chore: update code structure for better readability and maintainability#1229
Merged
Conversation
github-actions
Bot
added
github_actions
Contributor
Coverage Report
File CoverageNo changed files found. |
Contributor
Rust Backend Coverage ReportCoverage Details |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the repository’s gh-aw generated GitHub Actions workflows to a newer gh-aw compiler/runtime, adds a manual maintenance operation mode to the maintenance workflow, and removes the “Daily Test Improver” automation.
Changes:
- Regenerated
instructions-janitoranddaily-doc-updaterlock workflows with gh-aw v0.56.0 (schema v2/strict), updating artifact flow, safe-outputs wiring, and runtime env/config. - Extended
agentics-maintenancewithworkflow_dispatchinputs and a new job to run explicit maintenance operations. - Removed the
daily-test-improverworkflow sources and lock output.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/instructions-janitor.lock.yml | Regenerated lock workflow (gh-aw v0.56.0) with updated activation/artifacts/safe-outputs + runtime changes. |
| .github/workflows/daily-doc-updater.lock.yml | Regenerated lock workflow (gh-aw v0.56.0) with updated activation/artifacts/safe-outputs + runtime changes. |
| .github/workflows/agentics-maintenance.yml | Adds optional workflow_dispatch operation input and a dedicated run_operation job; bumps generator version. |
| .github/aw/actions-lock.json | Adds pinned SHA entry for github/gh-aw/actions/[email protected]. |
| .github/workflows/daily-test-improver.md | Deleted (removes workflow source/instructions). |
| .github/workflows/daily-test-improver.lock.yml | Deleted (removes compiled lock workflow). |
| GH_AW_ALLOWED_DOMAINS: "*.githubusercontent.com,api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,codeload.github.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github-cloud.githubusercontent.com,github-cloud.s3.amazonaws.com,github.com,github.githubassets.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,lfs.github.com,objects.githubusercontent.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com" | ||
| GITHUB_SERVER_URL: ${{ github.server_url }} | ||
| GITHUB_API_URL: ${{ github.api_url }} | ||
| GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_pull_request\":{\"draft\":false,\"expires\":48,\"labels\":[\"documentation\",\"automation\",\"instructions\"],\"max\":1,\"max_patch_size\":1024,\"protected_files\":[\"package.json\",\"bun.lockb\",\"bunfig.toml\",\"deno.json\",\"deno.jsonc\",\"deno.lock\",\"global.json\",\"NuGet.Config\",\"Directory.Packages.props\",\"mix.exs\",\"mix.lock\",\"go.mod\",\"go.sum\",\"stack.yaml\",\"stack.yaml.lock\",\"pom.xml\",\"build.gradle\",\"build.gradle.kts\",\"settings.gradle\",\"settings.gradle.kts\",\"gradle.properties\",\"package-lock.json\",\"yarn.lock\",\"pnpm-lock.yaml\",\"npm-shrinkwrap.json\",\"requirements.txt\",\"Pipfile\",\"Pipfile.lock\",\"pyproject.toml\",\"setup.py\",\"setup.cfg\",\"Gemfile\",\"Gemfile.lock\",\"uv.lock\",\"AGENTS.md\"],\"protected_path_prefixes\":[\".github/\",\".agents/\"],\"title_prefix\":\"[instructions] \"},\"missing_data\":{},\"missing_tool\":{}}" |
There was a problem hiding this comment.
GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG marks both .github/ and .agents/ as protected_path_prefixes. This workflow’s explicit mission (per .github/workflows/instructions-janitor.md) is to update .github/aw/github-agentic-workflows.md, so protecting .github/ will prevent any PR from being created for the intended changes.
Consider narrowing the protection to more specific prefixes (e.g., .github/workflows/) or removing .github/ from protected_path_prefixes while keeping a denylist for especially sensitive files, so the workflow can still update .github/aw/**.
Suggested change
| GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_pull_request\":{\"draft\":false,\"expires\":48,\"labels\":[\"documentation\",\"automation\",\"instructions\"],\"max\":1,\"max_patch_size\":1024,\"protected_files\":[\"package.json\",\"bun.lockb\",\"bunfig.toml\",\"deno.json\",\"deno.jsonc\",\"deno.lock\",\"global.json\",\"NuGet.Config\",\"Directory.Packages.props\",\"mix.exs\",\"mix.lock\",\"go.mod\",\"go.sum\",\"stack.yaml\",\"stack.yaml.lock\",\"pom.xml\",\"build.gradle\",\"build.gradle.kts\",\"settings.gradle\",\"settings.gradle.kts\",\"gradle.properties\",\"package-lock.json\",\"yarn.lock\",\"pnpm-lock.yaml\",\"npm-shrinkwrap.json\",\"requirements.txt\",\"Pipfile\",\"Pipfile.lock\",\"pyproject.toml\",\"setup.py\",\"setup.cfg\",\"Gemfile\",\"Gemfile.lock\",\"uv.lock\",\"AGENTS.md\"],\"protected_path_prefixes\":[\".github/\",\".agents/\"],\"title_prefix\":\"[instructions] \"},\"missing_data\":{},\"missing_tool\":{}}" | |
| GH_AW_SAFE_OUTPUTS_HANDLER_CONFIG: "{\"create_pull_request\":{\"draft\":false,\"expires\":48,\"labels\":[\"documentation\",\"automation\",\"instructions\"],\"max\":1,\"max_patch_size\":1024,\"protected_files\":[\"package.json\",\"bun.lockb\",\"bunfig.toml\",\"deno.json\",\"deno.jsonc\",\"deno.lock\",\"global.json\",\"NuGet.Config\",\"Directory.Packages.props\",\"mix.exs\",\"mix.lock\",\"go.mod\",\"go.sum\",\"stack.yaml\",\"stack.yaml.lock\",\"pom.xml\",\"build.gradle\",\"build.gradle.kts\",\"settings.gradle\",\"settings.gradle.kts\",\"gradle.properties\",\"package-lock.json\",\"yarn.lock\",\"pnpm-lock.yaml\",\"npm-shrinkwrap.json\",\"requirements.txt\",\"Pipfile\",\"Pipfile.lock\",\"pyproject.toml\",\"setup.py\",\"setup.cfg\",\"Gemfile\",\"Gemfile.lock\",\"uv.lock\",\"AGENTS.md\"],\"protected_path_prefixes\":[\".github/workflows/\",\".agents/\"],\"title_prefix\":\"[instructions] \"},\"missing_data\":{},\"missing_tool\":{}}" |
Comment on lines
34
to
52
| name: Agentic Maintenance | ||
|
|
||
| on: | ||
| schedule: | ||
| - cron: "37 */2 * * *" # Every 2 hours (based on minimum expires: 1 days) | ||
| workflow_dispatch: | ||
| inputs: | ||
| operation: | ||
| description: 'Optional maintenance operation to run' | ||
| required: false | ||
| type: choice | ||
| default: '' | ||
| options: | ||
| - '' | ||
| - 'disable' | ||
| - 'enable' | ||
| - 'update' | ||
| - 'upgrade' | ||
|
|
There was a problem hiding this comment.
The PR title suggests a readability/maintainability refactor, but this change set also removes the entire daily-test-improver workflow (.github/workflows/daily-test-improver.md and .lock.yml). If that removal is intentional, it should be called out explicitly in the PR title/description (or split into a separate PR) so reviewers understand the behavioral change (loss of the scheduled/on-demand test improver automation).
| await main(); | ||
|
|
||
| - name: Install gh-aw | ||
| uses: github/gh-aw/actions/[email protected] |
There was a problem hiding this comment.
github/gh-aw/actions/[email protected] is referenced by tag, while the rest of the workflow pins actions by commit SHA. For supply-chain safety and consistency, consider pinning setup-cli to a commit SHA as well (and/or recording it in .github/aw/actions-lock.json if that file is intended to track pinned SHAs).
Suggested change
| uses: github/gh-aw/actions/[email protected] | |
| uses: github/gh-aw/actions/setup-cli@046e81c42fe2a9d91f47596660fcc69f48f5c70a # v0.56.0 |
| run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.23.0 | ||
| - name: Install Claude Code CLI | ||
| run: npm install -g --silent @anthropic-ai/claude-code@2.1.52 | ||
| run: npm install -g @anthropic-ai/claude-code@latest |
There was a problem hiding this comment.
Installing @anthropic-ai/claude-code@latest makes this workflow non-deterministic: a newly published CLI version can change behavior or break runs without any repo change. Consider pinning to a known-good version (or routing through a repo variable) and updating it intentionally when you’re ready to absorb upstream changes.
Suggested change
| run: npm install -g @anthropic-ai/claude-code@latest | |
| run: npm install -g @anthropic-ai/claude-code@0.5.0 |
| COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }} | ||
| - name: Install GitHub Copilot CLI | ||
| run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.415 | ||
| run: /opt/gh-aw/actions/install_copilot_cli.sh latest |
There was a problem hiding this comment.
Using install_copilot_cli.sh latest makes the workflow’s behavior depend on whatever Copilot CLI version is current at run time, which can introduce unexpected breakages/regressions. Consider pinning to a specific Copilot CLI version (or a repo variable) so upgrades are intentional and can be rolled back if needed.
Suggested change
| run: /opt/gh-aw/actions/install_copilot_cli.sh latest | |
| run: /opt/gh-aw/actions/install_copilot_cli.sh v1.0.0 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.