GitHub Copilot Workspace je Microsoft-ov odgovor na Cursor i Claude Code — full AI development okruženje direktno u GitHub-u. Razvijaš feature, pokrećeš testove, mergaš u main — sve s AI agentom koji prati cijeli projekt. Pitanje koje ostaje: gdje to deploy-ati. Ovaj vodič pokriva profesionalni Copilot Workspace + WMD workflow s Git-based deploy-em, GitHub Actions integracijom i enterprise sigurnosnim postavkama.
Što Copilot Workspace radi drugačije od ostalih AI alata
Dok je Cursor IDE u kojem ti tipkaš a AI pomaže, Copilot Workspace je više agent-driven:
- Otvaraš novi task u browser-based environment-u (ili kroz VS Code extension)
- Opisuješ što treba ("dodaj user authentication na ovaj projekt")
- Copilot agent piše plan, generira PR s izmjenama, pokreće testove
- Ti reviewaš PR, traziš izmjene ili merge-aš
- GitHub Actions automatski deploy-a
Glavna razlika: workflow je manje "live coding", više "task → review → merge". Idealno za timove gdje senior developer reviewa AI-generirani kod prije produkcije.
Setup: Copilot Workspace projekt + WMD deploy
Korak 1: Stvori repo u GitHub-u s Copilot Workspace pristupom
- GitHub → New Repository
- Aktiviraj Copilot Workspace u organization settings (zahtjeva Copilot Enterprise ili Business plan)
- U repo settings → Copilot → enable Workspace
Korak 2: Connect WMD kao deploy target
Imaš dvije opcije:
Opcija A: GitHub webhook → cPanel Git Deploy
- cPanel → Git Version Control → Create
- Clone tvoj GitHub repo (HTTPS s GitHub Personal Access Token, ili SSH s deploy key)
- Repository Path:
/home/korisnik/my-app - Branch:
main - Klikni Create
- GitHub repo settings → Webhooks → Add webhook → cPanel deploy URL
Svaki PR koji Copilot Workspace agent stvori i ti merge-aš → automatski deploy.
Opcija B: GitHub Actions → SSH/rsync na WMD
Više enterprise-friendly. Workflow u .github/workflows/deploy.yml:
name: Deploy to WMD
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Install and build
run: |
npm ci
npm run build
- name: Deploy via rsync
uses: burnett01/rsync-deployments@7.0.2
with:
switches: -avzr --delete
path: dist/
remote_path: /home/korisnik/public_html/
remote_host: tvoja-domena.hr
remote_user: \${{ secrets.WMD_USER }}
remote_key: \${{ secrets.WMD_SSH_KEY }}
GitHub Secrets → dodaj WMD_USER i WMD_SSH_KEY (privatni ključ za SSH pristup na WMD). Build se događa na GitHub runner-u, rsync šalje rezultat na WMD.
Korak 3: Postavi Copilot Workspace task
U Copilot Workspace UI-u:
- Otvori task ("Add user authentication with JWT")
- Copilot agent generira plan
- Reviewa plan, prilagodi specifikaciju
- Klikni "Generate PR"
- Copilot piše kod, otvara pull request
- Code review (sam ili netko iz tima)
- Merge → CI/CD pipeline radi build + deploy na WMD
Enterprise-specifični setup — Self-hosted runners
Veće firme s sigurnosnim zahtjevima često ne žele da kod ide kroz GitHub-hosted runner-e. Rješenje: self-hosted GitHub Actions runner na WMD VPS-u.
Setup:
- U GitHub repo Settings → Actions → Runners → New self-hosted runner
- SSH-uj na WMD VPS
- Slijedi GitHub instrukcije za download i registraciju runner-a
- Runner se registrira pod tvojim accountom i čeka workflow-e
- U
.github/workflows/deploy.ymlpromijeni:runs-on: self-hosted
Workflow:
- Copilot Workspace generira PR
- Merge na main
- GitHub trigger-a workflow na tvom self-hosted runner-u (koji je VPS na WMD-u)
- Build se događa lokalno (kod nikad ne napušta tvoj environment)
- Deploy idu direktno bez network hops-a
Pogodnost: kod i build artifacts nikad ne napuštaju tvoj environment. Idealno za regulirana industrija (finance, healthcare).
Production deploy patterns
1. Blue-green deploy
Zero-downtime deploy za production aplikacije:
- Imaj dva foldera na WMD-u:
/home/korisnik/app-bluei/home/korisnik/app-green - Aktivni je onaj na koji symlink
/home/korisnik/currentpokazuje - Deploy script radi build u neaktivni folder
- Po uspjehu, mijenja symlink atomski
- Stari folder ostaje kao backup, sljedeći deploy ga prebriše
Workflow primjer u .cpanel.yml:
deployment:
tasks:
- export TARGET=/home/korisnik/app-$(readlink /home/korisnik/current | grep -o 'blue\|green' | head -1 | tr 'blue\nblue\ngreen' 'green\ngreen\nblue' | head -1)
- /bin/cp -R * $TARGET
- cd $TARGET && npm ci && npm run build
- ln -sfn $TARGET /home/korisnik/current
2. Canary deploys
Postupno puštanje nove verzije na podskup korisnika:
- Glavna domena tvojadomena.hr → stabilna verzija
- Canary subdomena canary.tvojadomena.hr → nova verzija s Copilot Workspace izmjenama
- Nakon par dana monitoringa, ako nema regression-a, mergaj canary u main
3. Database migrations
Copilot Workspace često piše database migrations. U .cpanel.yml:
deployment:
tasks:
- cd /home/korisnik/app && composer install --no-dev
- cd /home/korisnik/app && php artisan migrate --force
- cd /home/korisnik/app && php artisan db:seed --class=ProductionSeeder
Bitno: --force flag je obvezan u production-u jer Laravel ne migrira bez potvrde u produkciji.
Security review prije merge-a
Copilot Workspace generira odličan kod, ali AI je još uvijek AI. Provjeri prije production deploy-a:
1. SAST (Static Application Security Testing) u GitHub Actions
- name: Run security scan
uses: github/codeql-action/init@v3
with:
languages: javascript, python
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
CodeQL skenira PR za poznate sigurnosne ranjivosti prije merge-a.
2. Dependabot za dependency vulnerabilities
GitHub Settings → Security → Dependabot alerts. Automatski otvara PR-eve kad dependency-ji imaju poznate CVE-eve.
3. Secret scanning
GitHub automatski skenira commits za API ključeve. Bitno za Copilot Workspace jer agent ponekad može slučajno commit-irati test API key.
4. Branch protection rules
U repo Settings → Branches → main:
- Require pull request reviews before merging
- Require status checks to pass before merging (CodeQL + testovi)
- Require signed commits
- Restrict who can push to main
Sad Copilot Workspace ne može direktno mergati u production bez ljudskog review-a.
Multi-developer team setup
U timu od 3-10 developera s Copilot Workspace pristupom:
Branch strategija:
main→ production (deploy → WMD live)develop→ staging (deploy → staging.tvojadomena.hr)feature/*→ preview deploys (deploy → preview-{slug}.tvojadomena.hr)
Preview deploys na WMD-u:
WMD ne radi automatske unique URL-eve kao Vercel, ali možeš setup-irati pattern:
- Wildcard subdomain:
*.preview.tvojadomena.hru DNS-u, pokazuje na isti server - cPanel ima wildcard subdomain handling
- GitHub Action skripta: po PR-u, kreira folder
/home/korisnik/previews/pr-123, build-a, postavlja virtualhost - PR komentari linkaju na preview URL
Kompleksniji setup, ali daje Vercel-style workflow bez Vercel cijena.
Monitoring i logging
Application monitoring
- Sentry — error tracking + performance monitoring (free tier 5k errors/mj)
- Datadog ili New Relic — APM ako trebaš deeper insight
- WMD Server Monitoring (cPanel Statistics) — basic CPU/RAM/disk graf
Log aggregation
cPanel ima error logs po default-u, ali za enterprise:
- Logtail / Better Stack / Papertrail — log aggregation servisi
- Self-hosted Loki + Grafana na WMD VPS-u
- cPanel Cron job koji rotira i šalje logs na external storage
Uptime monitoring
- UptimeRobot, Pingdom, Better Uptime
- Health check endpoint u tvojoj aplikaciji (
/api/healthkoji vraća 200 OK) - Status page javan za klijente
GitHub Codespaces + WMD — development environment
Ako tim koristi GitHub Codespaces (browser-based dev environments) zajedno s Copilot Workspace:
- Codespaces postavlja development environment u browser-u
- Dev environment ima istu konfiguraciju kao production WMD setup
- U
.devcontainer/devcontainer.jsonpostavi MySQL, Node.js verziju, sve dependency-ji - Lokalni preview u Codespaces, deploy na WMD nakon merge-a
Workflow: developer otvori Codespace (5 sekundi spin-up), Copilot Workspace mu pomaže razvijati, push na branch, PR review, merge → WMD production.
Realne troškovne usporedbe za enterprise tim
| Element | GitHub + Vercel | GitHub + WMD |
|---|---|---|
| GitHub Enterprise (10 seats) | 210 USD/mj | 210 USD/mj |
| Copilot Business / Enterprise | 190 USD/mj (10 seats) | 190 USD/mj (10 seats) |
| Vercel Pro (5 projekata) | 100-500 USD/mj | — |
| WMD Managed VPS (5 projekata) | — | 50-100 EUR/mj |
| Database (Vercel Postgres) | 50-200 USD/mj | 0 (uključen) |
| Email (Google Workspace 10 seats) | 60-120 USD/mj | 0 (uključen) |
| Redis (Upstash) | 10-50 USD/mj | 0 (uključen) |
| EU data residency | Compliance dodatak | Standardno |
Ukupna ušteda: 300-1000 USD/mj za srednji enterprise tim, plus EU compliance i hrvatski tehnički support.
Kad Copilot Workspace ne stigne — escalation paths
- Code review s senior developerom — branch protection rules forsiraju review prije merge-a
- Cursor IDE za live coding — kad agent-mode ne stigne, switch na live coding
- WMD enterprise support — 24/7/365 telefon i ticket, plus dedicated account manager za enterprise klijente
- Infrastructure consulting — pomažemo s skaliranjem na multi-server setup kad jedan VPS nije dovoljan
Kako započeti
Imaš tim koji koristi Copilot Workspace i razmišljaš o WMD-u kao deploy targetu?
- Pošalji nam mail na hello@wmd.hr s opisom tima i tipa projekata
- Zakažemo enterprise consultation — 30-60 min poziva s tvojim DevOps lead-om
- Pripremamo pilot setup (1-2 projekta na WMD) za sljedeća 4 tjedna
- Mjerimo deploy time, downtime, troškove vs Vercel
- Ako benefiti vidljivi, planiramo migration cijelog portfelja
Enterprise migration je rijetko quick win — to je 4-12 tjedana evaluacije i planiranja. Ali kad team-ovi vide razliku u troškovima i podrši, prelazak postaje strategijska odluka, ne tehnička.