Skip to content

Fix review workflow: add engine:copilot block and workflow_dispatch#594

Merged
PureWeen merged 4 commits intomainfrom
fix/review-workflow-engine
Apr 17, 2026
Merged

Fix review workflow: add engine:copilot block and workflow_dispatch#594
PureWeen merged 4 commits intomainfrom
fix/review-workflow-engine

Conversation

@PureWeen
Copy link
Copy Markdown
Owner

@PureWeen PureWeen commented Apr 17, 2026

The review.agent.md was missing the engine: block needed for the Copilot agent runtime to process the workflow. Without it, the /review slash command and auto-triggers weren't being picked up.

Changes:

  • Added engine: id: copilot, model: claude-sonnet-4.6 — tells the platform to use the Copilot agent runtime
  • Added workflow_dispatch with pr_number input for manual triggering
  • Added top-level if: condition for event filtering

Modeled after dotnet/maui's copilot-evaluate-tests.md format.

PureWeen and others added 4 commits April 16, 2026 19:23
@PureWeen
Add engine:copilot block and workflow_dispatch to review workflow
0a98094 
The review.agent.md was missing the engine: block needed for the
Copilot agent runtime to process the workflow. Added:
- engine: id: copilot, model: claude-sonnet-4.6
- workflow_dispatch with pr_number input for manual triggering
- Top-level if: condition for event filtering

Modeled after dotnet/maui's copilot-evaluate-tests.md format.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@PureWeen
Fix review workflow: add engine:copilot, compile lock file
9f42056 
- Add engine: id: copilot block (required for agent runtime)
- Add workflow_dispatch with pr_number input
- Compile with gh aw compile to generate .lock.yml
- Remove pull_request trigger (can't combine with slash_command)
- Remove issues:write and label management (gh-aw strict mode)
- Permissions are read-only; writes go through safe-outputs

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@PureWeen
Add gh-aw workflow guidelines from dotnet/maui
2da2410 
Copies the gh-aw (GitHub Agentic Workflows) instructions file from
dotnet/maui. Covers: anti-patterns, execution model, security
boundaries, fork handling, compilation, safe-outputs patterns,
and troubleshooting.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@PureWeen
Fix safe-outputs: use hyphens (gh-aw convention), recompile
f4c238d 
gh-aw safe-output keys must use hyphens (kebab-case), not underscores.
The compiler normalizes them to underscores in the lock file. Using
underscores in the source caused the compiler to silently drop them,
resulting in no PR review tools in the compiled workflow.

Reverts the underscore change from PR #593 commit 10 — msbuild's
original hyphenated format was correct.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@PureWeen
Copy link
Copy Markdown
Owner Author

PureWeen commented Apr 17, 2026

🔍 Multi-Model Code Review — PR #594

PR: Fix review workflow: add engine:copilot block and workflow_dispatch
CI Status: ⚠️ No CI checks reported
Reviewers: 3 independent reviewers

🔴 CRITICAL (found and fixed during review)

Safe-output keys must use hyphens, not underscores

Flagged by: 2/3 reviewers, confirmed by recompilation

PR #593 commit 10 changed safe-output keys from hyphens to underscores. This caused gh aw compile to silently drop them — the compiled lock file had NO PR review tools (create_pull_request_review_comment, submit_pull_request_review, add_comment all missing). The safe_outputs job also lacked pull-requests: write.

Root cause: gh-aw expects hyphens (kebab-case) in source .md files and normalizes to underscores in compiled output. msbuild's original format was correct.

Fix applied: Reverted to hyphens in commit f4c238d. Recompilation confirmed all 3 tools + pull-requests: write now appear in the lock file.

✅ Verified Correct

Change Status
engine: id: copilot, model: claude-sonnet-4.6 ✅ Correct — required for agent runtime
workflow_dispatch with pr_number input ✅ Correctly wired in lock file
if: condition (issue_comment || workflow_dispatch) ✅ Matches compiled output
pull_request trigger removed ✅ Required — gh-aw can't combine with slash_command
Label management removed ✅ Clean — no orphaned references
PR number expression includes inputs.pr_number ✅ Covers all trigger paths
permissions: read in source ✅ Correct — gh-aw strict mode requires safe-outputs for writes
gh-aw-workflows.instructions.md from dotnet/maui ✅ Safe — documentation only
.gitattributes marks lock as generated ✅ Correct
actions-lock.json pins action SHAs ✅ Correct

🟢 MINOR

Description says "automatically" but auto-trigger is removed

Flagged by: 1/3 reviewers

The workflow description still says "automatically for trusted contributors" but pull_request auto-trigger was removed. Can be updated in follow-up. Not blocking — the auto-trigger can be restored via a separate workflow file.

Recommended Action

Approve — the critical safe-outputs issue was found and fixed during this review. All changes are now correct and the workflow compiles cleanly with all required tools.

@PureWeen PureWeen merged commit 0241e1c into main Apr 17, 2026
@PureWeen PureWeen deleted the fix/review-workflow-engine branch April 17, 2026 01:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@PureWeen