Skip to content

Commit dec6038

Browse files
jsquireCopilot
andauthored
[EngSys] Agentic Triage Workflow (Azure#49653)
* [EngSys] Agentic Triage Workflow The focus of these changes is to move from the legacy JimBot issue triage to an agentic workflow version. This improves accuracy of labeling and adds support for identifying bot-sourced issues and issues for deprecated packages. * Ignore gh-aw lock-file actionlint false-positives actionlint v1.7.12 (latest release) does not recognize the newer GitHub Actions features emitted in the generated gh-aw lock files: the 'copilot-requests' permission scope and the 'queue' key under 'concurrency'. Add path-scoped ignores in .github/actionlint.yaml for *.lock.yml only, so hand-authored workflows remain fully linted. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Adding .cspell ignores * Fixing .cspell again and addressing inconsistencies. * Applying feedback and normalizing .NET and Java versions to new AW infrastructure. * Update aw platform --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1 parent f44b9ff commit dec6038

10 files changed

Lines changed: 2863 additions & 1 deletion

File tree

.gitattributes

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,3 +27,5 @@
2727
*.jar binary
2828
*.so binary
2929
*.war binary
30+
31+
.github/workflows/*.lock.yml linguist-generated=true merge=ours

.github/actionlint.yaml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,15 @@
11
self-hosted-runner:
22
labels:
33
- 1ES.Pool=azsdk-pool-github-runners
4+
5+
# Generated GitHub Agentic Workflow (gh-aw) lock files use newer GitHub Actions
6+
# features that actionlint (v1.7.12, the latest release) does not yet recognize:
7+
# - the "copilot-requests" permission scope
8+
# - the "queue" key under "concurrency"
9+
# These are valid GitHub features, so ignore those specific false-positives for the
10+
# generated *.lock.yml files only. Hand-authored workflows remain fully linted.
11+
paths:
12+
.github/workflows/*.lock.yml:
13+
ignore:
14+
- 'unknown permission scope "copilot-requests"'
15+
- 'unexpected key "queue" for "concurrency" section'
Lines changed: 226 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,226 @@
1+
---
2+
name: Agentic Workflows
3+
description: GitHub Agentic Workflows (gh-aw) - Create, debug, and upgrade AI-powered workflows with intelligent prompt routing.
4+
disable-model-invocation: true
5+
---
6+
7+
# GitHub Agentic Workflows Agent
8+
9+
This agent helps you work with **GitHub Agentic Workflows (gh-aw)**, a CLI extension for creating AI-powered workflows in natural language using markdown files.
10+
11+
## What This Agent Does
12+
13+
This is a **dispatcher agent** that routes your request to the appropriate specialized prompt based on your task:
14+
15+
- **Creating new workflows**: Routes to `create` prompt
16+
- **Updating existing workflows**: Routes to `update` prompt
17+
- **Debugging workflows**: Routes to `debug` prompt
18+
- **Upgrading workflows**: Routes to `upgrade-agentic-workflows` prompt
19+
- **Creating report-generating workflows**: Routes to `report` prompt — consult this whenever the workflow posts status updates, audits, analyses, or any structured output as issues, discussions, or comments
20+
- **Creating shared components**: Routes to `create-shared-agentic-workflow` prompt
21+
- **Fixing Dependabot PRs**: Routes to `dependabot` prompt — use this when Dependabot opens PRs that modify generated manifest files (`.github/workflows/package.json`, `.github/workflows/requirements.txt`, `.github/workflows/go.mod`). Never merge those PRs directly; instead update the source `.md` files and rerun `gh aw compile --dependabot` to bundle all fixes
22+
- **Analyzing test coverage**: Routes to `test-coverage` prompt — consult this whenever the workflow reads, analyzes, or reports on test coverage data from PRs or CI runs
23+
- **Rendering ASCII charts in markdown**: Routes to `asciicharts` guide — consult this whenever the workflow needs compact charts that render reliably in GitHub issues, comments, or discussions
24+
- **CLI commands and triggering workflows**: Routes to `cli-commands` guide — consult this whenever the user asks how to run, compile, debug, or manage workflows from the command line, or when they need the MCP tool equivalent of a `gh aw` command
25+
- **Reducing token consumption / cost optimization**: Routes to `token-optimization` guide — consult this whenever the user asks how to reduce token usage, lower costs, speed up workflows, or measure the impact of prompt changes with experiments
26+
- **Choosing workflow architectures and design patterns**: Routes to `patterns` guide — consult this whenever the user asks for strategy, architecture, operating models, or pattern selection for agentic workflows
27+
28+
Workflows may optionally include:
29+
30+
- **Project tracking / monitoring** (GitHub Projects updates, status reporting)
31+
- **Orchestration / coordination** (one workflow assigning agents or dispatching and coordinating other workflows)
32+
33+
## Files This Applies To
34+
35+
- Workflow files: `.github/workflows/*.md` and `.github/workflows/**/*.md`
36+
- Workflow lock files: `.github/workflows/*.lock.yml`
37+
- Shared components: `.github/workflows/shared/*.md`
38+
- Configuration: `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/github-agentic-workflows.md`
39+
40+
## Problems This Solves
41+
42+
- **Workflow Creation**: Design secure, validated agentic workflows with proper triggers, tools, and permissions
43+
- **Workflow Debugging**: Analyze logs, identify missing tools, investigate failures, and fix configuration issues
44+
- **Version Upgrades**: Migrate workflows to new gh-aw versions, apply codemods, fix breaking changes
45+
- **Component Design**: Create reusable shared workflow components that wrap MCP servers
46+
47+
## How to Use
48+
49+
When you interact with this agent, it will:
50+
51+
1. **Understand your intent** - Determine what kind of task you're trying to accomplish
52+
2. **Route to the right prompt** - Load the specialized prompt file for your task
53+
3. **Execute the task** - Follow the detailed instructions in the loaded prompt
54+
55+
## Available Prompts
56+
57+
> **Note**: The prompt and reference files listed below are located in the [`github/gh-aw`](https://github.com/github/gh-aw) repository and are **not available locally** in this repository. Load them from their public URLs.
58+
59+
### Create New Workflow
60+
**Load when**: User wants to create a new workflow from scratch, add automation, or design a workflow that doesn't exist yet
61+
62+
**Prompt file**: `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/create-agentic-workflow.md`
63+
64+
**Use cases**:
65+
- "Create a workflow that triages issues"
66+
- "I need a workflow to label pull requests"
67+
- "Design a weekly research automation"
68+
69+
### Update Existing Workflow
70+
**Load when**: User wants to modify, improve, or refactor an existing workflow
71+
72+
**Prompt file**: `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/update-agentic-workflow.md`
73+
74+
**Use cases**:
75+
- "Add web-fetch tool to the issue-classifier workflow"
76+
- "Update the PR reviewer to use discussions instead of issues"
77+
- "Improve the prompt for the weekly-research workflow"
78+
79+
### Debug Workflow
80+
**Load when**: User needs to investigate, audit, debug, or understand a workflow, troubleshoot issues, analyze logs, or fix errors
81+
82+
**Prompt file**: `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/debug-agentic-workflow.md`
83+
84+
**Use cases**:
85+
- "Why is this workflow failing?"
86+
- "Analyze the logs for workflow X"
87+
- "Investigate missing tool calls in run #12345"
88+
89+
### Upgrade Agentic Workflows
90+
**Load when**: User wants to upgrade workflows to a new gh-aw version or fix deprecations
91+
92+
**Prompt file**: `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/upgrade-agentic-workflows.md`
93+
94+
**Use cases**:
95+
- "Upgrade all workflows to the latest version"
96+
- "Fix deprecated fields in workflows"
97+
- "Apply breaking changes from the new release"
98+
99+
### Create a Report-Generating Workflow
100+
**Load when**: The workflow being created or updated produces reports — recurring status updates, audit summaries, analyses, or any structured output posted as a GitHub issue, discussion, or comment
101+
102+
**Prompt file**: `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/report.md`
103+
104+
**Use cases**:
105+
- "Create a weekly CI health report"
106+
- "Post a daily security audit to Discussions"
107+
- "Add a status update comment to open PRs"
108+
109+
### Create Shared Agentic Workflow
110+
**Load when**: User wants to create a reusable workflow component or wrap an MCP server
111+
112+
**Prompt file**: `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/create-shared-agentic-workflow.md`
113+
114+
**Use cases**:
115+
- "Create a shared component for Notion integration"
116+
- "Wrap the Slack MCP server as a reusable component"
117+
- "Design a shared workflow for database queries"
118+
119+
### Fix Dependabot PRs
120+
**Load when**: User needs to close or fix open Dependabot PRs that update dependencies in generated manifest files (`.github/workflows/package.json`, `.github/workflows/requirements.txt`, `.github/workflows/go.mod`)
121+
122+
**Prompt file**: `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/dependabot.md`
123+
124+
**Use cases**:
125+
- "Fix the open Dependabot PRs for npm dependencies"
126+
- "Bundle and close the Dependabot PRs for workflow dependencies"
127+
- "Update @playwright/test to fix the Dependabot PR"
128+
129+
### Analyze Test Coverage
130+
**Load when**: The workflow reads, analyzes, or reports test coverage — whether triggered by a PR, a schedule, or a slash command. Always consult this prompt before designing the coverage data strategy.
131+
132+
**Prompt file**: `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/test-coverage.md`
133+
134+
**Use cases**:
135+
- "Create a workflow that comments coverage on PRs"
136+
- "Analyze coverage trends over time"
137+
- "Add a coverage gate that blocks PRs below a threshold"
138+
139+
### CLI Commands Reference
140+
**Load when**: The user asks how to run, compile, debug, or manage workflows from the command line; needs the MCP tool equivalent of a `gh aw` command; or is in a restricted environment (e.g., Copilot Cloud) without direct CLI access.
141+
142+
**Reference file**: `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/cli-commands.md`
143+
144+
**Use cases**:
145+
- "How do I trigger workflow X on the main branch?"
146+
- "What's the MCP equivalent of `gh aw logs`?"
147+
- "I'm in Copilot Cloud — how do I compile a workflow?"
148+
- "Show me all available gh aw commands"
149+
150+
### Token Consumption Optimization
151+
**Load when**: The user asks how to reduce token usage, lower workflow costs, make a workflow faster or cheaper, or measure the impact of prompt or configuration changes.
152+
153+
**Reference file**: `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/token-optimization.md`
154+
155+
**Use cases**:
156+
- "How do I reduce the token cost of this workflow?"
157+
- "My workflow is too expensive — how do I optimize it?"
158+
- "How do I compare token usage between two runs?"
159+
- "Should I use gh-proxy or the MCP server?"
160+
- "How do I use sub-agents to reduce costs?"
161+
- "How do I measure the impact of a prompt change?"
162+
163+
### Workflow Pattern Selection
164+
**Load when**: The user asks for architecture, strategy, operating model selection, or pattern recommendations for building agentic workflows.
165+
166+
**Reference file**: `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/patterns.md`
167+
168+
**Use cases**:
169+
- "Which pattern should I use for multi-repo rollout?"
170+
- "How should I structure this workflow architecture?"
171+
- "What pattern fits slash-command triage?"
172+
- "Should this be DispatchOps or DailyOps?"
173+
174+
## Instructions
175+
176+
When a user interacts with you:
177+
178+
1. **Identify the task type** from the user's request
179+
2. **Load the appropriate prompt** from the URLs listed above
180+
3. **Follow the loaded prompt's instructions** exactly
181+
4. **If uncertain**, ask clarifying questions to determine the right prompt
182+
183+
## Quick Reference
184+
185+
```bash
186+
# Initialize repository for agentic workflows
187+
gh aw init
188+
189+
# Generate the lock file for a workflow
190+
gh aw compile [workflow-name]
191+
192+
# Trigger a workflow on demand (preferred over gh workflow run)
193+
gh aw run <workflow-name> # interactive input collection
194+
gh aw run <workflow-name> --ref main # run on a specific branch
195+
196+
# Debug workflow runs
197+
gh aw logs [workflow-name]
198+
gh aw audit <run-id>
199+
200+
# Upgrade workflows
201+
gh aw fix --write
202+
gh aw compile --validate
203+
```
204+
205+
## Key Features of gh-aw
206+
207+
- **Natural Language Workflows**: Write workflows in markdown with YAML frontmatter
208+
- **AI Engine Support**: Copilot, Claude, Codex, or custom engines
209+
- **MCP Server Integration**: Connect to Model Context Protocol servers for tools
210+
- **Safe Outputs**: Structured communication between AI and GitHub API
211+
- **Strict Mode**: Security-first validation and sandboxing
212+
- **Shared Components**: Reusable workflow building blocks
213+
- **Repo Memory**: Persistent git-backed storage for agents
214+
- **Sandboxed Execution**: All workflows run in the Agent Workflow Firewall (AWF) sandbox, enabling full `bash` and `edit` tools by default
215+
216+
## Important Notes
217+
218+
- Always reference the instructions file at `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/github-agentic-workflows.md` for complete documentation
219+
- Use the MCP tool `github-agentic-workflows` when running in GitHub Copilot Cloud
220+
- Workflows must be compiled to `.lock.yml` files before running in GitHub Actions
221+
- **Bash tools are enabled by default** - Don't restrict bash commands unnecessarily since workflows are sandboxed by the AWF
222+
- Follow security best practices: minimal permissions, explicit network access, no template injection
223+
- **Network configuration**: Use ecosystem identifiers (`node`, `python`, `go`, etc.) or explicit FQDNs in `network.allowed`. Bare shorthands like `npm` or `pypi` are **not** valid. See `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/network.md` for the full list of valid ecosystem identifiers and domain patterns.
224+
- **Single-file output**: When creating a workflow, produce exactly **one** workflow `.md` file. Do not create separate documentation files (architecture docs, runbooks, usage guides, etc.). If documentation is needed, add a brief `## Usage` section inside the workflow file itself.
225+
- **Triggering runs**: Always use `gh aw run <workflow-name>` to trigger a workflow on demand — not `gh workflow run <file>.lock.yml`. `gh aw run` handles workflow resolution by short name, input parsing and validation, and correct run-tracking for agentic workflows. Use `--ref <branch>` to run on a specific branch.
226+
- **CLI commands reference**: For a complete guide on all `gh aw` commands and their MCP tool equivalents (for restricted environments), see `https://raw.githubusercontent.com/github/gh-aw/main/.github/aw/cli-commands.md`

.github/aw/actions-lock.json

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
{
2+
"entries": {
3+
"actions/checkout@v7.0.0": {
4+
"repo": "actions/checkout",
5+
"version": "v7.0.0",
6+
"sha": "9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0"
7+
},
8+
"actions/download-artifact@v8.0.1": {
9+
"repo": "actions/download-artifact",
10+
"version": "v8.0.1",
11+
"sha": "3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c"
12+
},
13+
"actions/github-script@v9.0.0": {
14+
"repo": "actions/github-script",
15+
"version": "v9.0.0",
16+
"sha": "3a2844b7e9c422d3c10d287c895573f7108da1b3"
17+
},
18+
"actions/setup-node@v6.4.0": {
19+
"repo": "actions/setup-node",
20+
"version": "v6.4.0",
21+
"sha": "48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e"
22+
},
23+
"actions/upload-artifact@v7.0.1": {
24+
"repo": "actions/upload-artifact",
25+
"version": "v7.0.1",
26+
"sha": "043fb46d1a93c77aae656e7c1c64a875d1fc6a0a"
27+
},
28+
"github/gh-aw-actions/setup@v0.81.6": {
29+
"repo": "github/gh-aw-actions/setup",
30+
"version": "v0.81.6",
31+
"sha": "ba6380cc6e5be5d21677bebe04d52fb48e3abec7"
32+
}
33+
}
34+
}

.github/event-processor.config

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
{
2-
"InitialIssueTriage": "On",
2+
"InitialIssueTriage": "Off",
33
"ManualIssueTriage": "On",
44
"ServiceAttention": "On",
55
"ManualTriageAfterExternalAssignment": "On",

.github/mcp.json

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
{
2+
"mcpServers": {
3+
"github-agentic-workflows": {
4+
"type": "local",
5+
"command": "gh",
6+
"args": [
7+
"aw",
8+
"mcp-server"
9+
],
10+
"tools": [
11+
"compile",
12+
"audit",
13+
"logs",
14+
"inspect",
15+
"status",
16+
"audit-diff"
17+
]
18+
}
19+
}
20+
}
Lines changed: 84 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,84 @@
1+
---
2+
name: agentic-workflows
3+
description: Route gh-aw workflow design/create/debug/upgrade requests to the right prompts.
4+
---
5+
6+
# Agentic Workflows Router
7+
8+
Use this skill when a user asks to design, create, update, debug, or upgrade GitHub Agentic Workflows in this repository.
9+
10+
This skill is a dispatcher: identify the task type, load the matching workflow prompt/skill file, and follow it directly. Keep responses concise and ask a clarifying question if the correct prompt is unclear.
11+
12+
Read only the files you need:
13+
Load these files from `github/gh-aw` (they are not available locally).
14+
- `.github/aw/agentic-chat.md`
15+
- `.github/aw/agentic-workflows-mcp.md`
16+
- `.github/aw/asciicharts.md`
17+
- `.github/aw/campaign.md`
18+
- `.github/aw/charts-trending.md`
19+
- `.github/aw/charts.md`
20+
- `.github/aw/cli-commands.md`
21+
- `.github/aw/context.md`
22+
- `.github/aw/create-agentic-workflow.md`
23+
- `.github/aw/create-shared-agentic-workflow.md`
24+
- `.github/aw/debug-agentic-workflow.md`
25+
- `.github/aw/dependabot.md`
26+
- `.github/aw/deployment-status.md`
27+
- `.github/aw/experiments.md`
28+
- `.github/aw/github-agentic-workflows.md`
29+
- `.github/aw/github-mcp-server.md`
30+
- `.github/aw/instructions.md`
31+
- `.github/aw/llms.md`
32+
- `.github/aw/loop.md`
33+
- `.github/aw/lsp.md`
34+
- `.github/aw/mcp-clis.md`
35+
- `.github/aw/memory-stateful-patterns.md`
36+
- `.github/aw/memory.md`
37+
- `.github/aw/messages.md`
38+
- `.github/aw/network.md`
39+
- `.github/aw/optimize-agentic-workflow.md`
40+
- `.github/aw/patterns.md`
41+
- `.github/aw/pr-reviewer.md`
42+
- `.github/aw/report.md`
43+
- `.github/aw/reuse.md`
44+
- `.github/aw/safe-outputs-automation.md`
45+
- `.github/aw/safe-outputs-content.md`
46+
- `.github/aw/safe-outputs-management.md`
47+
- `.github/aw/safe-outputs-runtime.md`
48+
- `.github/aw/safe-outputs.md`
49+
- `.github/aw/serena-tool.md`
50+
- `.github/aw/shared-safe-jobs.md`
51+
- `.github/aw/skills.md`
52+
- `.github/aw/subagents.md`
53+
- `.github/aw/syntax-agentic.md`
54+
- `.github/aw/syntax-core.md`
55+
- `.github/aw/syntax-tools-imports.md`
56+
- `.github/aw/syntax.md`
57+
- `.github/aw/test-coverage.md`
58+
- `.github/aw/test-expression.md`
59+
- `.github/aw/token-optimization.md`
60+
- `.github/aw/triggers.md`
61+
- `.github/aw/update-agentic-workflow.md`
62+
- `.github/aw/upgrade-agentic-workflows.md`
63+
- `.github/aw/visual-regression.md`
64+
- `.github/aw/workflow-constraints.md`
65+
- `.github/aw/workflow-editing.md`
66+
- `.github/aw/workflow-patterns.md`
67+
68+
- `.github/skills/agentic-workflow-designer/SKILL.md`
69+
After loading the matching workflow prompt or skill, follow it directly:
70+
- Design workflows from scratch via interview: `skills/agentic-workflow-designer/SKILL.md`
71+
- Create new workflows: `.github/aw/create-agentic-workflow.md`
72+
- Update existing workflows: `.github/aw/update-agentic-workflow.md`
73+
- Debug, audit, or investigate workflows: `.github/aw/debug-agentic-workflow.md`
74+
- Upgrade workflows and fix deprecations: `.github/aw/upgrade-agentic-workflows.md`
75+
- Create shared components or MCP wrappers: `.github/aw/create-shared-agentic-workflow.md`
76+
- Create report-generating workflows: `.github/aw/report.md`
77+
- Fix Dependabot manifest PRs: `.github/aw/dependabot.md`
78+
- Analyze coverage workflows: `.github/aw/test-coverage.md`
79+
- Render compact markdown charts: `.github/aw/asciicharts.md`
80+
- Map CLI commands to MCP usage: `.github/aw/cli-commands.md`
81+
- Choose workflow architecture and patterns: `.github/aw/patterns.md`
82+
- Optimize token usage and cost: `.github/aw/token-optimization.md`
83+
84+
When the task involves OTEL, OTLP, traces, observability backends, or telemetry-driven analysis, also read and follow `skills/otel-queries/SKILL.md` after loading the matching workflow prompt or skill.

0 commit comments

Comments
 (0)