Merged
Conversation
Adds two workflows that react to new issues and PRs: - `gardener-notify-event.yml` captures the triggering payload as an artifact on issue/PR open and on `devtools-gardener` label events. Uses `pull_request_target` so Dependabot- and fork-opened PRs still produce an artifact. - `gardener-notify-slack.yml` runs on `workflow_run` completion, downloads the artifact, applies the `devtools-gardener` label on first open, and posts a summary to Slack. Split into two workflows because Dependabot-triggered workflows lose write permissions and secret access; the `workflow_run` follow-up runs in the default-branch context with full permissions regardless of the upstream actor. Requires a `SLACK_GARDENER_BOT_TOKEN` secret and `GARDENER_SLACK_CHANNEL_ID` variable, plus a `devtools-gardener` label. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Adds a workflow that runs `anthropics/claude-code-action` to investigate GitHub issues in this gem, plus the skill it invokes. - `.github/workflows/gardener-investigate-issue.yml` triggers on the `devtools-investigate-for-gardener` label or `workflow_dispatch`. Posts a starter message to Slack, runs the investigation in a structured-output JSON schema, writes the report to the job summary, and posts a threaded follow-up with the Summary section to Slack. - `.claude/skills/investigating-github-issues/` contains the skill and a report template tailored for this gem (Ruby API client; scopes edits to `lib/`, `test/`, `docs/`, `CHANGELOG.md`, and `shopify_api.gemspec`; distinguishes gem-major version from Shopify API version; flags Rails-integration issues that belong in `Shopify/shopify_app`). - `.claude/skills/shared/references/version-maintenance-policy.md` is the shared policy referenced by the skill. Requires `ANTHROPIC_API_KEY` and `SLACK_GARDENER_BOT_TOKEN` secrets, `GARDENER_SLACK_CHANNEL_ID` variable, and a `devtools-investigate-for-gardener` label. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
byrichardpowell
force-pushed
the
add-gardener-workflows
branch
from
7913f64 to
f78d3c6
Compare
ryancbahan
approved these changes
Apr 20, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds the gardener tooling from
shopify-app-jsto this Ruby API client repo:gardener-notify-event.yml+gardener-notify-slack.yml— auto-label new issues/PRs withdevtools-gardenerand post a summary to Slack. Split into two workflows so Dependabot-opened PRs (which loseGITHUB_TOKENwrite access and Actions secrets) still get labeled and notified via theworkflow_runfollow-up.gardener-investigate-issue.yml— runsanthropics/claude-code-actionon issues labeleddevtools-investigate-for-gardener. Posts a starter Slack message, runs the investigation against a structured JSON schema, writes the report to the job summary, and threads the Summary section back to Slack..claude/skills/investigating-github-issues/— skill invoked by the workflow, tailored for this gem:lib/,test/,docs/,CHANGELOG.md, andshopify_api.gemspec.bundle/gem/rake/rubyfromallowed-toolsto block arbitrary execution from prompt injection.shopify_apigem major, and the Shopify API version (e.g.2025-01) — many "bug" reports are API-version-dictated behavior, not gem bugs.BREAKING_CHANGES_FOR_V*.mdandREST_RESOURCES.mdduring triage.CHANGELOG.mdentry under## Unreleased.Shopify/shopify_app.Setup required (post-merge)
devtools-gardener,devtools-investigate-for-gardenerANTHROPIC_API_KEY,SLACK_GARDENER_BOT_TOKEN(+ optionalANTHROPIC_BASE_URL)GARDENER_SLACK_CHANNEL_IDTest plan
devtools-gardeneranddevtools-investigate-for-gardenerlabelsdevtools-gardeneris applied and Slack gets a postdevtools-investigate-for-gardenerto a real issue — confirm the investigation runs and reports back🤖 Generated with Claude Code