Conversation
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
…-a22a-4a12-933e-4d9562db4fbf
There was a problem hiding this comment.
Pull request overview
This PR fixes a failing GitHub Actions workflow build caused by incorrect label trigger schema validation. The root issue was that the label trigger parser was treating all event types (issues, pull_request, discussion) identically by adding a names field, but GitHub Actions only supports native label filtering for issues events. The fix differentiates event type handling: issues events now use the native labels field with a marker, while pull_request and discussion events use an internal names field that gets converted to job conditions.
Changes:
- Modified label trigger parser to use
labelsfield forissuesevents andnamesfield forpull_request/discussionevents - Updated unit tests to validate the differentiated handling
- Regenerated
refiner.lock.ymlworkflow with proper label filtering via job conditions - Added Code Refiner workflow to agent factory status page
- Simplified documentation for GitHub App token configuration (unrelated to main fix)
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
pkg/workflow/label_trigger_parser.go |
Core fix: differentiates label trigger handling by event type (labels for issues, names for pull_request/discussion) |
pkg/workflow/label_trigger_parser_test.go |
Updated tests to validate labels field for issues and names field for pull_request/discussion |
.github/workflows/refiner.lock.yml |
Regenerated workflow with commented-out names field and proper job condition filtering |
docs/src/content/docs/reference/frontmatter-full.md |
Simplified GitHub App token documentation (unrelated to label trigger fix) |
docs/src/content/docs/agent-factory-status.mdx |
Added Code Refiner workflow entry |
Comments suppressed due to low confidence (2)
docs/src/content/docs/reference/frontmatter-full.md:3439
- The documentation changes removing details about GitHub App per-job token narrowing and auto-revocation appear to be unrelated to the label trigger fix described in the PR description. This creates inconsistency because:
- The detailed documentation about token narrowing is still present in
docs/src/content/docs/reference/safe-outputs.md(lines 1372-1383) - The
docs/src/content/docs/reference/tokens.mdxfile still references this per-job narrowing behavior
Either these changes should be:
- Reverted (if they're unintentional)
- Applied consistently across all documentation files (if intentional)
- Moved to a separate PR focused on documentation cleanup (recommended)
# GitHub App credentials for minting installation access tokens. When configured,
# a token will be generated using the app credentials and used for all safe output
# operations.
pkg/workflow/label_trigger_parser.go:83
- The comment references
discussionevents not supporting thelabelsfield, but the actual logic on lines 116-119 uses thenamesfield for bothpull_requestanddiscussionevents. The comment should clarify that bothpull_requestanddiscussionevents don't support native GitHub Actions label filtering via thelabelsfield, so they use the internalnamesfield for job condition filtering instead.
// Note: For discussion events, GitHub Actions doesn't support the `labels` field,
// so we use the native label filter marker but the labels will be filtered via job conditions.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| switch entityType { | ||
| case "issues": | ||
| triggerConfig["labels"] = labelNames | ||
| triggerConfig["__gh_aw_native_label_filter__"] = true // Marker to use native filtering | ||
| case "pull_request", "discussion": | ||
| // For pull_request and discussion: add names field for job condition filtering | ||
| triggerConfig["names"] = labelNames | ||
| triggerConfig["__gh_aw_native_label_filter__"] = true // Marker to prevent commenting out names | ||
| // No marker - this will be filtered via job conditions | ||
| } |
There was a problem hiding this comment.
The integration test TestLabelTriggerIntegrationSimple expects the names field for issues events (line 43-48 in the test file), but the new implementation on line 114 uses the labels field for issues events instead. This test will fail when run with the integration build tag.
The test needs to be updated to check for the labels field for issues events, matching the new behavior where:
issuesevents use the native GitHub Actionslabelsfieldpull_requestanddiscussionevents use the internalnamesfield for job condition filtering
This issue also appears on line 82 of the same file.
|
|
||
| # Safe output processing configuration that automatically creates GitHub issues, | ||
| # comments, and pull requests from AI workflow output without requiring write | ||
| # permissions in the main job. When using GitHub App tokens (app:), permissions | ||
| # are automatically narrowed per-job to match only what's needed, and tokens are | ||
| # auto-revoked at job end. Multiple safe outputs in the same workflow receive the | ||
| # union of their required permissions. | ||
| # permissions in the main job |
There was a problem hiding this comment.
The documentation changes removing details about GitHub App per-job token narrowing and auto-revocation appear to be unrelated to the label trigger fix described in the PR description. This creates inconsistency because:
- The detailed documentation about token narrowing is still present in
docs/src/content/docs/reference/safe-outputs.md(lines 1372-1383) - The
docs/src/content/docs/reference/tokens.mdxfile still references this per-job narrowing behavior
Either these changes should be:
- Reverted (if they're unintentional)
- Applied consistently across all documentation files (if intentional)
- Moved to a separate PR focused on documentation cleanup (recommended)
This issue also appears on line 3437 of the same file.
pelikhan
deleted the
copilot/fix-github-actions-workflow-cee0e0c7-a22a-4a12-933e-4d9562db4fbf
branch
Label trigger shorthand (
on: pull_request labeled refine) was generating invalid GitHub Actions YAML. The compiler added alabelsfield to theonsection for all event types, but GitHub Actions only supports native label filtering forissuesevents—notpull_requestordiscussion.Changes
pkg/workflow/label_trigger_parser.go: Differentiate event types when expanding label trigger shorthandissues: Uselabelsfield with__gh_aw_native_label_filter__marker (native GitHub Actions filtering)pull_requestanddiscussion: Usenamesfield without marker (triggers job condition filtering)pkg/workflow/label_trigger_parser_test.go: Update tests to expect different fields per event typeResult
For
pull_requestevents, the generated YAML now correctly uses job conditions:For
issuesevents, native GitHub Actions filtering is preserved:Original prompt
💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.