From 8b89bd30d2cecb66a40805ae8d1e4efd8effda13 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Oct 2025 16:40:14 +0000 Subject: [PATCH 1/7] Initial plan From bb7c8bad6d23ba4593ebb50cb67a72a2973d5caf Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Oct 2025 16:45:31 +0000 Subject: [PATCH 2/7] Add maintainer workflow for gh-aw upgrades Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- README.md | 3 ++ docs/maintainer.md | 86 +++++++++++++++++++++++++++++++++++++++++ workflows/maintainer.md | 76 ++++++++++++++++++++++++++++++++++++ 3 files changed, 165 insertions(+) create mode 100644 docs/maintainer.md create mode 100644 workflows/maintainer.md diff --git a/README.md b/README.md index 848e4411..ac0327fe 100644 --- a/README.md +++ b/README.md @@ -27,6 +27,9 @@ A sample family of reusable [GitHub Agentic Workflows](https://githubnext.github - [๐Ÿงช Daily Test Coverage Improver](docs/daily-test-improver.md) - Improve test coverage by adding meaningful tests to under-tested areas - [โšก Daily Performance Improver](docs/daily-perf-improver.md) - Analyze and improve code performance through benchmarking and optimization +### Maintenance Workflows +- [๐Ÿ”ง Maintainer](docs/maintainer.md) - Upgrade workflows to the latest version of gh-aw + > [!WARNING] The workflows that help with coding tasks should be installed with caution and used only experimentally, then disabled. While the tasks are executed within GitHub Actions and have no access to secrets, they still operate in an environment where outward network requests are allowed. This means untrusted inputs such as issue descriptions, comments, and code could potentially be exploited to direct the models to access external content that in turn could be malicious. Pull requests and other outputs must be reviewed very carefully before merging. ## ๐Ÿ’ฌ Share Feedback diff --git a/docs/maintainer.md b/docs/maintainer.md new file mode 100644 index 00000000..14efef50 --- /dev/null +++ b/docs/maintainer.md @@ -0,0 +1,86 @@ +# ๐Ÿ”ง Maintainer Workflow + +> For an overview of all available workflows, see the [main README](../README.md). + +The [maintainer workflow](../workflows/maintainer.md?plain=1) helps keep your agentic workflows up to date by automatically upgrading them to the latest version of gh-aw. It fetches the latest changes from the gh-aw repository, attempts to recompile all workflows, and either creates a pull request with the updates or an issue if compilation errors occur. + +## Installation + +```bash +# Install the 'gh aw' extension +gh extension install githubnext/gh-aw + +# Add the Maintainer workflow to your repository +gh aw add githubnext/agentics/maintainer --pr +``` + +This creates a pull request to add the workflow to your repository. After merging the PR and syncing to main, you can start a run of this workflow immediately by running: + +```bash +gh aw run maintainer +``` + +**Mandatory Checklist** + +* [ ] I am a repository admin or have sufficient permissions, and am happy for the safe-outputs portion of this workflow to create pull requests or issues in the repository. + +* [ ] I have enabled "Allow GitHub Actions to create and approve pull requests" in the repository settings under "Actions > General" + +* [ ] If in a fork, I have enabled "GitHub Actions" and "GitHub Issues" in the fork repository settings + +* [ ] I will review all pull requests very carefully and monitor the repository. + +## What it does + +1. **Fetches latest gh-aw changes**: Retrieves the CHANGELOG.md or release notes from the `githubnext/gh-aw` repository to understand new features, breaking changes, and migration instructions. + +2. **Installs latest gh-aw**: Upgrades the gh-aw CLI extension to the latest version using the GitHub token. + +3. **Attempts recompilation**: Tries to recompile all workflows in the `workflows/` directory with the new gh-aw version. + +4. **Fixes compilation errors**: If errors occur, analyzes them using the changelog and documentation, then attempts to fix the workflow files. + +5. **Creates outputs**: + - **Success**: Creates a pull request with upgraded workflows and any necessary fixes + - **Failure**: Creates an issue documenting the compilation errors and attempted fixes + +## Configuration + +This workflow requires no configuration and works out of the box. It will process all workflow markdown files in the `workflows/` directory. + +## What it reads from GitHub + +- Repository contents and workflow files +- CHANGELOG.md from the `githubnext/gh-aw` repository +- Release information and documentation from gh-aw + +## What it creates + +- Creates pull requests with upgraded workflows (if successful) +- Creates issues documenting upgrade failures (if compilation errors persist) +- Makes file changes to workflow files to fix compatibility issues +- May generate `.lock.yml` files during compilation +- Requires `contents: write`, `pull-requests: write`, and `issues: write` permissions + +## Human in the loop + +- Review pull requests created by this workflow to understand what changed +- Test the upgraded workflows before merging +- Investigate issues created by the workflow if compilation fails +- Manually fix complex migration issues that the workflow couldn't handle +- Disable or uninstall the workflow if not needed regularly + +## When to run + +- Run this workflow when you know a new version of gh-aw has been released +- Run it periodically (e.g., monthly) to stay up to date +- Run it before making other workflow changes to ensure compatibility +- Trigger manually via workflow_dispatch when needed + +## Troubleshooting + +If the workflow creates an issue instead of a PR: +1. Review the issue to understand what compilation errors occurred +2. Check the gh-aw changelog for migration instructions +3. Manually update the affected workflows based on the guidance +4. Re-run the maintainer workflow to verify the fixes work diff --git a/workflows/maintainer.md b/workflows/maintainer.md new file mode 100644 index 00000000..6122c7bf --- /dev/null +++ b/workflows/maintainer.md @@ -0,0 +1,76 @@ +--- +on: + workflow_dispatch: + +permissions: read-all + +network: defaults + +safe-outputs: + create-pull-request: + draft: false + create-issue: + title-prefix: "${{ github.workflow }}" + +tools: + github: + toolset: [all] + edit: true + web-fetch: + bash: [ ":*" ] + +timeout_minutes: 30 + +--- + +# Agentic Workflow Maintainer + +Your name is "${{ github.workflow }}". Your job is to upgrade the workflows in the GitHub repository `${{ github.repository }}` to the latest version of gh-aw. + +## Steps to follow: + +1. **Fetch the latest gh-aw changes**: + - Use the GitHub tools to fetch the CHANGELOG.md or release notes from the `githubnext/gh-aw` repository + - Review and understand the interesting changes, breaking changes, and new features in the latest version + - Pay special attention to any migration guides or upgrade instructions + +2. **Install the latest gh-aw CLI extension**: + - Run `gh extension install githubnext/gh-aw || gh extension upgrade githubnext/gh-aw` to install or upgrade to the latest version + - Verify the installation by running `gh aw version` to check the current version + +3. **Check the current workflows**: + - Run `gh aw version` on the workflows directory to see the current versions + - Identify which workflows exist in the `workflows/` directory + +4. **Attempt to recompile the workflows**: + - Clean up any existing `.lock.yml` files: `find workflows -name "*.lock.yml" -type f -delete` + - Run `gh aw compile --validate` on each workflow file in the `workflows/` directory + - Note any compilation errors or warnings + +5. **Fix compilation errors if they occur**: + - If there are compilation errors, analyze them carefully + - Review the gh-aw changelog and new documentation you fetched earlier + - Identify what changes are needed in the workflow files to make them compatible with the new version + - Make the necessary changes to the workflow markdown files to fix the errors + - Re-run `gh aw compile --validate` to verify the fixes work + - Iterate until all workflows compile successfully or you've exhausted reasonable fix attempts + +6. **Create appropriate outputs**: + - **If all workflows compile successfully**: Create a pull request with the title "Upgrade workflows to latest gh-aw version" containing: + - All updated workflow files + - Any generated `.lock.yml` files + - A detailed description of what changed, referencing the gh-aw changelog + - A summary of any manual fixes that were needed + + - **If there are compilation errors you cannot fix**: Create an issue with the title "Failed to upgrade workflows to latest gh-aw version" containing: + - The specific compilation errors you encountered + - What you tried to fix them + - Links to relevant sections of the gh-aw changelog or documentation + - The version of gh-aw you were trying to upgrade to + +## Important notes: +- Always check the gh-aw changelog first to understand breaking changes +- Test each fix by running `gh aw compile --validate` before moving to the next error +- Include context and reasoning in your PR or issue descriptions +- If you create a PR, make sure it includes all necessary changes for the workflows to compile + From bc132234706b45c5ab63c3a8b6ce405a3ed3c982 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Oct 2025 16:48:14 +0000 Subject: [PATCH 3/7] Fix workflow instructions and documentation Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- docs/maintainer.md | 2 +- workflows/maintainer.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/maintainer.md b/docs/maintainer.md index 14efef50..5bd7f01c 100644 --- a/docs/maintainer.md +++ b/docs/maintainer.md @@ -60,7 +60,7 @@ This workflow requires no configuration and works out of the box. It will proces - Creates issues documenting upgrade failures (if compilation errors persist) - Makes file changes to workflow files to fix compatibility issues - May generate `.lock.yml` files during compilation -- Requires `contents: write`, `pull-requests: write`, and `issues: write` permissions +- Uses `permissions: read-all` with `safe-outputs` mechanism for controlled write operations (PRs and issues) ## Human in the loop diff --git a/workflows/maintainer.md b/workflows/maintainer.md index 6122c7bf..ce154194 100644 --- a/workflows/maintainer.md +++ b/workflows/maintainer.md @@ -39,8 +39,8 @@ Your name is "${{ github.workflow }}". Your job is to upgrade the workflows in t - Verify the installation by running `gh aw version` to check the current version 3. **Check the current workflows**: - - Run `gh aw version` on the workflows directory to see the current versions - - Identify which workflows exist in the `workflows/` directory + - List all workflow markdown files in the `workflows/` directory + - Understand which workflows need to be compiled 4. **Attempt to recompile the workflows**: - Clean up any existing `.lock.yml` files: `find workflows -name "*.lock.yml" -type f -delete` From e7a30f447d44e308246ec4d3bd33d4aeb0456738 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Oct 2025 17:01:26 +0000 Subject: [PATCH 4/7] Remove maintainer documentation (internal workflow) Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- README.md | 3 -- docs/maintainer.md | 86 ---------------------------------------------- 2 files changed, 89 deletions(-) delete mode 100644 docs/maintainer.md diff --git a/README.md b/README.md index ac0327fe..848e4411 100644 --- a/README.md +++ b/README.md @@ -27,9 +27,6 @@ A sample family of reusable [GitHub Agentic Workflows](https://githubnext.github - [๐Ÿงช Daily Test Coverage Improver](docs/daily-test-improver.md) - Improve test coverage by adding meaningful tests to under-tested areas - [โšก Daily Performance Improver](docs/daily-perf-improver.md) - Analyze and improve code performance through benchmarking and optimization -### Maintenance Workflows -- [๐Ÿ”ง Maintainer](docs/maintainer.md) - Upgrade workflows to the latest version of gh-aw - > [!WARNING] The workflows that help with coding tasks should be installed with caution and used only experimentally, then disabled. While the tasks are executed within GitHub Actions and have no access to secrets, they still operate in an environment where outward network requests are allowed. This means untrusted inputs such as issue descriptions, comments, and code could potentially be exploited to direct the models to access external content that in turn could be malicious. Pull requests and other outputs must be reviewed very carefully before merging. ## ๐Ÿ’ฌ Share Feedback diff --git a/docs/maintainer.md b/docs/maintainer.md deleted file mode 100644 index 5bd7f01c..00000000 --- a/docs/maintainer.md +++ /dev/null @@ -1,86 +0,0 @@ -# ๐Ÿ”ง Maintainer Workflow - -> For an overview of all available workflows, see the [main README](../README.md). - -The [maintainer workflow](../workflows/maintainer.md?plain=1) helps keep your agentic workflows up to date by automatically upgrading them to the latest version of gh-aw. It fetches the latest changes from the gh-aw repository, attempts to recompile all workflows, and either creates a pull request with the updates or an issue if compilation errors occur. - -## Installation - -```bash -# Install the 'gh aw' extension -gh extension install githubnext/gh-aw - -# Add the Maintainer workflow to your repository -gh aw add githubnext/agentics/maintainer --pr -``` - -This creates a pull request to add the workflow to your repository. After merging the PR and syncing to main, you can start a run of this workflow immediately by running: - -```bash -gh aw run maintainer -``` - -**Mandatory Checklist** - -* [ ] I am a repository admin or have sufficient permissions, and am happy for the safe-outputs portion of this workflow to create pull requests or issues in the repository. - -* [ ] I have enabled "Allow GitHub Actions to create and approve pull requests" in the repository settings under "Actions > General" - -* [ ] If in a fork, I have enabled "GitHub Actions" and "GitHub Issues" in the fork repository settings - -* [ ] I will review all pull requests very carefully and monitor the repository. - -## What it does - -1. **Fetches latest gh-aw changes**: Retrieves the CHANGELOG.md or release notes from the `githubnext/gh-aw` repository to understand new features, breaking changes, and migration instructions. - -2. **Installs latest gh-aw**: Upgrades the gh-aw CLI extension to the latest version using the GitHub token. - -3. **Attempts recompilation**: Tries to recompile all workflows in the `workflows/` directory with the new gh-aw version. - -4. **Fixes compilation errors**: If errors occur, analyzes them using the changelog and documentation, then attempts to fix the workflow files. - -5. **Creates outputs**: - - **Success**: Creates a pull request with upgraded workflows and any necessary fixes - - **Failure**: Creates an issue documenting the compilation errors and attempted fixes - -## Configuration - -This workflow requires no configuration and works out of the box. It will process all workflow markdown files in the `workflows/` directory. - -## What it reads from GitHub - -- Repository contents and workflow files -- CHANGELOG.md from the `githubnext/gh-aw` repository -- Release information and documentation from gh-aw - -## What it creates - -- Creates pull requests with upgraded workflows (if successful) -- Creates issues documenting upgrade failures (if compilation errors persist) -- Makes file changes to workflow files to fix compatibility issues -- May generate `.lock.yml` files during compilation -- Uses `permissions: read-all` with `safe-outputs` mechanism for controlled write operations (PRs and issues) - -## Human in the loop - -- Review pull requests created by this workflow to understand what changed -- Test the upgraded workflows before merging -- Investigate issues created by the workflow if compilation fails -- Manually fix complex migration issues that the workflow couldn't handle -- Disable or uninstall the workflow if not needed regularly - -## When to run - -- Run this workflow when you know a new version of gh-aw has been released -- Run it periodically (e.g., monthly) to stay up to date -- Run it before making other workflow changes to ensure compatibility -- Trigger manually via workflow_dispatch when needed - -## Troubleshooting - -If the workflow creates an issue instead of a PR: -1. Review the issue to understand what compilation errors occurred -2. Check the gh-aw changelog for migration instructions -3. Manually update the affected workflows based on the guidance -4. Re-run the maintainer workflow to verify the fixes work From ba594eb8cbef1c27cf8a4023ce615e88ebabbc80 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Oct 2025 17:22:16 +0000 Subject: [PATCH 5/7] Move setup instructions to front matter steps Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- workflows/maintainer.md | 44 ++++++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 14 deletions(-) diff --git a/workflows/maintainer.md b/workflows/maintainer.md index ce154194..e3de8ad8 100644 --- a/workflows/maintainer.md +++ b/workflows/maintainer.md @@ -21,33 +21,49 @@ tools: timeout_minutes: 30 +steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install gh CLI + run: | + type -p curl >/dev/null || (sudo apt update && sudo apt install curl -y) + curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \ + && sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \ + && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null \ + && sudo apt update \ + && sudo apt install gh -y + + - name: Install gh-aw extension + run: | + gh extension install githubnext/gh-aw || gh extension upgrade githubnext/gh-aw + env: + GH_TOKEN: ${{ github.token }} + + - name: Verify gh-aw installation + run: gh aw version + env: + GH_TOKEN: ${{ github.token }} + --- # Agentic Workflow Maintainer Your name is "${{ github.workflow }}". Your job is to upgrade the workflows in the GitHub repository `${{ github.repository }}` to the latest version of gh-aw. -## Steps to follow: +## Instructions 1. **Fetch the latest gh-aw changes**: - Use the GitHub tools to fetch the CHANGELOG.md or release notes from the `githubnext/gh-aw` repository - Review and understand the interesting changes, breaking changes, and new features in the latest version - Pay special attention to any migration guides or upgrade instructions -2. **Install the latest gh-aw CLI extension**: - - Run `gh extension install githubnext/gh-aw || gh extension upgrade githubnext/gh-aw` to install or upgrade to the latest version - - Verify the installation by running `gh aw version` to check the current version - -3. **Check the current workflows**: - - List all workflow markdown files in the `workflows/` directory - - Understand which workflows need to be compiled - -4. **Attempt to recompile the workflows**: +2. **Attempt to recompile the workflows**: - Clean up any existing `.lock.yml` files: `find workflows -name "*.lock.yml" -type f -delete` - Run `gh aw compile --validate` on each workflow file in the `workflows/` directory - Note any compilation errors or warnings -5. **Fix compilation errors if they occur**: +3. **Fix compilation errors if they occur**: - If there are compilation errors, analyze them carefully - Review the gh-aw changelog and new documentation you fetched earlier - Identify what changes are needed in the workflow files to make them compatible with the new version @@ -55,7 +71,7 @@ Your name is "${{ github.workflow }}". Your job is to upgrade the workflows in t - Re-run `gh aw compile --validate` to verify the fixes work - Iterate until all workflows compile successfully or you've exhausted reasonable fix attempts -6. **Create appropriate outputs**: +4. **Create appropriate outputs**: - **If all workflows compile successfully**: Create a pull request with the title "Upgrade workflows to latest gh-aw version" containing: - All updated workflow files - Any generated `.lock.yml` files @@ -68,9 +84,9 @@ Your name is "${{ github.workflow }}". Your job is to upgrade the workflows in t - Links to relevant sections of the gh-aw changelog or documentation - The version of gh-aw you were trying to upgrade to -## Important notes: +## Important notes +- The gh-aw CLI extension has already been installed and is available for use - Always check the gh-aw changelog first to understand breaking changes - Test each fix by running `gh aw compile --validate` before moving to the next error - Include context and reasoning in your PR or issue descriptions -- If you create a PR, make sure it includes all necessary changes for the workflows to compile From a05b7bd666bd2105744a30eb3541c9b81ae159e1 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Oct 2025 17:26:03 +0000 Subject: [PATCH 6/7] Add repository_dispatch trigger support Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- workflows/maintainer.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/workflows/maintainer.md b/workflows/maintainer.md index e3de8ad8..d24cc014 100644 --- a/workflows/maintainer.md +++ b/workflows/maintainer.md @@ -1,6 +1,8 @@ --- on: workflow_dispatch: + repository_dispatch: + types: [maintainer] permissions: read-all From 74cedaed124552c287f4c6fd21a1b05b571fa02e Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Oct 2025 17:38:46 +0000 Subject: [PATCH 7/7] Simplify gh-aw installation steps Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com> --- workflows/maintainer.md | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/workflows/maintainer.md b/workflows/maintainer.md index d24cc014..01aaeaaa 100644 --- a/workflows/maintainer.md +++ b/workflows/maintainer.md @@ -27,18 +27,9 @@ steps: - name: Checkout repository uses: actions/checkout@v4 - - name: Install gh CLI - run: | - type -p curl >/dev/null || (sudo apt update && sudo apt install curl -y) - curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \ - && sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \ - && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null \ - && sudo apt update \ - && sudo apt install gh -y - - name: Install gh-aw extension run: | - gh extension install githubnext/gh-aw || gh extension upgrade githubnext/gh-aw + gh extension install githubnext/gh-aw env: GH_TOKEN: ${{ github.token }}