Skip to content

Comments

Implement automatic PR labeling system with 46 labels#192

Merged
pethers merged 4 commits intomainfrom
copilot/setup-automatic-labeling
Feb 15, 2026
Merged

Implement automatic PR labeling system with 46 labels#192
pethers merged 4 commits intomainfrom
copilot/setup-automatic-labeling

Conversation

Copy link
Contributor

Copilot AI commented Feb 15, 2026
edited
Loading

Setup Automatic Labeling Based on Repository Context

✅ Implementation Complete - Code Review Addressed

All phases of the automatic labeling system have been successfully implemented, documented, and code review feedback has been addressed.

🔄 Code Review Changes (Latest Commit)

Fixed Issues

  1. Updated label count from "35+" to "46" for accuracy (LABELS.md line 16)
  2. Fixed verification threshold to expect exactly 46 labels (setup-labels.yml line 176)
  3. Added special character escaping for sed replacement in PR comments (labeler.yml line 169)
  4. Removed unnecessary GitHub CLI setup - GH_TOKEN auto-authenticates (setup-labels.yml line 30)

All changes validated with YAML syntax check.

📋 Implementation Phases

Phase 1: Analysis & Design ✅

  • Downloaded and analyzed blacktrigram labeler examples
  • Reviewed labeler.yml, setup-labels.yml, labeler.yml workflows
  • Analyzed riksdagsmonitor repository structure
  • Identified 46 relevant labels across 12 categories

Phase 2: Label Configuration ✅

  • Created .github/labeler.yml (13 KB, 400+ lines)
    • ✅ Content categories: news, dashboard, visualization, intelligence
    • ✅ Technology categories: html-css, javascript, workflow, security
    • ✅ Data integration: cia-data, riksdag-data, data-pipeline, schema
    • ✅ Internationalization: i18n, translation, rtl (14 languages)
    • ✅ ISMS compliance: isms, iso-27001, nist-csf, cis-controls
    • ✅ Infrastructure: ci-cd, deployment, performance, monitoring
    • ✅ Quality: testing, accessibility, documentation, refactor
    • ✅ Standard: bug, enhancement, dependencies
    • ✅ AI automation: agent, skill, agentic-workflow
    • ✅ Priority: critical/high/medium/low
    • ✅ Size: xs/s/m/l/xl (automatic)
    • ✅ Status: needs-review/in-progress/blocked/ready

Phase 3: Label Setup Workflow ✅

  • Created .github/workflows/setup-labels.yml (9 KB)
    • ✅ Security hardening: step-security/harden-runner@SHA, actions SHA-pinned
    • ✅ Create/update 46 labels with colors and descriptions
    • ✅ Manual trigger with recreate option
    • ✅ Least privilege permissions
    • ✅ Label count verification (exactly 46 labels)
    • ✅ Removed unnecessary GitHub CLI setup step

Phase 4: Auto-Labeler Workflow ✅

  • Created .github/workflows/labeler.yml (7 KB)
    • ✅ Trigger on PR opened/synchronized/reopened/edited
    • ✅ Security hardening: SHA pinning, harden-runner
    • ✅ Label existence validation (30 key labels)
    • ✅ File path, title, and body pattern matching
    • ✅ Automatic size labels (diff-based calculation)
    • ✅ PR summary comment on new PRs
    • ✅ Special character escaping for sed replacement
    • ✅ Least privilege permissions

Phase 5: Testing & Validation ✅

  • Validated YAML syntax (Python yaml.safe_load)
  • Verified workflow configuration
  • Reviewed security hardening
  • Addressed code review feedback
  • Test label creation workflow (next step)
  • Test auto-labeling on PR (next step)

Phase 6: Documentation ✅

  • Created LABELS.md (15 KB) - Comprehensive label guide
    • ✅ 46 label definitions with colors and descriptions
    • ✅ 12 category breakdowns
    • ✅ 4 detailed usage examples
    • ✅ Setup instructions
    • ✅ Troubleshooting guide
  • Updated README.md - Added LABELS.md reference
  • Updated WORKFLOWS.md (Section 16) - Label system documentation
    • ✅ Workflow inventory updated (15 → 17 workflows)
    • ✅ Setup-labels.yml workflow documentation
    • ✅ Labeler.yml workflow documentation
    • ✅ Label categories and examples
    • ✅ Security compliance details
    • ✅ Troubleshooting guide

🎯 Deliverables

Files Created

File Size Description
.github/labeler.yml 13 KB Label configuration with file patterns, title/body matching
.github/workflows/setup-labels.yml 9 KB Label creation/update workflow (manual trigger)
.github/workflows/labeler.yml 7 KB Automatic PR labeling workflow (PR events)
LABELS.md 15 KB Comprehensive label documentation and guide
README.md (updated) +1 line Added LABELS.md reference
WORKFLOWS.md (updated) +276 lines Section 16: Labeling system documentation

Total: 6 files, ~44 KB of new content

🏷️ Label System Summary

46 Labels Across 12 Categories

🗳️  Content & Features (4)      📊 Data Integration (4)
💻 Technology (4)               🌍 Internationalization (3)
🔒 ISMS & Compliance (4)        🏗️ Infrastructure (4)
🔄 Quality & Testing (4)        🏷️ Standard (3)
🤖 AI & Automation (3)          🚦 Priority (4)
📏 Size (5)                     🎭 Status (4)

Key Features

  • Automatic labeling based on file changes, PR titles, and descriptions
  • 46 comprehensive labels covering all repository aspects
  • Size labels automatically calculated from PR diff
  • PR comments with label summary on new PRs
  • Special character handling in label names for sed replacement
  • Security hardened (SHA pinning, harden-runner, least privilege)
  • ISMS compliant (ISO 27001, NIST CSF, CIS Controls)
  • Well documented (LABELS.md, WORKFLOWS.md)

🔒 Security Compliance

All workflows follow Hack23 ISMS requirements:

SHA-pinned actions (no tags/branches)

  • step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e (v2.14.2)
  • actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd (v6.0.2)
  • actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b (v6.0.1)

Security hardening

  • step-security/harden-runner enabled (all workflows)
  • Egress policy: audit
  • Network egress monitoring

Least privilege permissions

  • contents: read
  • issues: write
  • pull-requests: write

No secrets exposure

  • GitHub CLI authentication via $GITHUB_TOKEN
  • No secrets in workflow files

🚀 Next Steps

Immediate Testing

  1. Run setup-labels workflow

    Actions → Setup Repository Labels → Run workflow

    This will create all 46 labels in the repository.

  2. Verify label creation

    • Check Issues → Labels to see all created labels
    • Verify colors, descriptions, and counts

  3. Test on this PR

    • Labels should be automatically applied to this PR
    • Verify correct labels based on files changed
    • Check PR comment with summary

  4. Monitor labeler workflow

    • Actions → Pull Request Automatic Labeler
    • Review logs for any errors
    • Verify label application logic

Production Deployment

Once testing is successful:

  1. ✅ Merge this PR to main
  2. ✅ Labels will auto-apply to all future PRs
  3. ✅ Manual label adjustments as needed (priority, status)
  4. ✅ Monitor effectiveness over time
  5. ✅ Adjust rules in .github/labeler.yml if needed

✅ Acceptance Criteria Met

  • Downloaded and analyzed blacktrigram examples
  • Created comprehensive labeling configuration (46 labels)
  • Implemented security-hardened workflows (SHA pinning, harden-runner)
  • Documented in LABELS.md (15 KB guide)
  • Updated WORKFLOWS.md (Section 16)
  • Updated README.md with reference
  • Validated YAML syntax (all files valid)
  • Addressed code review feedback
  • Stored implementation memories
  • Tested label creation workflow (ready for testing)
  • Tested auto-labeling on PR (ready for testing)

🎉 Summary

The automatic labeling system is fully implemented, code-reviewed, and ready for testing. All code, workflows, and documentation are complete. Code review feedback has been addressed. The system follows Hack23 ISMS security requirements and provides comprehensive coverage of all riksdagsmonitor repository aspects.

Ready for:

  1. Label setup workflow execution
  2. Testing on this PR
  3. Production deployment after successful testing

Implementation by: devops-engineer agent
Date: 2026-02-15
Version: 1.1 (code review addressed)
Status: ✅ Complete

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot AI and others added 2 commits February 15, 2026 12:52
@pethers
feat: implement automatic PR labeling system
10b446d 
- Add .github/labeler.yml with 35+ label categories
- Add setup-labels.yml workflow for label creation
- Add labeler.yml workflow for automatic PR labeling
- Add LABELS.md documentation with comprehensive guide
- Update README.md to reference label system
- Categories: content, technology, data, i18n, ISMS, infrastructure, quality, AI
- Security hardened workflows (SHA pinning, step-security/harden-runner)
- Automatic size labels based on PR diff
- PR comment with label summary on new PRs

Co-authored-by: pethers <[email protected]>
@pethers
docs: update WORKFLOWS.md with labeling workflows
4038f7e 
- Add section 16 documenting automatic PR labeling system
- Update workflow inventory (15 → 17 workflows)
- Document setup-labels.yml and labeler.yml workflows
- Add labeling examples and troubleshooting guide
- Include label categories and application logic
- Add reference to LABELS.md
- Update version to 3.0, date to 2026-02-15

Co-authored-by: pethers <[email protected]>
Copilot AI changed the title [WIP] Add automatic labeling based on repository context Implement automatic PR labeling system with 46 labels Feb 15, 2026
Copilot AI requested a review from pethers February 15, 2026 12:58
@pethers pethers requested a review from Copilot February 15, 2026 13:09
@github-actions
Copy link
Contributor

github-actions bot commented Feb 15, 2026

🔍 Lighthouse Performance Audit

Category Score Status
Performance 85/100 🟡
Accessibility 95/100 🟢
Best Practices 90/100 🟢
SEO 95/100 🟢

📥 Download full Lighthouse report

Budget Compliance: Performance budgets enforced via budget.json

Copilot AI reviewed Feb 15, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR implements a comprehensive automatic PR labeling system for the Riksdagsmonitor repository. The system categorizes pull requests based on file changes, titles, and descriptions using 46 labels across 12 categories (Content, Technology, Data, I18n, ISMS, Infrastructure, Quality, Standard, AI, Priority, Size, Status). The implementation follows security best practices with SHA-pinned actions, harden-runner enabled, and least-privilege permissions.

Changes:

  • Adds automated labeling workflows with security hardening and comprehensive label coverage
  • Creates 46-label taxonomy aligned with repository architecture (content, technology, compliance, quality)
  • Provides complete documentation with setup guides, troubleshooting, and usage examples

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
.github/workflows/setup-labels.yml New workflow for creating/updating 46 repository labels with idempotent label management
.github/workflows/labeler.yml New workflow for automatic PR labeling with size calculation and summary comments
.github/labeler.yml Configuration defining 452 lines of labeling rules based on file paths, titles, and body patterns
LABELS.md Comprehensive 439-line documentation covering all 46 labels with examples and troubleshooting
WORKFLOWS.md Adds section 16 documenting the labeling system and updates workflow inventory to 17 total
README.md Adds LABELS.md reference to project documentation list

LABELS.md Outdated

### Key Features
- ✅ **Automatic labeling** based on file paths, PR titles, and descriptions
- ✅ **35+ labels** covering all aspects of the project
Copy link

Copilot AI Feb 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The label count is inconsistent. The documentation states "35+ labels" but the PR description and setup-labels.yml workflow define exactly 46 labels. Update this to "46 labels" for accuracy and consistency with the PR description and implementation.

Suggested change
-**35+ labels** covering all aspects of the project
-**46 labels** covering all aspects of the project

Copilot uses AI. Check for mistakes.
Copy link
Contributor Author

Copilot AI Feb 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in e59a547. Updated label count from "35+" to "46" for accuracy in LABELS.md line 16.

.github/workflows/setup-labels.yml Outdated
Comment on lines 176 to 177
if [ "$label_count" -lt 35 ]; then
echo "⚠️ Warning: Expected at least 35 labels, but found only $label_count"
Copy link

Copilot AI Feb 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The label verification threshold should be updated to 46 (not "at least 35") to match the actual number of labels defined in this workflow. This ensures the verification step accurately validates that all labels were created successfully.

Suggested change
if [ "$label_count" -lt 35 ]; then
echo "⚠️ Warning: Expected at least 35 labels, but found only $label_count"
if [ "$label_count" -ne 46 ]; then
echo "⚠️ Error: Expected 46 labels, but found $label_count"

Copilot uses AI. Check for mistakes.
Copy link
Contributor Author

Copilot AI Feb 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in e59a547. Updated verification to expect exactly 46 labels (not "at least 35") in setup-labels.yml line 176.

.github/workflows/labeler.yml Outdated
EOF

# Replace placeholder with actual labels
sed -i "s/\$LABELS/$LABELS/" /tmp/comment.md
Copy link

Copilot AI Feb 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The sed command to replace $LABELS placeholder could fail if label names contain special characters like forward slashes, ampersands, or backslashes. Consider using a safer approach like using a different sed delimiter or using alternative string replacement methods that don't interpret special characters. For example: sed -i "s|\$LABELS|$LABELS|" /tmp/comment.md (using | as delimiter) or properly escaping the LABELS variable.

Suggested change
sed -i "s/\$LABELS/$LABELS/" /tmp/comment.md
ESCAPED_LABELS=${LABELS//\\/\\\\}
ESCAPED_LABELS=${ESCAPED_LABELS//&/\\&}
ESCAPED_LABELS=${ESCAPED_LABELS//\//\\/}
sed -i "s/\$LABELS/$ESCAPED_LABELS/" /tmp/comment.md

Copilot uses AI. Check for mistakes.
Copy link
Contributor Author

Copilot AI Feb 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in e59a547. Added proper escaping for backslash, ampersand, and forward slash characters before sed replacement in labeler.yml lines 169-172.

.github/workflows/setup-labels.yml Outdated
Comment on lines 30 to 33
- name: Setup GitHub CLI
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | gh auth login --with-token

Copy link

Copilot AI Feb 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The "Setup GitHub CLI" step with gh auth login --with-token is unnecessary. GitHub CLI automatically authenticates using the GH_TOKEN or GITHUB_TOKEN environment variable when available. Since subsequent steps already set GH_TOKEN in their env sections, this explicit login step can be removed for simplicity.

Suggested change
- name: Setup GitHub CLI
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | gh auth login --with-token

Copilot uses AI. Check for mistakes.
Copy link
Contributor Author

Copilot AI Feb 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in e59a547. Removed the unnecessary GitHub CLI setup step since GH_TOKEN auto-authenticates from setup-labels.yml lines 30-32.

@pethers
Copy link
Member

pethers commented Feb 15, 2026

@copilot apply changes based on the comments in this thread

@pethers
fix: address code review feedback on labeling system
e59a547 
- Update label count from "35+" to "46" for accuracy (LABELS.md)
- Fix verification threshold to expect exactly 46 labels (setup-labels.yml)
- Escape special characters in sed replacement for label names (labeler.yml)
- Remove unnecessary GitHub CLI setup step (setup-labels.yml)

All changes validated with YAML syntax check.

Co-authored-by: pethers <[email protected]>
@pethers pethers marked this pull request as ready for review February 15, 2026 13:53
@github-actions
Copy link
Contributor

github-actions bot commented Feb 15, 2026

🔍 Lighthouse Performance Audit

Category Score Status
Performance 85/100 🟡
Accessibility 95/100 🟢
Best Practices 90/100 🟢
SEO 95/100 🟢

📥 Download full Lighthouse report

Budget Compliance: Performance budgets enforced via budget.json

@pethers pethers merged commit f5eb323 into main Feb 15, 2026
9 checks passed
@pethers pethers deleted the copilot/setup-automatic-labeling branch February 15, 2026 13:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@pethers pethers pethers approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@pethers pethers

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pethers