Add agentic workflow for cross-SDK consistency enforcement #95
Conversation
Co-authored-by: friggeri <106686+friggeri@users.noreply.github.com>
…workflow Co-authored-by: friggeri <106686+friggeri@users.noreply.github.com>
|
@copilot we need this to work on any PR, not just those that have been authored by maintainers, so you might need to adjust |
Co-authored-by: friggeri <106686+friggeri@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
This PR introduces an agentic workflow to enforce cross-SDK consistency across the Node.js, Python, Go, and .NET clients, and updates the existing issue triage workflow to the latest gh-aw tooling and safe-outputs patterns.
Changes:
- Add
.github/workflows/sdk-consistency-review.mddefining an SDK Consistency Review Agent that inspects PRs touching any SDK directory and checks for cross-language API and feature parity. - Add the compiled
.github/workflows/sdk-consistency-review.lock.ymlGitHub Actions workflow that runs the Copilot-based agent with safe-outputs, threat detection, and artifact logging. - Regenerate and upgrade
.github/workflows/issue-triage.lock.ymltogh-awv0.37.10, adopting the same safe-outputs/MCP gateway patterns and updated tooling.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
.github/workflows/sdk-consistency-review.md |
Defines the high-level agentic workflow: triggers, permissions, safe-output limits, and detailed review instructions for enforcing cross-SDK consistency. |
.github/workflows/sdk-consistency-review.lock.yml |
Compiled, executable workflow wiring the SDK consistency agent into GitHub Actions, including activation gating, Copilot CLI execution, safe-outputs processing, and threat detection. |
.github/workflows/issue-triage.lock.yml |
Updates the Issue Triage Agent to the newer gh-aw release, aligning it with the same safe-outputs, MCP gateway, and Copilot CLI install patterns used by the new SDK consistency workflow. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| jobs: | ||
| activation: | ||
| if: (github.event_name != 'pull_request') || (github.event.pull_request.head.repo.id == github.repository_id) |
There was a problem hiding this comment.
The activation job condition (github.event_name != 'pull_request') || (github.event.pull_request.head.repo.id == github.repository_id) means this workflow will not run for PRs opened from forks, only for PRs whose head branch is in this repository. The PR description claims the agent "runs on all PRs regardless of contributor role"/"roles: all", but that is not accurate given this gating. If the intent is to review PRs from external contributors working from forks, you’ll need to adjust this condition and/or restructure how secrets like COPILOT_GITHUB_TOKEN are used so that the agent can run safely on forked PRs, or otherwise update the description to match the actual behavior.
This repository maintains four SDK implementations (Node.js, Python, Go, .NET) that must maintain feature parity. When PRs modify one SDK, there's no automated check to ensure equivalent functionality exists or is being updated in the others.
Changes
Created
.github/workflows/sdk-consistency-review.md: Agentic workflow that reviews PRs touching SDK codenodejs/,python/,go/, ordotnet/directoriesroles: allto run on PRs from any contributor (not just maintainers)Compiled to
.github/workflows/sdk-consistency-review.lock.yml: Executable GitHub Actions workflowBehavior
The agent identifies which SDK(s) are modified, analyzes the feature/fix being implemented, and checks for equivalent functionality in other implementations. It distinguishes between:
Uses safe-outputs for write operations (max 10 inline comments, 1 summary per run) with read-only permissions. Runs on all PRs regardless of contributor role to ensure comprehensive consistency checking across the codebase.
Original prompt
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.