refactor: remove Teams Bot Gateway auth mode (ADR-006)#12
Merged
Conversation
Bot mode bypassed Agent Identity (off-thesis) and was superseded by Microsoft Agent 365's managed AI teammate. Full excision: - Delete src/entrabot/bot/ (~921 LOC) and tests/bot/ (45 tests) - Drop aiohttp + botbuilder-core + botbuilder-integration-aiohttp deps (used only in bot/) - Remove mode==bot branches and _background_poll_bot from mcp_server.py - config: fail loud via RemovedModeError when ENTRABOT_MODE=bot (honors zero-silent-failures); drop bot_* fields + ENTRABOT_BOT_* env - Remove scripts/setup_bot.sh, scripts/start_bot.sh - Delete DESIGN-teams-bot-gateway.md; strip live doc refs; add ADR-006 Two auth modes remain (agent_user, delegated), both using Agent Identity. 1243 tests pass, ruff clean. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
test_sponsor_not_in_chat_rejected and test_empty_chat_members_rejected override the autouse fixture's sponsor binding to point at the target chat so Gate 2 (not-in-chat) fires instead of Gate 3 (channel mismatch). They recorded the override at time.time()-1.0, only sub-tick newer than the fixture's now-1.0 seed. On Windows' ~15ms clock the two epochs tie, and ActiveChannelBindings.record() rejects equal-or-older timestamps (replay defense, active_channel.py:103), so the stale binding wins and Gate 3 fires -> SponsorChannelMismatchError instead of the expected RequesterNotInChatError. Record the override at time.time() (now), deterministically ~1s newer than the seed. Production semantics unchanged; tightened record() docstring to match the >= tie-rejection it already implements. Surfaced by removing tests/bot/ (shifted collection order). Verified under a frozen-clock tie. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Removes the legacy Teams Bot Gateway (“bot” auth mode) across the codebase so entrabot consistently uses Agent Identity end-to-end (Agent User three-hop or delegated MSAL), and makes ENTRABOT_MODE=bot fail loudly with a migration message per ADR-006.
Changes:
- Excises the Bot Gateway implementation (source, tests, scripts) and drops its third-party dependencies.
- Updates configuration/error handling so removed modes raise
RemovedModeErrorinstead of silently falling back toauto. - Refreshes docs and a few tests to reflect the two remaining auth flows and to avoid Windows clock-tie flakiness in sponsor binding tests.
Reviewed changes
Copilot reviewed 40 out of 42 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| tests/tools/test_files_pr2_share_file.py | Makes sponsor-binding override timestamps deterministic on Windows by avoiding time.time() - 1.0 ties. |
| tests/test_mcp_server_integration.py | Removes bot-mode integration test coverage that no longer applies. |
| tests/test_mcp_push_channel_binding.py | Removes bot-poll binding test that referenced the deleted bot inbound path. |
| tests/test_config.py | Adds regression test ensuring ENTRABOT_MODE=bot raises RemovedModeError. |
| tests/bot/test_tunnel.py | Deletes Bot Gateway tunnel tests along with the feature. |
| tests/bot/test_server.py | Deletes Bot Gateway server tests along with the feature. |
| tests/bot/test_handler.py | Deletes Bot Gateway JSONL IPC handler tests along with the feature. |
| tests/bot/test_convo_store.py | Deletes Bot Gateway conversation-reference persistence tests along with the feature. |
| tests/bot/test_cards.py | Deletes Bot Gateway adaptive card template tests along with the feature. |
| tests/bot/conftest.py | Removes Windows-specific skipping logic tied to the deleted bot test suite. |
| tests/bot/init.py | Removes bot test package presence (as part of bot test suite deletion). |
| src/entrabot/mcp_server.py | Removes bot-mode branches for auth init, polling, and outbound Teams send path. |
| src/entrabot/identity/active_channel.py | Clarifies (and aligns with current behavior) that equal timestamps are rejected for binding overrides. |
| src/entrabot/errors.py | Introduces ConfigError and RemovedModeError for fail-loud removed configuration values. |
| src/entrabot/config.py | Removes bot from valid modes, adds _REMOVED_MODES + _validate_mode hard error for bot, and drops bot-specific env wiring/fields. |
| src/entrabot/bot/tunnel.py | Deletes Dev Tunnel management implementation with the removed feature. |
| src/entrabot/bot/server.py | Deletes aiohttp/Bot Framework server implementation with the removed feature. |
| src/entrabot/bot/handler.py | Deletes JSONL IPC handler implementation with the removed feature. |
| src/entrabot/bot/convo_store.py | Deletes conversation reference persistence implementation with the removed feature. |
| src/entrabot/bot/cards.py | Deletes Bot Gateway adaptive card template helpers with the removed feature. |
| src/entrabot/bot/init.py | Removes bot package presence (as part of bot source deletion). |
| scripts/start_bot.sh | Deletes bot-mode startup script (tunnel + bot server). |
| scripts/setup_bot.sh | Deletes one-time Azure Bot provisioning script. |
| README.md | Updates top-level docs to reflect only Agent User + delegated auth flows. |
| pyproject.toml | Drops aiohttp and botbuilder dependencies that were bot-only. |
| docs/runbooks/windows-setup.md | Removes Bot Gateway-on-Windows notes that no longer apply. |
| docs/reference/scripts/setup.md | Removes setup_bot.sh documentation. |
| docs/reference/scripts/operations.md | Removes start_bot.sh documentation. |
| docs/reference/api/mcp-tools.md | Updates send_teams_message docs to remove bot-mode JSONL behavior. |
| docs/reference/api/identity.md | Removes bot from the documented identity modes. |
| docs/platform-learnings/microsoft-agent-365.md | Updates the A365 “AI teammate” section to reflect the Agent User approach + ADR-006 removal. |
| docs/index.md | Replaces Bot Gateway design link with ADR-006 rationale link. |
| docs/engineering-status.md | Updates status summary to reflect removal of the Bot Gateway mode and adjusted test count. |
| docs/decisions/README.md | Adds ADR-006 entry to the ADR index. |
| docs/decisions/006-remove-bot-gateway-mode.md | Adds ADR-006 documenting the decision and fail-loud behavior. |
| docs/architecture/system-overview.md | Removes bot/ module from system overview; updates auth-mode count. |
| docs/architecture/enforcement-flow.md | Removes bot-mode token discussion from enforcement flow doc. |
| docs/architecture/DESIGN-teams-bot-gateway.md | Deletes the Bot Gateway design document (superseded by ADR-006 / removed feature). |
| docs/architecture/DESIGN-persona-sati-integration.md | Updates auth-flow references to remove bot mode. |
| CLAUDE.md | Updates repo runtime model and architecture references to remove bot module/mode. |
| AGENTS.md | Updates runtime model references to remove bot mode from the supported modes list. |
| .github/copilot-instructions.md | Updates module list to remove bot gateway directory. |
Comment on lines
745
to
749
| # Start background polling unconditionally. Every client that | ||
| # spawns entrabot (stdio) gets its own process and its own poll | ||
| # loops — no gating is needed. | ||
| if config and config.mode == "bot": | ||
| import asyncio | ||
|
|
||
| _state["poll_task"] = asyncio.get_event_loop().create_task(_background_poll_bot()) | ||
| elif _state.get("watched_chats"): | ||
| if _state.get("watched_chats"): | ||
| _ensure_poll_task_running() |
Copilot stopped work on behalf of
brandwe due to an error
June 8, 2026 17:29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Removes the
botauth mode (Teams Bot Gateway) entirely. Bot mode bypassed Agent Identity — messages showed as a Bot Framework bot, not the Agent User — which contradicts the project's thesis (the agent is a first-class Entra principal). It was also superseded by Microsoft Agent 365's managed AI teammate (GA 2026-05-01). Reviewed via/plan-ceo-review(SCOPE REDUCTION) + outside-voice challenge.Full rationale: ADR-006 (
docs/decisions/006-remove-bot-gateway-mode.md).What changed
Code
src/entrabot/bot/(~921 LOC) andtests/bot/(45 tests)aiohttp+botbuilder-core+botbuilder-integration-aiohttpfrompyproject.toml(used only inbot/)entrabot.bot.handlerimports + allmode == "bot"branches +_background_poll_botfrommcp_server.pyconfig.py:_validate_modenow fails loud withRemovedModeErrorforENTRABOT_MODE=bot(honors the zero-silent-failures rule) while other invalid modes still fall back toauto; dropbot_*fields +ENTRABOT_BOT_*env wiringRemovedModeError(errors.py) + testScripts/docs
scripts/setup_bot.sh,scripts/start_bot.shDESIGN-teams-bot-gateway.md; add ADR-006; strip live refs across README, CLAUDE.md, AGENTS.md, copilot-instructions.md, engineering-status, index, system-overview, identity, mcp-tools, script refs, windows-setup, enforcement-flow, persona-sati design, and the A365 learningBehavior change
agent_useranddelegated, both using Agent Identity end to end.ENTRABOT_MODE=botnow raisesRemovedModeErrorwith a migration message (was a silent fallback path) instead of silently switching identity mode.Test plan
pytest -v— 1243 passed, 1 skippedruff check .— cleanconfig+mcp_serverload without bot deps)src/; remaining mentions are only inside ADR-006🤖 Generated with GitHub Copilot CLI
Co-authored-by: Copilot 223556219+Copilot@users.noreply.github.com