Replace PR docs hook with agentic workflow#14526
Closed
joperezr wants to merge 1 commit into
Closed
Conversation
Replace the broken pr-docs-hook.yml workflow (expired PAT) with a new GitHub Agentic Workflow that: - Triggers on merged PRs against main and release/* branches - Uses an AI agent to analyze the PR diff for documentation needs - Creates tracking issues on microsoft/aspire.dev with appropriate milestones - Comments on the PR with results (docs needed or not) - Uses a GitHub App for cross-repo authentication (no more expiring PATs) - Enforces SafeOutputs for all write operations (security best practice) Also adds .github/aw/logs/ to .gitignore to prevent local agentic workflow debug logs from being committed. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
|
🚀 Dogfood this PR with:
curl -fsSL https://raw.githubusercontent.com/dotnet/aspire/main/eng/scripts/get-aspire-cli-pr.sh | bash -s -- 14526Or
iex "& { $(irm https://raw.githubusercontent.com/dotnet/aspire/main/eng/scripts/get-aspire-cli-pr.ps1) } 14526" |
Contributor
🎬 CLI E2E Test RecordingsThe following terminal recordings are available for commit
📹 Recordings uploaded automatically from CI run #22114492275 |
IEvangelist
approved these changes
Feb 18, 2026
| add-comment: | ||
| hide-older-comments: true | ||
|
|
||
| timeout-minutes: 15 |
Member
There was a problem hiding this comment.
No way... let this cook, it's a lot of work to do - I think we should timeout after something like 90 minutes.
Suggested change
| timeout-minutes: 15 | |
| timeout-minutes: 90 |
| Use the GitHub tools to read the full pull request details for the PR number above, | ||
| including the title, description, author, base branch, and the full diff of changes. | ||
| Pay special attention to the **base branch** (e.g., `main` or `release/X.Y`) and the | ||
| **PR author** username, as both are needed in later steps. |
Member
There was a problem hiding this comment.
Suggested change
| **PR author** username, as both are needed in later steps. | |
| **PR author** username, as both are needed in later steps. Also, make note of any issues that this PR addresses as that might be additional context for potentially answering any questions. |
IEvangelist
added a commit
to IEvangelist/aspire
that referenced
this pull request
Apr 7, 2026
Replace the broken pr-docs-hook.yml workflow (expired PAT, Copilot CLI) with a new GitHub Agentic Workflow (pr-docs-check.md) that: - Triggers on merged PRs against main and release/* branches - Analyzes the PR diff for documentation needs using an AI agent - Checks out microsoft/aspire.dev and follows the doc-writer SKILL - Creates a draft PR on microsoft/aspire.dev with actual docs changes - Comments on the original aspire PR with a link to the draft PR - Uses GitHub App auth (ASPIRE_BOT_APP_ID/ASPIRE_BOT_PRIVATE_KEY) for cross-repo operations instead of expiring PATs Also recompiles daily-repo-status.lock.yml with gh aw v0.67.1. Replaces microsoft#14526 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
16 tasks
IEvangelist
added a commit
that referenced
this pull request
Apr 7, 2026
* Replace pr-docs-hook with gh aw agentic workflow Replace the broken pr-docs-hook.yml workflow (expired PAT, Copilot CLI) with a new GitHub Agentic Workflow (pr-docs-check.md) that: - Triggers on merged PRs against main and release/* branches - Analyzes the PR diff for documentation needs using an AI agent - Checks out microsoft/aspire.dev and follows the doc-writer SKILL - Creates a draft PR on microsoft/aspire.dev with actual docs changes - Comments on the original aspire PR with a link to the draft PR - Uses GitHub App auth (ASPIRE_BOT_APP_ID/ASPIRE_BOT_PRIVATE_KEY) for cross-repo operations instead of expiring PATs Also recompiles daily-repo-status.lock.yml with gh aw v0.67.1. Replaces #14526 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix checkout and tools token scoping for cross-repo access - Add owner/repositories to checkout github-app so the token is scoped to aspire.dev (not the current repo) - Add 'aspire' to tools.github repositories so the agent can read PR details/diff from the source repo Addresses Copilot review feedback. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Member
radical
pushed a commit
that referenced
this pull request
Apr 7, 2026
* Replace pr-docs-hook with gh aw agentic workflow Replace the broken pr-docs-hook.yml workflow (expired PAT, Copilot CLI) with a new GitHub Agentic Workflow (pr-docs-check.md) that: - Triggers on merged PRs against main and release/* branches - Analyzes the PR diff for documentation needs using an AI agent - Checks out microsoft/aspire.dev and follows the doc-writer SKILL - Creates a draft PR on microsoft/aspire.dev with actual docs changes - Comments on the original aspire PR with a link to the draft PR - Uses GitHub App auth (ASPIRE_BOT_APP_ID/ASPIRE_BOT_PRIVATE_KEY) for cross-repo operations instead of expiring PATs Also recompiles daily-repo-status.lock.yml with gh aw v0.67.1. Replaces #14526 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix checkout and tools token scoping for cross-repo access - Add owner/repositories to checkout github-app so the token is scoped to aspire.dev (not the current repo) - Add 'aspire' to tools.github repositories so the agent can read PR details/diff from the source repo Addresses Copilot review feedback. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Replaces the broken
pr-docs-hook.ymlworkflow with a new GitHub Agentic Workflow (pr-docs-check.md).What was wrong
DOCS_COPILOT_TOKEN) for Copilot CLI authenticationmicrosoft/aspire.devwas also broken due to the expired tokenWhat this PR does
pr-docs-check.md): Uses natural language instructions for an AI agent to analyze merged PRs for documentation needsmainandrelease/*branchesmicrosoft/aspire.devand comments on the PR — all through SafeOutputs (agent runs read-only)microsoft/aspire.devbased on the target branch.github/aw/logs/to prevent local agentic workflow debug logs from being committedBefore merging
This PR is kept as draft while we register the required GitHub App for cross-repo authentication to
microsoft/aspire.dev. The app needs:dotnet/aspireandmicrosoft/aspire.devDOCS_APP_ID(variable) andDOCS_APP_PRIVATE_KEY(secret) configured ondotnet/aspireCOPILOT_GITHUB_TOKENsecret for the Copilot CLI engineOnce the GitHub App is registered and secrets are configured, this PR can be marked ready for review.