Conversation
mriccobene
requested review from
AskAlexSharov and
Giulio2002
as code owners
There was a problem hiding this comment.
Pull request overview
Adds a new GitHub Agentic Workflow that runs daily to generate a repository status report and publish it as a GitHub issue.
Changes:
- Added an agentic workflow definition (
daily-repo-status.md) describing the daily repo status report prompt and safe outputs. - Added the compiled GitHub Actions workflow (
daily-repo-status.lock.yml) that runs on a cron schedule and uses gh-aw + Copilot CLI to generate the report and create an issue. - Updated
.gitattributesto mark workflow lock files as generated and resolve merges withmerge=ours.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 5 comments.
| File | Description |
|---|---|
| .github/workflows/daily-repo-status.md | Agentic workflow source (frontmatter + prompt) for daily repo status issue generation. |
| .github/workflows/daily-repo-status.lock.yml | Compiled GitHub Actions workflow implementing the scheduled agent run + safe-outputs issue creation. |
| .gitattributes | Marks *.lock.yml as generated and configures merge strategy for lock files. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| run: | | ||
| set -o pipefail | ||
| sudo -E awf --enable-chroot --env-all --container-workdir "${GITHUB_WORKSPACE}" --allow-domains api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --enable-host-access --image-tag 0.13.12 --skip-pull \ | ||
| -- '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-all-tools --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"${GH_AW_MODEL_AGENT_COPILOT:+ --model "$GH_AW_MODEL_AGENT_COPILOT"}' \ |
There was a problem hiding this comment.
The agent execution enables --allow-all-tools and --allow-all-paths, which is a very broad capability surface compared to the threat-detection job (which uses an explicit --allow-tool allowlist). For defense-in-depth, restrict the agent to only the minimal required tools/paths (and rely on MCP safe outputs for GitHub writes) to reduce the impact of prompt injection or unexpected tool invocation.
| -- '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-all-tools --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"${GH_AW_MODEL_AGENT_COPILOT:+ --model "$GH_AW_MODEL_AGENT_COPILOT"}' \ | |
| -- '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"${GH_AW_MODEL_AGENT_COPILOT:+ --model "$GH_AW_MODEL_AGENT_COPILOT"}' \ |
| discussions: write | ||
| issues: write | ||
| pull-requests: write |
There was a problem hiding this comment.
The conclusion job grants discussions: write and pull-requests: write. This workflow’s configured safe outputs only create issues, so these extra write permissions appear unnecessary and increase blast radius. Consider reducing job permissions to the minimum required (likely issues: write and contents: read), or gating elevated permissions behind conditions when the workflow is triggered from PR/discussion events.
| discussions: write | |
| issues: write | |
| pull-requests: write | |
| issues: write |
|
|
||
| jobs: | ||
| activation: | ||
| runs-on: ubuntu-slim |
There was a problem hiding this comment.
runs-on: ubuntu-slim is the only occurrence of this runner label in the repo; unless a self-hosted runner with this label exists, this job will never start. Consider switching to an existing runner label used elsewhere (e.g. ubuntu-latest, ubuntu-24.04, or an established self-hosted label) so the scheduled workflow can actually run.
| runs-on: ubuntu-slim | |
| runs-on: ubuntu-latest |
| - detection | ||
| - safe_outputs | ||
| if: (always()) && (needs.agent.result != 'skipped') | ||
| runs-on: ubuntu-slim |
There was a problem hiding this comment.
runs-on: ubuntu-slim doesn’t appear to be used anywhere else in this repository’s workflows. If this isn’t a defined runner label in this org, the conclusion job will be permanently queued and the workflow will never complete; align it with an existing runner label used in other workflows.
| runs-on: ubuntu-slim | |
| runs-on: ubuntu-latest |
| - agent | ||
| - detection | ||
| if: ((!cancelled()) && (needs.agent.result != 'skipped')) && (needs.detection.outputs.success == 'true') | ||
| runs-on: ubuntu-slim |
There was a problem hiding this comment.
runs-on: ubuntu-slim is not referenced elsewhere in the repo. If it’s not a valid runner label, safe-outputs processing (issue creation) will never execute; consider using a known runner label to ensure reports get published.
| runs-on: ubuntu-slim | |
| runs-on: ubuntu-latest |
2 participants
Add agentic workflow daily-repo-status