Simplify Foundry configuration and clarify role assignment

[PabloZaiden]

This pull request introduces enhancements to the CAIRA skill test workflow, focusing on improved support for Azure AI Foundry integration, robust environment validation, and better script reliability. The main changes are grouped into workflow improvements, script enhancements, and documentation updates.

Workflow improvements for Azure AI Foundry:

• The GitHub Actions workflow (.github/workflows/skill-test.yml) now validates that all required Azure and Copilot provider environment variables are set before running tests, and it ensures the COPILOT_PROVIDER_BASE_URL matches the expected Foundry endpoint pattern.
• The workflow uses OIDC-based Azure login to obtain a short-lived Azure AI Foundry access token, which is exported as COPILOT_PROVIDER_BEARER_TOKEN for use by Copilot CLI.
• Permissions for id-token: write are added to support OIDC authentication in the workflow.

Script enhancements for skill testing:

• The scripts/test-skill.sh script now includes a configure_foundry_provider function that checks for required Foundry-related environment variables, validates endpoint formatting, and exports all necessary provider settings for Copilot CLI.
• The script's Copilot invocation now captures both stdout and stderr, ensuring all output is saved and exit codes are correctly handled. The verifier result extraction is improved to reliably parse the result line. [1] [2]

Documentation update:

• The README.md now describes how the weekly GitHub Actions run authenticates with Azure, obtains a Foundry token, and configures Copilot CLI for BYOK provider testing, including the required Azure role.

[Copilot]

Pull request overview

This pull request updates the CAIRA skill test automation to better support Azure AI Foundry as a BYOK provider for GitHub Copilot CLI, adding workflow-side validation and OIDC-based token acquisition, plus corresponding script and documentation adjustments.

Changes:

• Add preflight validation and OIDC-based Azure login/token retrieval in the skill-test GitHub Actions workflow.
• Add a configure_foundry_provider helper in the skill test script to validate/export Foundry-related provider settings and improve Copilot output capture and verifier parsing.
• Document the weekly workflow’s Azure authentication/token flow and required Azure role in the README.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File	Description
scripts/test-skill.sh	Adds Foundry provider configuration/validation and improves Copilot output handling and verifier result parsing.
.github/workflows/skill-test.yml	Adds Foundry config validation, OIDC permissions/login, and exports a short-lived access token for Copilot CLI BYOK testing.
README.md	Documents the weekly workflow’s OIDC login + Foundry token acquisition + Copilot BYOK environment setup.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.