[Experiment] Create a .NET SDK Issue Monster#55243
Open
nagilson wants to merge 10 commits into
Open
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Adds a new Agentic Workflow (“Issue Monster”) to periodically select open issues labeled cookie and assign up to three of them to the Copilot coding agent, with safeguards for integrity filtering, branch routing, and rate-limit detection.
Changes:
- Introduces the
issue-monsteragentic workflow source (.md) plus its compiled lock workflow (.lock.yml) for scheduled and manual runs. - Adds a shared GitHub MCP guard policy that treats the
cookielabel as an approval label for integrity checks. - Updates the agentic workflows action lock to reference
github/gh-aw-actions/setup@v0.81.6.
Reviewed changes
Copilot reviewed 3 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| .github/workflows/shared/github-guard-policy.md | Defines cookie as an approval label for GitHub MCP tool-call integrity checks. |
| .github/workflows/issue-monster.md | New Issue Monster agentic workflow definition: issue search/scoring, base-branch inference, and safe-output assignment/comment guidance. |
| .github/workflows/issue-monster.lock.yml | Generated workflow implementation compiled from issue-monster.md. |
| .github/aw/actions-lock.json | Bumps pinned github/gh-aw-actions/setup action to v0.81.6. |
Comment on lines
+175
to
+179
| // Fetch full details for each issue to get labels, assignees, sub-issues, and linked PRs | ||
| // Track integrity-filtered issues to emit a diagnostic summary | ||
| const integrityFilteredIssues = []; | ||
| const issuesWithDetails = (await Promise.all( | ||
| response.data.items.map(async (issue) => { |
3 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds an Agentic Workflow to automatically assign selected issues to copilot.
A sample run is present in: nagilson#15
Related #55185
Expected Impact
Criteria
base_branch(es) since this is vital to working in the .NET SDK repo.Concerns
The default COPILOT_PAT tokens we have today as secrets are for running agentic workflows, but they do not give permission to assign CoPilot to a PR. This necessitates a new token that enables that permission. We should consider whether we are willing to accept that risk.
Context
I spent some time looking into agentic workflows as part of a process to improve triaging scenarios.
One of the more fascinating things I discovered was the concept of an 'issue monster' that finds issues and assigns them to CoPilot. Inspired by https://github.com/github/gh-aw/blob/main/.github/workflows/issue-monster.md, I decided to look into whether the .NET SDK repository could have an automated CoPilot assigner to issues.
I believe that the 'cookie monster' framing of this tool helps explain what it does without needing to go into too much detail. It's a principle I think of from game-design, where the framing of a gameplay concept helps explain it to players without them really needing to know anything about it.
For Reviewers
The history starts with a clean baseline off the workflow that lives inside gh-aw and then slowly removes gh-aw specific components, then adds in sdk specific components in separated commits.
You may notice the gh-aw has several other concepts such as an oltp export for the session itself, a cli-proxy and an App, but I did not determine those to be necessary for our use case. They also use 'pi' which is an experimental AI but we rely on copilot since it is more 'stable'.