-
Notifications
You must be signed in to change notification settings - Fork 20
159 lines (132 loc) · 6.08 KB
/
issue-analysis.yml
File metadata and controls
159 lines (132 loc) · 6.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: "Issue Analysis → Teams"
on:
issues:
types: [opened]
# Declare default permissions as read only.
permissions: read-all
jobs:
analyze-and-notify:
name: Analyze Issue & Notify Teams
runs-on: ubuntu-latest
if: github.event.issue.performed_via_github_app == null
permissions:
issues: read
contents: read
models: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Install uv
uses: astral-sh/setup-uv@v6
with:
enable-cache: true
- name: Install Python dependencies
run: |
uv venv .venv
uv pip install --python .venv/bin/python openai microsoft-teams-apps microsoft-teams-cards
- name: Install Copilot CLI
run: npm install -g @github/copilot
- name: Resolve issue details
id: issue
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Pass event data through env vars to avoid shell injection
EVENT_ISSUE_NUMBER: ${{ github.event.issue.number }}
EVENT_ISSUE_TITLE: ${{ github.event.issue.title }}
EVENT_ISSUE_AUTHOR: ${{ github.event.issue.user.login }}
EVENT_ISSUE_URL: ${{ github.event.issue.html_url }}
EVENT_ISSUE_LABELS: ${{ toJSON(github.event.issue.labels) }}
EVENT_ISSUE_BODY: ${{ github.event.issue.body }}
run: |
# Use heredoc form for all fields to prevent output injection
# (issue titles/authors could contain newlines or %)
write_output() {
local name="$1"
local value="$2"
local delimiter="EOF_${name}_$$"
{
printf '%s<<%s\n' "$name" "$delimiter"
printf '%s\n' "$value"
printf '%s\n' "$delimiter"
} >> "$GITHUB_OUTPUT"
}
write_output "number" "$EVENT_ISSUE_NUMBER"
write_output "title" "$EVENT_ISSUE_TITLE"
write_output "author" "$EVENT_ISSUE_AUTHOR"
write_output "html_url" "$EVENT_ISSUE_URL"
write_output "labels" "$(echo "$EVENT_ISSUE_LABELS" | jq -r '[.[].name] | join(",")')"
write_output "body" "$EVENT_ISSUE_BODY"
- name: Analyze issue with Copilot CLI
env:
COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_PAT }}
GITHUB_UPSTREAM_REPO: microsoft/teams.py
run: |
ISSUE_NUMBER="${{ steps.issue.outputs.number }}"
ISSUE_URL="https://github.com/${GITHUB_UPSTREAM_REPO}/issues/${ISSUE_NUMBER}"
copilot -p "You are analyzing GitHub issue #${ISSUE_NUMBER} for the Microsoft Teams Python SDK.
Issue URL: ${ISSUE_URL}
Follow this workflow:
1. Parse the issue for concrete signals — keywords, error messages, stack traces, config names, package references.
2. Use those signals to search the codebase (grep, glob, read files). Trace execution paths to identify failure points or missing functionality.
3. Do not claim confirmation without code-based evidence.
Your FINAL message must be the complete analysis in this markdown structure:
## Issue Summary
One-paragraph summary of what the issue is reporting or requesting.
## Evidence
Concrete file pointers with line references and what you found. Quote relevant code snippets.
## Root-Cause Hypothesis
State your hypothesis with a confidence level (high/medium/low). Explain what evidence supports it and what is uncertain.
## Proposed Fix
Step-by-step what a developer should do to resolve this. Reference specific files and functions.
## Estimated Complexity
Small (< 1 day), Medium (1-3 days), or Large (3+ days) — with justification.
## Open Questions
Anything you could not confirm or that needs clarification from the issue author.
Do NOT end with a summary or meta-commentary — end with the structured analysis itself." \
--allow-tool='shell(git:*)' \
--allow-tool='read' \
--allow-tool='glob' \
--allow-tool='grep' \
--no-ask-user > /tmp/raw_analysis.txt
# Strip tool call lines (● prefix and └ prefix) to get just the analysis
python3 -c "
import sys
lines = open('/tmp/raw_analysis.txt').readlines()
# Find the last block of non-tool-call text
result = []
in_result = False
for line in lines:
stripped = line.strip()
if stripped.startswith('●') or stripped.startswith('└') or stripped.startswith('│'):
in_result = False
result = []
else:
in_result = True
result.append(line)
# Write the final analysis block
sys.stdout.write(''.join(result).strip())
" > /tmp/analysis.txt
echo "--- Copilot analysis ---"
cat /tmp/analysis.txt
- name: Triage and notify Teams
env:
CLIENT_ID: ${{ secrets.TEAMS_CLIENT_ID }}
CLIENT_SECRET: ${{ secrets.TEAMS_CLIENT_SECRET }}
TENANT_ID: ${{ secrets.TEAMS_TENANT_ID }}
TEAMS_CONVERSATION_ID: ${{ secrets.TEAMS_CONVERSATION_ID }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_UPSTREAM_REPO: microsoft/teams.py
COPILOT_ANALYSIS_FILE: /tmp/analysis.txt
ISSUE_NUMBER: ${{ steps.issue.outputs.number }}
ISSUE_TITLE: ${{ steps.issue.outputs.title }}
ISSUE_AUTHOR: ${{ steps.issue.outputs.author }}
ISSUE_HTML_URL: ${{ steps.issue.outputs.html_url }}
ISSUE_LABELS: ${{ steps.issue.outputs.labels }}
ISSUE_BODY: ${{ steps.issue.outputs.body }}
run: .venv/bin/python .github/scripts/analyze_issue.py