diff --git a/docs/src/content/docs/guides/ephemerals.md b/docs/src/content/docs/guides/ephemerals.md index d584ff7f2e2..7975b45985c 100644 --- a/docs/src/content/docs/guides/ephemerals.md +++ b/docs/src/content/docs/guides/ephemerals.md @@ -111,6 +111,7 @@ Available operations: | `create_labels` | Create any repository labels referenced in safe-outputs that do not yet exist | | `clean_cache_memories` | Clean up outdated cache-memory entries (same as the automated scheduled cleanup) | | `validate` | Run full workflow validation with all linters and file an issue if findings are detected | +| `activity_report` | Generate a repository activity report for the last 24 hours, week, and month, and create an issue with the results | **Operation details:** @@ -119,6 +120,7 @@ Available operations: - **`create_labels`**: Runs `gh aw compile --json --no-emit`, collects all unique label names across workflows, and creates missing ones with deterministic pastel colors. Requires `issues: write` permission. - **`validate`**: Runs `gh aw compile --validate --no-emit --zizmor --actionlint --poutine --verbose`. If errors or warnings are found, creates or updates a GitHub issue titled `[aw] workflow validation findings` with the full output. - **`clean_cache_memories`**: Lists all caches with the `memory-` prefix, groups them by workflow, keeps the latest per group, and deletes older entries. +- **`activity_report`**: Runs `gh aw logs --format markdown` for the last 24 hours, 7 days, and 30 days (up to 1000 runs each), then creates an issue titled `[aw] agentic status report` with all three time-range sections as collapsible `
` blocks. Downloaded logs are cached under `./.cache/gh-aw/activity-report-logs`. The job has a 2-hour timeout and skips the 30-day query when the GitHub API is rate-limited. ### Maintenance Configuration diff --git a/docs/src/content/docs/guides/self-hosted-runners.md b/docs/src/content/docs/guides/self-hosted-runners.md index fbe18bd5e37..4bd193e453a 100644 --- a/docs/src/content/docs/guides/self-hosted-runners.md +++ b/docs/src/content/docs/guides/self-hosted-runners.md @@ -131,7 +131,7 @@ The generated `agentics-maintenance.yml` workflow defaults to `ubuntu-slim` for } ``` -This setting applies to every job in `agentics-maintenance.yml` (close-expired-entities, cleanup-cache-memory, run_operation, apply_safe_outputs, create_labels, and validate_workflows). Re-run `gh aw compile` after changing `aw.json` to regenerate the workflow. +This setting applies to every job in `agentics-maintenance.yml` (close-expired-entities, cleanup-cache-memory, run_operation, apply_safe_outputs, create_labels, validate_workflows, and activity_report). Re-run `gh aw compile` after changing `aw.json` to regenerate the workflow. > [!NOTE] > `aw.json` is separate from individual workflow frontmatter. It provides repository-level settings for generated infrastructure workflows. diff --git a/docs/src/content/docs/reference/safe-outputs-pull-requests.md b/docs/src/content/docs/reference/safe-outputs-pull-requests.md index fcd57dd4350..4583974d3d7 100644 --- a/docs/src/content/docs/reference/safe-outputs-pull-requests.md +++ b/docs/src/content/docs/reference/safe-outputs-pull-requests.md @@ -121,6 +121,7 @@ safe-outputs: update-pull-request: title: true # enable title updates (default: true) body: true # enable body updates (default: true) + update-branch: false # update PR branch with latest base before other updates (default: false) footer: false # omit AI-generated footer from body updates (default: true) max: 1 # max updates (default: 1) target: "*" # "triggering" (default), "*", or number @@ -130,6 +131,8 @@ safe-outputs: **Target**: `"triggering"` (requires PR event), `"*"` (any PR), or number (specific PR). +When `update-branch: true` is set, the handler calls the GitHub REST `pulls.updateBranch` API to merge the latest base branch changes into the PR branch before applying title or body updates. This requires `contents: write` permission; without it only `contents: read` is needed. The field can also be used alone (with `title: false` and `body: false`) to update the branch without changing the PR description. + When using `target: "*"`, the agent must provide `pull_request_number` in the output to identify which pull request to update. **Operation Types**: Same as `update-issue` (`append`, `prepend`, `replace`). Title updates always replace the existing title. Disable fields by setting to `false`. @@ -234,7 +237,8 @@ safe-outputs: - "**/*.lock" github-token: ${{ secrets.SOME_CUSTOM_TOKEN }} # optional custom token for permissions github-token-for-extra-empty-commit: ${{ secrets.CI_TOKEN }} # optional token to push empty commit triggering CI - fallback-as-pull-request: true # default: on non-fast-forward push failure, create fallback PR to original PR branch + fallback-as-pull-request: true # on non-fast-forward failure, create fallback PR to original PR branch (default: true) + ignore-missing-branch-failure: false # treat deleted/missing branch errors as skipped instead of failed (default: false) protected-files: fallback-to-issue # create review issue if protected files modified ``` @@ -286,6 +290,8 @@ If `push-to-pull-request-branch` (or `create-pull-request`) fails, the safe-outp When `fallback-as-pull-request` is enabled (default), non-fast-forward push failures trigger a fallback pull request that targets the original PR branch. Set `fallback-as-pull-request: false` to disable this fallback behavior. +When `ignore-missing-branch-failure: true` is set, push failures caused by a deleted or missing PR branch return `skipped: true` instead of a hard failure. This is useful when the PR branch may have been deleted before the safe-output job runs (for example, on auto-merged PRs). Without this flag, a missing branch is a terminal error. + ## Protected Files Both `create-pull-request` and `push-to-pull-request-branch` enforce protected file protection by default. Patches that modify package manifests, agent instruction files, or repository security configuration are refused unless you explicitly configure a policy.