A repository uses the following workflow for Copilot-generated pull requests. The team wants all agent PRs to receive automated feedback quickly, but a human should approve only the integration job that uses the protected agent-integration environment. Evaluate the following statements. 1. The validate job can run without waiting for the environment reviewer. 2. The integration job requests human approval only after validate succeeds and the PR is not draft. 3. The pull-requests: read permission lets the workflow approve the protected environment automatically.
name: agent-pr-review
on:
pull_request:
types:
- opened
- synchronize
- ready_for_review
permissions:
contents: read
pull-requests: read
security-events: read
jobs:
validate:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Test
run: npm ci && npm test
- name: Static analysis
run: npm run lint
integration:
needs: validate
if: github.event.pull_request.draft == false
environment: agent-integration
runs-on: ubuntu-latest
steps:
- name: Integration smoke test
run: npm run smokeChoose an answer
Tap an option to check your answer.
Correct answer: 1=Yes 2=Yes 3=No.
Why this is the answer
Statement 1 is Yes. The validate job has no environment key and no needs dependency on a job with an environment, so it runs immediately when the pull request event triggers the workflow, without waiting for human approval. Statement 2 is Yes. The integration job explicitly lists needs: validate, meaning it will only run after the validate job completes successfully. Additionally, it has an if: github.event.pullrequest.draft == false condition, ensuring it only proceeds if the pull request is not a draft. The agent-integration environment is protected, requiring human approval before the job can access it. Statement 3
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed