Skip to content

ci(copilot-review): migrate from gh-dagentic to release/@v1#5

Merged
arthur-debert merged 1 commit into
mainfrom
chore/migrate-copilot-review-pointer
May 8, 2026
Merged

ci(copilot-review): migrate from gh-dagentic to release/@v1#5
arthur-debert merged 1 commit into
mainfrom
chore/migrate-copilot-review-pointer

Conversation

@arthur-debert

Copy link
Copy Markdown
Owner

Migrates .github/workflows/copilot-review.yml from arthur-debert/gh-dagentic/.github/workflows/copilot-review.yml@main to arthur-debert/release/.github/workflows/copilot-review.yml@v1.

Why

The gh-dagentic reusable workflow authenticates with GITHUB_TOKEN. GITHUB_TOKEN authenticates as github-actions[bot] (Integration actor), and Integration actors silently no-op the Copilot review-attach. So gh pr edit --add-reviewer @copilot returned the PR URL with no error, but added nothing.

release/@v1 fixes this by requiring the caller to pass a user PAT (RELEASE_TOKEN) via secrets.gh_token.

Caught by

bin/audit-smoke-test against arthur-debert/dodot, which opened a real PR and verified the Copilot reviewer did not actually get attached even though the workflow ran successfully. See arthur-debert/release#2.

Auto-generated

This PR was opened by bin/migrate-copilot-review. Same change rolling out to all other consumers.

The previous reusable workflow at arthur-debert/gh-dagentic/.github/workflows/copilot-review.yml@main
authenticates with GITHUB_TOKEN, which is github-actions[bot]
(Integration actor). Integration actors silently no-op Copilot
review-attach: 'gh pr edit --add-reviewer @copilot' returns the PR
URL with no error but adds nothing.

release/@v1 requires the caller to pass a user PAT via
secrets.gh_token. RELEASE_TOKEN already exists on this repo (or
will once propagated), so wiring it through fixes the silent
failure.

Caught by bin/audit-smoke-test on arthur-debert/dodot — this commit
sweeps the rest.

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR migrates the repository’s Copilot review-request GitHub Actions workflow to a newer reusable workflow that supports authenticating with a user PAT (instead of GITHUB_TOKEN) so that the Copilot reviewer is actually attached to PRs.

Changes:

  • Switch reusable workflow reference from arthur-debert/gh-dagentic/...@main to arthur-debert/release/...@v1.
  • Pass a caller-provided PAT (secrets.RELEASE_TOKEN) into the reusable workflow via secrets.gh_token.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +13 to +17
uses: arthur-debert/release/.github/workflows/copilot-review.yml@v1
with:
pr_number: ${{ github.event.pull_request.number }}
secrets:
gh_token: ${{ secrets.RELEASE_TOKEN }}
@arthur-debert arthur-debert merged commit 49cd446 into main May 8, 2026
6 checks passed
@arthur-debert arthur-debert deleted the chore/migrate-copilot-review-pointer branch May 8, 2026 20:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants