Add GitHub Actions workflow to summarize new issues#53
Add GitHub Actions workflow to summarize new issues#53xpertforextradeinc wants to merge 1 commit intomainfrom
Conversation
Signed-off-by: LUCKMAN WORLD <[email protected]>
|
Note Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported. |
|
There was a problem hiding this comment.
Pull request overview
This PR introduces a new GitHub Actions workflow to automatically summarize newly opened issues using AI inference and post the summary as a comment. The workflow aims to provide quick, automated summaries of issue content to help with triage and understanding.
Changes:
- Added
.github/workflows/summary.ymlworkflow that triggers on issue creation, uses an AI inference action to generate a summary, and posts it as a comment via GitHub CLI
| runs-on: ubuntu-latest | ||
| permissions: | ||
| issues: write | ||
| models: read |
There was a problem hiding this comment.
The permission 'models: read' is not a standard GitHub Actions permission. The standard permissions are: actions, attestations, checks, contents, deployments, discussions, id-token, issues, packages, pages, pull-requests, repository-projects, security-events, statuses. Verify whether this is a valid permission for the ai-inference action or if it should be removed. If this is not a valid permission, it will be ignored but adds confusion to the workflow configuration.
| models: read |
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
|
|
There was a problem hiding this comment.
The checkout step appears unnecessary for this workflow. The workflow only reads issue data from the GitHub context (github.event.issue) and posts a comment - it doesn't access any repository files. Consider removing this step to improve workflow performance unless the ai-inference action specifically requires it.
| - name: Checkout repository | |
| uses: actions/checkout@v4 |
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Run AI inference | ||
| id: inference | ||
| uses: actions/ai-inference@v1 | ||
| with: | ||
| prompt: | | ||
| Summarize the following GitHub issue in one paragraph: | ||
| Title: ${{ github.event.issue.title }} | ||
| Body: ${{ github.event.issue.body }} | ||
| - name: Comment with AI summary | ||
| run: | |
There was a problem hiding this comment.
Step names in this workflow do not follow the repository's emoji prefix convention. All steps in main.yml use emoji prefixes (⬇️ Checkout code, 🧰 Setup Node.js, 📦 Install dependencies, etc.) for visual clarity in logs. Consider adding emoji prefixes to maintain consistency:
- "⬇️ Checkout repository"
- "🤖 Run AI inference"
- "💬 Comment with AI summary"
| - name: Comment with AI summary | ||
| run: | | ||
| gh issue comment $ISSUE_NUMBER --body '${{ steps.inference.outputs.response }}' |
There was a problem hiding this comment.
The GitHub CLI command is vulnerable to shell injection. The output from the AI inference step (steps.inference.outputs.response) is directly interpolated into the shell command using single quotes, but if the AI response contains a single quote, it could break out of the string and execute arbitrary commands. Use double quotes with proper escaping or pass the value via stdin instead. For example: echo "$RESPONSE" | gh issue comment $ISSUE_NUMBER --body-file -
| gh issue comment $ISSUE_NUMBER --body '${{ steps.inference.outputs.response }}' | |
| echo "$RESPONSE" | gh issue comment "$ISSUE_NUMBER" --body-file - |
| env: | ||
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
| ISSUE_NUMBER: ${{ github.event.issue.number }} | ||
| RESPONSE: ${{ steps.inference.outputs.response }} |
There was a problem hiding this comment.
The RESPONSE environment variable is defined but never used. The gh issue comment command directly references steps.inference.outputs.response instead of using $RESPONSE. Either remove this unused variable or refactor the command to use it consistently.
This pull request introduces a new GitHub Actions workflow to automatically summarize newly opened issues using AI and post the summary as a comment. The workflow leverages an AI inference action to generate the summary and then uses the GitHub CLI to comment on the issue.
Automation of issue summarization:
.github/workflows/summary.ymlworkflow to trigger on new issue creation and run jobs for summarizing issues using AI inference and commenting the summary.