GitHub Copilot CLI: Your AI Terminal

AI leaves the editor and enters the terminal

GitHub Copilot is no longer confined to VS Code. With Copilot CLI, you get an AI assistant directly in your terminal — and it comes in three distinct modes that cover everything from interactive troubleshooting to headless CI/CD automation.

I got a detailed look at this during GitHub Copilot Dev Days, and for DevOps engineers who live in the terminal, this changes the daily workflow significantly.

Three modes, three use cases

Interactive Mode

The default experience. You run copilot and get a conversational interface right in your terminal:

$ copilot
> How do I find all pods in CrashLoopBackOff across all namespaces?

kubectl get pods --all-namespaces --field-selector=status.phase!=Running \
  | grep CrashLoopBackOff

But it goes far beyond translating natural language to shell commands. Copilot CLI has multi-file context awareness — it understands your project structure and can:

Generate and modify code files
Execute shell commands and react to output
Integrate with MCP servers for external context
Run interactive troubleshooting sessions

$ copilot
> The deployment in staging is failing health checks. 
> Check the logs, identify the issue, and suggest a fix.

Checking deployment status...
$ kubectl get deployment api-server -n staging -o yaml
$ kubectl logs deployment/api-server -n staging --tail=50

The health check endpoint /healthz is returning 503. 
The logs show the database connection pool is exhausted.
Suggested fix: increase DB_POOL_SIZE from 5 to 20 in the 
staging ConfigMap...

Headless Mode

This is where it gets interesting for automation. Run copilot -p for non-interactive execution — perfect for CI/CD pipelines:

# .github/workflows/code-review.yml
jobs:
  ai-review:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: AI Code Review
        run: |
          copilot -p "Review the changes in this PR for security \
          vulnerabilities, performance issues, and style violations. \
          Output findings as GitHub annotations." \
          --context ./diff.patch

Headless mode opens up scenarios like:

Automated PR reviews in CI pipelines
Incident triage — pipe alerts into Copilot for initial analysis
Documentation generation — auto-generate docs from code changes
Migration scripts — batch process file transformations

# Generate migration scripts for all Python 2 files
find . -name "*.py" -exec copilot -p \
  "Modernize this Python 2 code to Python 3.12, \
   preserving all functionality" {} \;

Server Mode

Run copilot --server to expose a JSON-RPC endpoint that external clients can connect to:

$ copilot --server --port 8080

# Now any client can send requests:
$ curl -X POST http://localhost:8080/rpc \
  -H "Content-Type: application/json" \
  -d '{
    "method": "complete",
    "params": {
      "prompt": "Write an Ansible playbook to configure Nginx with TLS",
      "context": {"project": "./infrastructure/"}
    }
  }'

Server mode enables:

Custom IDEs and editors to integrate Copilot
Internal tools to leverage Copilot as a backend
Automation platforms like Ansible or Terraform to get AI-assisted code generation
Chatbots and slash commands backed by Copilot intelligence

Core features under the hood

Multi-file context awareness

Unlike simple command translation tools, Copilot CLI understands your entire project:

$ copilot
> Add rate limiting to the API. Use our existing Redis connection.

# Copilot reads your project structure, finds the Redis config,
# identifies the API framework (FastAPI), and generates code
# that uses your existing patterns and conventions.

Tool execution and shell commands

Copilot CLI does not just suggest commands — it can execute them (with your permission) and react to the output:

$ copilot
> Run the test suite and fix any failures

Running: pytest tests/ -v
...
FAILED tests/test_auth.py::test_token_refresh - AssertionError

Analyzing failure... The test expects a 200 status but the 
refresh endpoint now returns 201. Updating test assertion...

Running: pytest tests/test_auth.py::test_token_refresh -v
PASSED

MCP server integration

Just like in VS Code, Copilot CLI supports MCP servers:

# Configure MCP in ~/.copilot/config.json
{
  "mcp": {
    "servers": {
      "k8s": {"command": "kubectl-mcp"},
      "aws": {"command": "aws-mcp"},
      "jira": {"command": "jira-mcp"}
    }
  }
}

$ copilot
> What Jira tickets are assigned to me that relate to the 
> Kubernetes cluster upgrade?

# Copilot queries Jira MCP, cross-references with your 
# k8s cluster state, and gives a prioritized summary

Lifecycle event hooks

Customize behavior with hooks that fire before and after actions:

{
  "hooks": {
    "pre-execute": "echo 'About to run: ${command}'",
    "post-execute": "audit-log --command '${command}' --exit ${exitCode}",
    "pre-file-edit": "git stash",
    "post-file-edit": "prettier --write ${file}"
  }
}

Real-world DevOps use cases

Incident response

$ copilot
> We are getting 5xx errors on the payment service. 
> Walk me through the investigation.

1. Checking service health...
$ kubectl get pods -n payments -l app=payment-svc
$ kubectl top pods -n payments

2. Checking recent deployments...
$ kubectl rollout history deployment/payment-svc -n payments

3. Found: deployment 15m ago changed the DB connection string.
   The new string points to a read replica, not the primary.
   
   Fix: kubectl set env deployment/payment-svc \
     DB_HOST=payments-primary.db.svc.cluster.local -n payments

Infrastructure as Code generation

$ copilot -p "Generate a Terraform module for an EKS cluster \
  with GPU node groups, Karpenter autoscaling, and \
  IRSA for the NVIDIA GPU Operator. Follow our module \
  conventions in ./modules/" > modules/eks-gpu/main.tf

Ansible playbook assistance

$ copilot
> Create a molecule test scenario for the nginx role 
> that validates TLS configuration

# Generates molecule/tls-test/molecule.yml, 
# converge.yml, and verify.yml

Security considerations

Running an AI agent in your terminal with command execution rights requires thoughtful security:

Approval mode — Copilot asks before executing destructive commands
Scope limits — configure which directories and commands are allowed
Audit logging — hooks can log every command for compliance
Network boundaries — server mode should be behind authentication
Secret handling — Copilot is trained not to output secrets, but review your MCP server configurations

Copilot CLI vs other terminal AI tools

Feature	Copilot CLI	Generic AI CLIs
Multi-file context	Yes	Limited
MCP integration	Native	No
Headless/CI mode	Built-in	Usually not
Server mode	JSON-RPC	No
Code execution	Controlled	Varies
GitHub integration	Deep	No

Getting started

# Install
gh extension install github/copilot-cli

# Interactive mode
copilot

# Headless mode (CI/CD)
copilot -p "your prompt here"

# Server mode
copilot --server --port 8080

My take

Copilot CLI bridges the gap between “AI in the editor” and “AI in the pipeline.” For DevOps and platform engineering teams, the headless and server modes are game-changers. You can embed AI intelligence into your existing automation without rebuilding anything.

The combination of Copilot CLI headless mode with GitHub Actions creates an AI-augmented CI/CD pipeline that can review, test, and even fix code autonomously. That is a significant shift in how we think about software delivery.

Looking to integrate AI into your DevOps toolchain? Let us talk about building AI-augmented automation workflows for your team.