fix: quality gate review approval + cron enable#174
Merged
Conversation
The submit_pull_request_review safe output doesn't support target: "*"
because its schema has no pull_request_number field. Per gh-aw docs,
the correct approach for workflow_dispatch is to set target to the
actual input value: ${{ inputs.pr_number }}.
Fixes #168
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…se/comment
add_labels needs target: "*" because its handler resolves the PR
from item_number in the agent output. submit_pull_request_review,
close_pull_request, and add_comment use target: ${{ inputs.pr_number }}
which the handler resolves directly.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Public repo — Actions minutes are unlimited and free. Cron catches new aw-labeled issues when the pipeline is idle and no event-driven triggers are firing. Part of #135 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…h + cron - Changelog: quality gate fix, safe output target lessons, cron enable - Pitfall #18: updated with target: ${{ inputs.pr_number }} guidance - Pitfall #21: safe output target values differ by handler type - History: 2026-03-19/20 entry (autonomous PRs, quality gate fix, cron) - Agent table: quality gate trigger updated, orchestrator triggers updated Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Fixes the autonomous pipeline’s quality-gate approval path by ensuring safe-output handlers can correctly resolve PR context when the workflow is triggered via workflow_dispatch, and enables periodic orchestration via cron.
Changes:
- Updated Quality Gate safe-outputs
targetto use${{ inputs.pr_number }}for handlers that can’t infer PR context fromtarget: "*". - Enabled a 5-minute cron schedule for the pipeline orchestrator.
- Updated docs/changelog to document the pitfall and the operational changes.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
docs/changelog.md |
Adds an entry documenting the quality-gate dispatch/approval fix and cron enablement. |
docs/agentic-workflows.md |
Updates safe-output target guidance and agent inventory/history notes. |
.github/workflows/quality-gate.md |
Fixes safe-output target values to correctly bind actions to ${{ inputs.pr_number }}. |
.github/workflows/quality-gate.lock.yml |
Regenerates compiled workflow with updated safe-output target configuration. |
.github/workflows/pipeline-orchestrator.yml |
Enables schedule trigger to run every 5 minutes. |
Comments suppressed due to low confidence (1)
.github/workflows/pipeline-orchestrator.yml:56
- The workflow is now triggered by
schedule, but thejobs.orchestrate.ifcondition doesn’t allowgithub.event_name == 'schedule', so cron-triggered runs will be skipped and the new schedule will never execute. Update the job-levelifto include thescheduleevent (and ensure any schedule-specific paths behave as intended).
schedule:
- cron: "*/5 * * * *"
concurrency:
group: pipeline-orchestrator
cancel-in-progress: true
permissions:
contents: write
pull-requests: write
issues: write
actions: write
jobs:
orchestrate:
runs-on: ubuntu-latest
# Skip pull_request_review unless PR has aw label
if: >-
github.event_name == 'workflow_dispatch' ||
github.event_name == 'push' ||
(github.event_name == 'workflow_run' && github.event.workflow_run.conclusion != 'cancelled') ||
(github.event_name == 'pull_request_review' && contains(github.event.pull_request.labels.*.name, 'aw'))
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
microsasa
pushed a commit
that referenced
this pull request
Mar 20, 2026
The cron trigger was added in PR #174 but the job-level if: condition did not include github.event_name == 'schedule', causing all cron runs to be skipped immediately. - Added 'schedule' to the if: condition - Changelog: new entry for this bug - Pitfall #22: always check if: conditions when adding triggers - History: noted the bug in 2026-03-19/20 entry Fixes #175 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
microsasa
pushed a commit
that referenced
this pull request
Mar 20, 2026
The cron trigger was added in PR #174 but the job-level if: condition did not include github.event_name == 'schedule', causing all cron runs to be skipped immediately. - Added 'schedule' to the if: condition - Changelog: new entry for this bug - Pitfall #22: always check if: conditions when adding triggers - History: noted the bug in 2026-03-19/20 entry Fixes #175 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The quality gate adds the
aw-quality-gate-approvedlabel successfully but fails to post the APPROVE review that triggers auto-merge. PRs #171 and #172 are both stuck on this right now.Root cause:
submit_pull_request_reviewsafe output was configured withtarget: "*", but its tool schema has nopull_request_numberfield — the agent can't specify which PR to review. The handler logs:Per gh-aw docs: for
workflow_dispatchtriggers, settargetto the actual input value (e.g.${{ inputs.pr_number }}), not"*".Changes
Quality Gate (
.md+.lock.yml)submit-pull-request-review:target: "*"→target: ${{ inputs.pr_number }}close-pull-request: same fixadd-comment: same fixadd-labels: kept astarget: "*"— its handler hasitem_numberfield, resolves differentlygh aw compileOrchestrator (
pipeline-orchestrator.yml)aw-labeled issues when pipeline is idle.Docs
target: ${{ inputs.pr_number }}guidanceTesting
Tested from branch via
gh workflow run quality-gate.lock.yml -f pr_number=167 --ref fix/quality-gate-review-approval:submit_pull_request_reviewposted APPROVE review successfullyadd_labelsfailed withtarget: ${{ inputs.pr_number }}(noitem_number) — fixed by switching totarget: "*"Fixes #168
Closes #135
Related: #165, #164, #173