最适合: Web 应用后端、API 服务、内部工具、CI/CD 集成、任何服务器端工作负载。
工作原理
与生成 CLI 子进程的 SDK 相反,可以在 无外设服务器模式下独立运行 CLI。 后端使用 Connection 选项(UriConnection)通过 TCP 与其建立连接。
主要特征:
- CLI 作为常驻服务器进程运行(不是为每个请求单独启动的)
- SDK 通过 TCP 进行连接 — CLI 和应用可以在不同的容器中运行
- 多个 SDK 客户端可以共享一个 CLI 服务器
- 适用于任何身份验证方法(GitHub令牌、env vars、BYOK)
体系结构:自动管理与外部 CLI
步骤 1:以无头模式启动 CLI
将 CLI 作为后台服务器运行:
# Start with a specific port
copilot --headless --port 4321
# Or let it pick a random port (prints the URL)
copilot --headless
# Output: Listening on http://localhost:52431
默认情况下,无头服务器仅接受来自回环地址(127.0.0.1)的连接。 若要接受来自其他主机的连接(例如来自您网络中的另一台计算机),请使用 --host 绑定到非环回地址:
copilot --headless --host 0.0.0.0 --port 4321
对于生产,请将其作为系统服务或在容器中运行。
注意
Copilot CLI 没有正式预构建的 Docker 映像。 可以从 GitHub 版本生成自己的版本:
FROM debian:bookworm-slim
ARG COPILOT_VERSION=1.0.7
RUN apt-get update \
&& apt-get install -y --no-install-recommends ca-certificates wget \
&& ARCH=$(dpkg --print-architecture) \
&& case "${ARCH}" in amd64) COPILOT_ARCH="x64" ;; arm64) COPILOT_ARCH="arm64" ;; *) echo "Unsupported: ${ARCH}" && exit 1 ;; esac \
&& wget -q "https://github.com/github/copilot-cli/releases/download/v${COPILOT_VERSION}/copilot-linux-${COPILOT_ARCH}.tar.gz" \
&& tar -xzf "copilot-linux-${COPILOT_ARCH}.tar.gz" \
&& mv copilot /usr/local/bin/ \
&& rm "copilot-linux-${COPILOT_ARCH}.tar.gz" \
&& apt-get purge -y wget && apt-get autoremove -y && rm -rf /var/lib/apt/lists/*
ENTRYPOINT ["copilot"]
# Build the image
docker build --build-arg COPILOT_VERSION=1.0.7 -t copilot-cli:latest .
# For remote deployments (Kubernetes, ACI, etc.), push to your registry
docker tag copilot-cli:latest your-registry/copilot-cli:latest
docker push your-registry/copilot-cli:latest
# Docker — must bind to 0.0.0.0 so the container's published port is reachable
docker run -d --name copilot-cli \
-p 4321:4321 \
-e COPILOT_GITHUB_TOKEN="$TOKEN" \
copilot-cli:latest \
--headless --host 0.0.0.0 --port 4321
# systemd
[Service]
ExecStart=/usr/local/bin/copilot --headless --port 4321
Environment=COPILOT_GITHUB_TOKEN=your-token
Restart=always
步骤 2:连接 SDK
TypeScript
import { CopilotClient } from "@github/copilot-sdk";
const client = new CopilotClient({
cliUrl: "localhost:4321",
});
const session = await client.createSession({
sessionId: `user-${userId}-${Date.now()}`,
model: "gpt-4.1",
});
const response = await session.sendAndWait({ prompt: req.body.message });
res.json({ content: response?.data.content });
Python
from copilot import CopilotClient, RuntimeConnection
from copilot.session import PermissionHandler
client = CopilotClient(
connection=RuntimeConnection.for_uri("localhost:4321"),
)
await client.start()
session = await client.create_session(on_permission_request=PermissionHandler.approve_all, model="gpt-4.1", session_id=f"user-{user_id}-{int(time.time())}")
response = await session.send_and_wait(message)
Go
package main
import (
"context"
"fmt"
"time"
copilot "github.com/github/copilot-sdk/go"
)
func main() {
ctx := context.Background()
userID := "user1"
message := "Hello"
client := copilot.NewClient(&copilot.ClientOptions{
Connection: copilot.UriConnection{URL: "localhost:4321"},
})
client.Start(ctx)
defer client.Stop()
session, _ := client.CreateSession(ctx, &copilot.SessionConfig{
SessionID: fmt.Sprintf("user-%s-%d", userID, time.Now().Unix()),
Model: "gpt-4.1",
})
response, _ := session.SendAndWait(ctx, copilot.MessageOptions{Prompt: message})
_ = response
}
client := copilot.NewClient(&copilot.ClientOptions{
Connection: copilot.UriConnection{URL: "localhost:4321"},
})
client.Start(ctx)
defer client.Stop()
session, _ := client.CreateSession(ctx, &copilot.SessionConfig{
SessionID: fmt.Sprintf("user-%s-%d", userID, time.Now().Unix()),
Model: "gpt-4.1",
})
response, _ := session.SendAndWait(ctx, copilot.MessageOptions{Prompt: message})
.NET
using GitHub.Copilot;
var userId = "user1";
var message = "Hello";
var client = new CopilotClient(new CopilotClientOptions
{
Connection = RuntimeConnection.ForUri("localhost:4321"),
});
await using var session = await client.CreateSessionAsync(new SessionConfig
{
SessionId = $"user-{userId}-{DateTimeOffset.UtcNow.ToUnixTimeSeconds()}",
Model = "gpt-4.1",
});
var response = await session.SendAndWaitAsync(
new MessageOptions { Prompt = message });
var client = new CopilotClient(new CopilotClientOptions
{
Connection = RuntimeConnection.ForUri("localhost:4321"),
});
await using var session = await client.CreateSessionAsync(new SessionConfig
{
SessionId = $"user-{userId}-{DateTimeOffset.UtcNow.ToUnixTimeSeconds()}",
Model = "gpt-4.1",
});
var response = await session.SendAndWaitAsync(
new MessageOptions { Prompt = message });
Java
import com.github.copilot.sdk.CopilotClient;
import com.github.copilot.sdk.events.*;
import com.github.copilot.sdk.json.*;
var userId = "user1";
var message = "Hello!";
var client = new CopilotClient(new CopilotClientOptions()
.setCliUrl("localhost:4321")
);
try {
client.start().get();
var session = client.createSession(new SessionConfig()
.setSessionId(String.format("user-%s-%d", userId, System.currentTimeMillis() / 1000))
.setModel("gpt-4.1")
.setOnPermissionRequest(PermissionHandler.APPROVE_ALL)
).get();
var response = session.sendAndWait(new MessageOptions()
.setPrompt(message)).get();
} finally {
client.stop().get();
}
后端服务的身份验证
环境变量令牌
最简单的方法 - 在 CLI 服务器上设置令牌:
# All requests use this token
export COPILOT_GITHUB_TOKEN="gho_service_account_token"
copilot --headless --port 4321
每用户令牌 (OAuth)
创建会话时传递单个用户令牌。 完整流程请参阅 GitHub OAuth 设置。
// Your API receives user tokens from your auth layer
app.post("/chat", authMiddleware, async (req, res) => {
const client = new CopilotClient({
cliUrl: "localhost:4321",
gitHubToken: req.user.githubToken,
useLoggedInUser: false,
});
const session = await client.createSession({
sessionId: `user-${req.user.id}-chat`,
model: "gpt-4.1",
});
const response = await session.sendAndWait({
prompt: req.body.message,
});
res.json({ content: response?.data.content });
});
BYOK (无GitHub身份验证)
使用您自己的 API 密钥来访问模型服务提供商。 有关详细信息,请参阅“BYOK (bring your own key)”。
const client = new CopilotClient({
cliUrl: "localhost:4321",
});
const session = await client.createSession({
model: "gpt-4.1",
provider: {
type: "openai",
baseUrl: "https://api.openai.com/v1",
apiKey: process.env.OPENAI_API_KEY,
},
});
常见后端模式
使用 Express 的 Web API
import express from "express";
import { CopilotClient } from "@github/copilot-sdk";
const app = express();
app.use(express.json());
// Single shared CLI connection
const client = new CopilotClient({
cliUrl: process.env.CLI_URL || "localhost:4321",
});
app.post("/api/chat", async (req, res) => {
const { sessionId, message } = req.body;
// Create or resume session
let session;
try {
session = await client.resumeSession(sessionId);
} catch {
session = await client.createSession({
sessionId,
model: "gpt-4.1",
});
}
const response = await session.sendAndWait({ prompt: message });
res.json({
sessionId,
content: response?.data.content,
});
});
app.listen(3000);
后台工作者
import { CopilotClient } from "@github/copilot-sdk";
const client = new CopilotClient({
cliUrl: process.env.CLI_URL || "localhost:4321",
});
// Process jobs from a queue
async function processJob(job: Job) {
const session = await client.createSession({
sessionId: `job-${job.id}`,
model: "gpt-4.1",
});
const response = await session.sendAndWait({
prompt: job.prompt,
});
await saveResult(job.id, response?.data.content);
await session.disconnect(); // Clean up after job completes
}
Docker Compose 部署
version: "3.8"
services:
copilot-cli:
image: copilot-cli:latest # See "Step 1" above for how to build this image
command: ["--headless", "--host", "0.0.0.0", "--port", "4321"]
environment:
- COPILOT_GITHUB_TOKEN=${COPILOT_GITHUB_TOKEN}
ports:
- "4321:4321"
restart: always
volumes:
- session-data:/root/.copilot/session-state
api:
build: .
environment:
- CLI_URL=copilot-cli:4321
depends_on:
- copilot-cli
ports:
- "3000:3000"
volumes:
session-data:
健康检查
监视 CLI 服务器的运行状况:
// Periodic health check
async function checkCLIHealth(): Promise<boolean> {
try {
const status = await client.getStatus();
return status !== undefined;
} catch {
return false;
}
}
会话清理
后端服务应主动清理会话,以避免资源泄漏:
// Clean up expired sessions periodically
async function cleanupSessions(maxAgeMs: number) {
const sessions = await client.listSessions();
const now = Date.now();
for (const session of sessions) {
const age = now - new Date(session.createdAt).getTime();
if (age > maxAgeMs) {
await client.deleteSession(session.sessionId);
}
}
}
// Run every hour
setInterval(() => cleanupSessions(24 * 60 * 60 * 1000), 60 * 60 * 1000);
局限性
| Limitation | 详细信息 |
|---|---|
| 单 CLI 服务器 = 单一故障点 | 请参阅 HA 模式的 可扩展性和多租户 |
| SDK 和 CLI 之间没有内置身份验证 | 确保网络路径安全(同一主机、VPC 等) |
| 本地磁盘上的会话状态 | 挂载用于容器重启后保留数据的持久存储 |
| 30 分钟空闲超时 | 无活动的会话会被自动清理 |
何时继续
| 需要 | 下一篇指南 |
|---|---|
| 多个 CLI 服务器/高可用性 | |
| 可扩展性和多租户 | |
| 用户的 GitHub 账户身份验证 | |
| GitHub OAuth 设置 | |
| 你自己的模型密钥 | |
| BYOK (bring your own key) |
后续步骤
- 可扩展性和多租户:处理更多用户,添加冗余
- 会话恢复和持久性:重启后恢复会话
- GitHub OAuth 设置:添加用户身份验证