Add daily-safe-output-integrator agentic workflow#21415
Merged
Conversation
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Add safe output integrator workflow
Add daily-safe-output-integrator agentic workflow
Mar 17, 2026
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a new daily agentic workflow (“Daily Safe Output Integrator”) intended to keep safe-output test fixtures and compiler test coverage aligned with the compiler’s supported safe-output types.
Changes:
- Adds the workflow source prompt/instructions for detecting missing safe-output coverage and generating fixtures/tests.
- Adds the compiled GitHub Actions workflow lockfile generated from the source workflow.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
.github/workflows/daily-safe-output-integrator.md |
Defines the agentic workflow prompt, tool allowlist, and templates for generating missing safe-output fixtures and Go tests. |
.github/workflows/daily-safe-output-integrator.lock.yml |
Generated compiled workflow that runs the agent daily and processes safe-output results. |
Comments suppressed due to low confidence (1)
.github/workflows/daily-safe-output-integrator.md:83
- The “Skip internal/special fields” guidance lists only a subset of non-output config keys, but
SafeOutputsConfigcontains many more configuration-only YAML keys (e.g.max-patch-size,runs-on,messages,mentions,footer, etc.). If the workflow truly relies on parsing YAML tags fromSafeOutputsConfig, the skip logic should be complete (or expressed as an allowlist of pointer-to-config output types) to avoid generating fixtures/tests for config-only fields.
The keys you're looking for are the YAML field names in the `SafeOutputsConfig` struct (lines ~443-490). These are the authoritative list of supported safe-output types.
**Extract and record**: Every `yaml:"<key>,omitempty"` found in `SafeOutputsConfig`. Skip internal/special fields like `jobs`, `github-app`, `env`, `github-token`, `allowed-domains`, `allowed-github-references`, `staged`, and `threat-detection` — those are configuration, not output types.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
| - "cat pkg/cli/workflows/*.md" | ||
| - "git status" | ||
| - "git diff --name-only" | ||
| - "python3 *" |
| - `submit-pull-request-review` | ||
| - `reply-to-pull-request-review-comment` | ||
| - `resolve-pull-request-review-thread` | ||
| - `create-code-scanning-alerts` |
Comment on lines
+84
to
+103
| The **testable safe-output types** are: | ||
| - `create-issue` | ||
| - `create-discussion` | ||
| - `update-discussion` | ||
| - `close-discussion` | ||
| - `close-issue` | ||
| - `close-pull-request` | ||
| - `mark-pull-request-as-ready-for-review` | ||
| - `add-comment` | ||
| - `create-pull-request` | ||
| - `create-pull-request-review-comment` | ||
| - `submit-pull-request-review` | ||
| - `reply-to-pull-request-review-comment` | ||
| - `resolve-pull-request-review-thread` | ||
| - `create-code-scanning-alerts` | ||
| - `autofix-code-scanning-alert` | ||
| - `add-labels` | ||
| - `remove-labels` | ||
| - `add-reviewer` | ||
| - `assign-milestone` |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds a daily agentic workflow that maintains test coverage parity between the compiler's supported safe-output types and the test fixtures in
pkg/cli/workflows/.What it does
SafeOutputsConfiginpkg/workflow/compiler_types.goas the authoritative type listpkg/cli/workflows/and Go test cases incompiler_safe_outputs_config_test.gotest-copilot-<type>.mdfixture and adds aTestAddHandlerManagerConfigEnvVartest casenoopif coverage is already completeFiles
daily-safe-output-integrator.mddaily-safe-output-integrator.lock.ymlCoverage gap (current)
13 safe-output types currently lack test workflows, including
create-discussion,close-issue,update-pull-request,remove-labels,missing-data, and project management types (create-project,update-project,create-project-status-update). The workflow includes ready-to-use templates for each.Original prompt
📱 Kick off Copilot coding agent tasks wherever you are with GitHub Mobile, available on iOS and Android.