Skip to content

fix: gate agent workflows on aw label#119

Merged
microsasa merged 1 commit intomainfrom
fix/workflow-label-gate
Mar 16, 2026
Merged

fix: gate agent workflows on aw label#119
microsasa merged 1 commit intomainfrom
fix/workflow-label-gate

Conversation

@microsasa
Copy link
Owner

@microsasa microsasa commented Mar 16, 2026

Problem

Agent workflows (review-responder, quality-gate) fire on every pull_request_review event — including human-authored PRs without the aw label. The aw label check was only in the agent prompt instructions (soft guard), so the agent still activated, burned compute + inference tokens, then noop'd.

Discovered on PR #118 — both agents ran on a manually-created PR.

Fix

Added if: contains(github.event.pull_request.labels.*.name, 'aw') to both workflow frontmatters. This compiles to a job-level if: on the activation job via gh-aw, so the workflow skips entirely at the GitHub Actions level — zero tokens burned.

Files changed

  • .github/workflows/review-responder.md — added if: condition
  • .github/workflows/quality-gate.md — added if: condition
  • Both .lock.yml files — recompiled

Note

Since pull_request_review uses workflow files from the base branch (main), this gate won't be active until after merge. The agents will still fire on this PR itself (but will noop on the label check in their prompt).

Refs #119

fix: gate agent workflows on aw label via if: condition
d290f3e 
Agent workflows (review-responder, quality-gate) were firing on ALL
pull_request_review events regardless of PR author or labels. The aw
label check was only in the agent prompt (soft guard) — the agent still
activated and burned tokens before noop'ing.

Added if: contains(github.event.pull_request.labels.*.name, 'aw') to
both workflow frontmatters. This compiles to a job-level if: on the
activation job, so the workflow skips entirely without burning any
compute or inference tokens.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings March 16, 2026 02:40
Copilot AI reviewed Mar 16, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR prevents agent workflows from activating on human-authored PR reviews by gating the gh-aw workflows on the presence of the aw label, so GitHub Actions skips the run before any agent compute is spent.

Changes:

  • Add a frontmatter if: condition to gate review-responder on aw label presence.
  • Add a frontmatter if: condition to gate quality-gate on aw label presence.
  • Recompile both workflows so the .lock.yml files include the corresponding jobs.activation.if guard.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File Description
.github/workflows/review-responder.md Adds an if: frontmatter guard to only run on PRs labeled aw.
.github/workflows/review-responder.lock.yml Compiled output now gates the activation job with the aw label check.
.github/workflows/quality-gate.md Adds an if: frontmatter guard to only run on PRs labeled aw.
.github/workflows/quality-gate.lock.yml Compiled output now gates the activation job with the aw label check.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@microsasa microsasa merged commit 3cd3d08 into main Mar 16, 2026
9 checks passed
@microsasa microsasa deleted the fix/workflow-label-gate branch March 16, 2026 02:48
microsasa pushed a commit that referenced this pull request Mar 16, 2026
docs: add label gate fix + correct pull_request_review ref behavior
f312ddc 
- Changelog: PR #119 label gate fix, pull_request_review ref finding
- Agentic workflows: updated activation section with if: condition,
  corrected pitfall #6 (head branch, not default branch),
  added history entry for 2026-03-16

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@microsasa microsasa mentioned this pull request Mar 16, 2026
Closed
microsasa pushed a commit that referenced this pull request Mar 16, 2026
docs: full history of pr-rescue saga, new pitfalls, changelog
5fa395c 
- Architecture diagram: orchestrator owns full lifecycle (issue → PR → merge)
- PR Rescue section → Pipeline Orchestrator + Review Responder Thread ID sections
- Fixed pitfall #6: head branch, not default (verified empirically on PR #119)
- New pitfalls #13-17: MCP thread IDs, safe-output can't force-push,
  bash fragility in Actions, PAT owner identity, if: frontmatter gating
- Full history: 3 rewrites of pr-rescue (bash → gh-aw agent → orchestrator),
  13 bugs found across 4 AI review rounds, lessons learned
- Changelog: orchestrator, responder fix, label gate fix

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@microsasa