Add code-review agentic workflow by stephentoub · Pull Request #126066 · dotnet/runtime

stephentoub · 2026-03-25T01:21:07Z

Note

This PR was generated with the help of GitHub Copilot.

Add code-review agentic workflow

This adds a new agentic workflow (.github/workflows/code-review.md) that automatically reviews pull requests using the repository's code-review skill.

What it does

Triggers on pull_request events (opened, synchronize) — i.e., new PRs and new pushes to existing PRs
Reads .github/skills/code-review/SKILL.md at runtime for the full review process, analysis categories, output format, and verdict rules
Posts a structured review comment on the PR via add-comment safe output
Minimizes previous review comments when a new commit is pushed (hide-older-comments: true)

Configuration

Read-only agent permissions (contents: read, issues: read, pull-requests: read)
All writes go through safe-outputs (single add-comment with max: 1)
Includes the mandatory Copilot PAT pool integration
GitHub MCP tools (toolsets: [default]) for reading PR diffs, files, and metadata

Add an agentic workflow that runs on pull_request opened/synchronize events. It reads the code-review skill (SKILL.md) and posts a structured review comment on the PR using safe-outputs. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

dotnet-policy-service · 2026-03-25T01:22:15Z

Tagging subscribers to this area: @dotnet/runtime-infrastructure
See info in area-owners.md if you want to be subscribed.

Copilot

Pull request overview

Adds a new GitHub Agentic Workflow that runs the repository’s code-review skill automatically on PR updates and posts the results as a PR comment, with Copilot PAT pool integration and a compiled .lock.yml artifact.

Changes:

Introduce .github/workflows/code-review.md agentic workflow definition (triggered on PR opened/synchronize).
Add compiled workflow artifact .github/workflows/code-review.lock.yml.
Update .github/aw/actions-lock.json to include github/gh-aw-actions/setup@v0.63.1.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File	Description
`.github/workflows/code-review.md`	Defines the agentic “Code Review” workflow, safe-outputs policy, triggers, and prompt instructions.
`.github/workflows/code-review.lock.yml`	Generated/compiled workflow that will actually execute in GitHub Actions.
`.github/aw/actions-lock.json`	Locks the gh-aw setup action version used by the compiled workflow.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Copilot

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

ericstj · 2026-03-25T01:43:48Z

+    issues: false
+
+on:
+  pull_request:


You might also want workflow_dispatch to be able to force it to run

How does one force it to run?

BTW, as it is I can successfully rerun in the azdo UI like any other job in CI:

jeffhandley

Looks good!

stephentoub requested review from a team and jeffhandley as code owners March 25, 2026 01:21

Copilot AI review requested due to automatic review settings March 25, 2026 01:21

github-actions Bot added the area-Infrastructure label Mar 25, 2026

github-project-automation Bot added this to Runtime Infra Mar 25, 2026

dotnet-policy-service Bot assigned stephentoub Mar 25, 2026

Copilot started reviewing on behalf of stephentoub March 25, 2026 01:22 View session

hoyosjs approved these changes Mar 25, 2026

View reviewed changes

Copilot AI reviewed Mar 25, 2026

View reviewed changes

Comment thread .github/workflows/code-review.lock.yml

Comment thread .github/workflows/code-review.md

Comment thread .github/workflows/code-review.lock.yml

stephentoub and others added 2 commits March 24, 2026 21:28

Add search toolset, full git history, and pin Opus 4.6 model

89cdb1f

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Reduce checkout fetch-depth to 50

865e6c8

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Copilot AI review requested due to automatic review settings March 25, 2026 01:30

Copilot started reviewing on behalf of stephentoub March 25, 2026 01:31 View session

Copilot AI reviewed Mar 25, 2026

View reviewed changes

Comment thread .github/workflows/code-review.md

Comment thread .github/workflows/code-review.md

Add web-fetch tool to code-review workflow

1b29d13

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

stephentoub merged commit ed43860 into dotnet:main Mar 25, 2026
23 checks passed

github-project-automation Bot moved this to Done in Runtime Infra Mar 25, 2026

stephentoub deleted the dev/stoub/code-review-workflow branch March 25, 2026 01:40

ericstj reviewed Mar 25, 2026

View reviewed changes

jeffhandley reviewed Mar 25, 2026

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add code-review agentic workflow#126066

Add code-review agentic workflow#126066
stephentoub merged 4 commits intodotnet:mainfrom
stephentoub:dev/stoub/code-review-workflow

stephentoub commented Mar 25, 2026

Uh oh!

dotnet-policy-service Bot commented Mar 25, 2026

Uh oh!

Copilot AI left a comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Copilot AI left a comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

ericstj Mar 25, 2026

Uh oh!

stephentoub Mar 25, 2026

Uh oh!

danmoseley Apr 10, 2026

Uh oh!

jeffhandley left a comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

Conversation

stephentoub commented Mar 25, 2026