADO expressions ($(, ${{) or pipeline command injection (##vso[). Compiler-controlled keys are blocked (see env reference below).
commandstring(none)Custom engine executable path (skips default NuGet installation). The path must be accessible inside the AWF container (e.g., /tmp/... or workspace-mounted paths).

The timeout-minutes field sets a wall-clock limit (in minutes) for the entire agent job. It maps to the Azure DevOps timeoutInMinutes job property on Agent. This is useful for:

  • Budget enforcement — hard-capping the total runtime of an agent to control compute costs.
  • Pipeline hygiene — preventing agents from occupying a runner indefinitely if they stall or enter long retry loops.
  • SLA compliance — ensuring scheduled agents complete within a known window.

When omitted, Azure DevOps uses its default job timeout (60 minutes). When set, the compiler emits timeoutInMinutes: <value> on the agentic job.

The args list appends raw CLI arguments to the Copilot invocation. This is an escape hatch for passing flags that ado-aw does not yet model in front matter — use it sparingly.

The compiler rejects any argument that starts with one of the following blocked prefixes, because those flags are owned and managed by the compiler:

Blocked prefixReason
--promptCompiler controls how the prompt is supplied
--additional-mcp-configCompiler owns MCP configuration
--allow-toolCompiler controls tool allow-listing
--allow-all-toolsCompiler controls tool allow-listing
--allow-all-pathsCompiler controls path permissions
--disable-builtin-mcpsCompiler manages built-in MCP setup
--no-ask-userCompiler controls interactive-mode setting
--ask-userCompiler controls interactive-mode setting

Each argument is also checked against a shell-safety character allowlist to prevent injection.

Example — enabling a hypothetical experimental flag:

engine:
id: copilot
args:
- --experimental-feature
- --log-level=debug

The env map injects additional environment variables into the sandbox step’s env: block. This is useful for passing static configuration values or feature flags that the agent script needs.

The compiler also blocks keys that it controls:

Blocked keyReason
GITHUB_TOKENCompiler-managed auth token
GITHUB_READ_ONLYCompiler-managed auth mode
COPILOT_OTEL_ENABLEDCompiler-managed telemetry
COPILOT_OTEL_EXPORTER_TYPECompiler-managed telemetry
COPILOT_OTEL_FILE_EXPORTER_PATHCompiler-managed telemetry
PATHSystem shell variable
HOMESystem shell variable
BASH_ENVSystem shell variable
ENVSystem shell variable
IFSSystem shell variable
LD_PRELOADDynamic linker — security-sensitive
LD_LIBRARY_PATHDynamic linker — security-sensitive

Example — passing static configuration values:

engine:
id: copilot
env:
STATIC_CONFIG: "production"
FEATURE_FLAGS: "enable-new-parser,strict-mode"