From cc07ab1cb991810e33c517c1377bb0aef3f45e06 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Apr 2026 22:09:53 +0000 Subject: [PATCH 1/7] feat: add org-wide bot reusable workflow and caller template Agent-Logs-Url: https://github.com/th30d4y/.github/sessions/3ebd0ea0-050b-490d-88d6-b63460c4e3a8 Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com> --- .../org-bot-caller.properties.json | 11 ++++ .github/workflow-templates/org-bot-caller.yml | 22 +++++++ .github/workflows/org-bot.yml | 51 +++++++++++++-- README.md | 63 +++++++++++++++++++ 4 files changed, 142 insertions(+), 5 deletions(-) create mode 100644 .github/workflow-templates/org-bot-caller.properties.json create mode 100644 .github/workflow-templates/org-bot-caller.yml diff --git a/.github/workflow-templates/org-bot-caller.properties.json b/.github/workflow-templates/org-bot-caller.properties.json new file mode 100644 index 0000000..b3fe17c --- /dev/null +++ b/.github/workflow-templates/org-bot-caller.properties.json @@ -0,0 +1,11 @@ +{ + "name": "Organization Issue/PR Bot Caller", + "description": "Calls the centralized th30d4y org bot workflow for new issues and pull requests.", + "iconName": "octicon comment-discussion", + "categories": [ + "Automation" + ], + "filePatterns": [ + ".*" + ] +} diff --git a/.github/workflow-templates/org-bot-caller.yml b/.github/workflow-templates/org-bot-caller.yml new file mode 100644 index 0000000..2bd7cba --- /dev/null +++ b/.github/workflow-templates/org-bot-caller.yml @@ -0,0 +1,22 @@ +name: Organization Issue/PR Bot Caller + +on: + issues: + types: [opened] + pull_request: + types: [opened] + +permissions: + contents: read + issues: write + pull-requests: write + +jobs: + org-bot: + uses: th30d4y/.github/.github/workflows/org-bot.yml@main + with: + event_type: ${{ github.event_name == 'issues' && 'Issue' || 'Pull Request' }} + number: ${{ github.event.issue.number || github.event.pull_request.number }} + title: ${{ github.event.issue.title || github.event.pull_request.title }} + url: ${{ github.event.issue.html_url || github.event.pull_request.html_url }} + secrets: inherit diff --git a/.github/workflows/org-bot.yml b/.github/workflows/org-bot.yml index 1080faa..38dcae8 100644 --- a/.github/workflows/org-bot.yml +++ b/.github/workflows/org-bot.yml @@ -1,6 +1,24 @@ name: Organization Issue/PR Bot on: + workflow_call: + inputs: + event_type: + description: Issue or Pull Request + required: false + type: string + number: + description: Issue or pull request number + required: false + type: string + title: + description: Issue or pull request title + required: false + type: string + url: + description: Issue or pull request URL + required: false + type: string issues: types: [opened] pull_request: @@ -22,6 +40,24 @@ jobs: script: | try { const payload = context.payload; + if (context.eventName === "workflow_call") { + const eventType = ${{ toJson(inputs.event_type) }}; + const number = ${{ toJson(inputs.number) }}; + const title = ${{ toJson(inputs.title) }}; + const url = ${{ toJson(inputs.url) }}; + + if (!eventType || !number || !url) { + core.setFailed("workflow_call requires event_type, number, and url inputs."); + return; + } + + core.setOutput("type", eventType); + core.setOutput("number", number); + core.setOutput("title", title || "(no title)"); + core.setOutput("url", url); + return; + } + if (context.eventName === "issues" && payload.issue) { core.setOutput("type", "Issue"); core.setOutput("number", String(payload.issue.number)); @@ -47,15 +83,20 @@ jobs: uses: actions/github-script@v7 with: script: | - const message = - context.eventName === "issues" - ? "👋 Thank you for opening this issue. We will review it and get back to you soon. — th30d4y" - : "👋 Hello! Thanks for your contribution. We will review this and get back to you as soon as possible. — th30d4y"; - const issueNumber = context.issue.number; + const eventType = ${{ toJson(steps.metadata.outputs.type) }}; + const message = eventType === "Issue" + ? "👋 Thank you for opening this issue. We will review it and get back to you soon. — th30d4y" + : "👋 Hello! Thanks for your contribution. We will review this and get back to you as soon as possible. — th30d4y"; + const issueNumber = Number(${{ toJson(steps.metadata.outputs.number) }}); const owner = context.repo.owner; const repo = context.repo.repo; try { + if (!issueNumber) { + core.setFailed("Unable to determine issue/pull request number for comment."); + return; + } + const comments = await github.paginate(github.rest.issues.listComments, { owner, repo, diff --git a/README.md b/README.md index 5a86cfe..1c302cd 100644 --- a/README.md +++ b/README.md @@ -1 +1,64 @@ # .github + +Organization-wide GitHub defaults and shared automation. + +## Organization Issue/PR Bot rollout + +This repository now provides: + +- A centralized reusable workflow: `/home/runner/work/.github/.github/.github/workflows/org-bot.yml` +- A workflow template for other repos: `/home/runner/work/.github/.github/.github/workflow-templates/org-bot-caller.yml` + +### 1) Configure organization secrets + +In **Organization Settings → Secrets and variables → Actions**, create: + +- `EMAIL_USER` +- `EMAIL_PASS` + +Grant both secrets to all repositories that should use the bot. + +### 2) Enable in each repository + +In each target repository, add the caller workflow from template: + +- `.github/workflows/org-bot-caller.yml` + +Or copy this minimum caller workflow: + +```yml +name: Organization Issue/PR Bot Caller + +on: + issues: + types: [opened] + pull_request: + types: [opened] + +permissions: + contents: read + issues: write + pull-requests: write + +jobs: + org-bot: + uses: th30d4y/.github/.github/workflows/org-bot.yml@main + with: + event_type: ${{ github.event_name == 'issues' && 'Issue' || 'Pull Request' }} + number: ${{ github.event.issue.number || github.event.pull_request.number }} + title: ${{ github.event.issue.title || github.event.pull_request.title }} + url: ${{ github.event.issue.html_url || github.event.pull_request.html_url }} + secrets: inherit +``` + +### 3) Validate and roll out + +1. Enable on 1–2 repositories first. +2. Open a test issue and a test PR to confirm: + - welcome comment is posted + - owner email is sent +3. Roll out to remaining repositories. + +### 4) Optional enforcement + +If your GitHub plan supports required workflows/rulesets, enforce the caller workflow org-wide. Otherwise, each repository must include the caller workflow file. From 2f6f52b313bd1c37f6ebbaa46b14b995d7a3617a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Apr 2026 22:10:42 +0000 Subject: [PATCH 2/7] fix: address review feedback for docs and workflow input type Agent-Logs-Url: https://github.com/th30d4y/.github/sessions/3ebd0ea0-050b-490d-88d6-b63460c4e3a8 Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com> --- .github/workflows/org-bot.yml | 6 +++--- README.md | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/org-bot.yml b/.github/workflows/org-bot.yml index 38dcae8..2d474d5 100644 --- a/.github/workflows/org-bot.yml +++ b/.github/workflows/org-bot.yml @@ -10,7 +10,7 @@ on: number: description: Issue or pull request number required: false - type: string + type: number title: description: Issue or pull request title required: false @@ -46,13 +46,13 @@ jobs: const title = ${{ toJson(inputs.title) }}; const url = ${{ toJson(inputs.url) }}; - if (!eventType || !number || !url) { + if (!eventType || number === null || number === undefined || !url) { core.setFailed("workflow_call requires event_type, number, and url inputs."); return; } core.setOutput("type", eventType); - core.setOutput("number", number); + core.setOutput("number", String(number)); core.setOutput("title", title || "(no title)"); core.setOutput("url", url); return; diff --git a/README.md b/README.md index 1c302cd..5a68a13 100644 --- a/README.md +++ b/README.md @@ -6,8 +6,8 @@ Organization-wide GitHub defaults and shared automation. This repository now provides: -- A centralized reusable workflow: `/home/runner/work/.github/.github/.github/workflows/org-bot.yml` -- A workflow template for other repos: `/home/runner/work/.github/.github/.github/workflow-templates/org-bot-caller.yml` +- A centralized reusable workflow: `.github/workflows/org-bot.yml` +- A workflow template for other repos: `.github/workflow-templates/org-bot-caller.yml` ### 1) Configure organization secrets From 1ee789d935075c8a7dcef4a72f0df37e839879ee Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Apr 2026 22:11:23 +0000 Subject: [PATCH 3/7] chore: finalize workflow template and docs polish Agent-Logs-Url: https://github.com/th30d4y/.github/sessions/3ebd0ea0-050b-490d-88d6-b63460c4e3a8 Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com> --- .github/workflow-templates/org-bot-caller.properties.json | 2 +- .github/workflows/org-bot.yml | 2 +- README.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflow-templates/org-bot-caller.properties.json b/.github/workflow-templates/org-bot-caller.properties.json index b3fe17c..8c2fec6 100644 --- a/.github/workflow-templates/org-bot-caller.properties.json +++ b/.github/workflow-templates/org-bot-caller.properties.json @@ -1,7 +1,7 @@ { "name": "Organization Issue/PR Bot Caller", "description": "Calls the centralized th30d4y org bot workflow for new issues and pull requests.", - "iconName": "octicon comment-discussion", + "iconName": "octicon-comment-discussion", "categories": [ "Automation" ], diff --git a/.github/workflows/org-bot.yml b/.github/workflows/org-bot.yml index 2d474d5..0a4167d 100644 --- a/.github/workflows/org-bot.yml +++ b/.github/workflows/org-bot.yml @@ -46,7 +46,7 @@ jobs: const title = ${{ toJson(inputs.title) }}; const url = ${{ toJson(inputs.url) }}; - if (!eventType || number === null || number === undefined || !url) { + if (!eventType || number == null || !url) { core.setFailed("workflow_call requires event_type, number, and url inputs."); return; } diff --git a/README.md b/README.md index 5a68a13..80d88c9 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ Organization-wide GitHub defaults and shared automation. This repository now provides: - A centralized reusable workflow: `.github/workflows/org-bot.yml` -- A workflow template for other repos: `.github/workflow-templates/org-bot-caller.yml` +- A workflow template for other repositories: `.github/workflow-templates/org-bot-caller.yml` ### 1) Configure organization secrets From 622ad4baa96df83757898f708e8263a8dcc8014f Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Apr 2026 22:12:07 +0000 Subject: [PATCH 4/7] security: pin reusable workflow ref and tighten inputs Agent-Logs-Url: https://github.com/th30d4y/.github/sessions/3ebd0ea0-050b-490d-88d6-b63460c4e3a8 Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com> --- .github/workflow-templates/org-bot-caller.yml | 2 +- .github/workflows/org-bot.yml | 2 +- README.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflow-templates/org-bot-caller.yml b/.github/workflow-templates/org-bot-caller.yml index 2bd7cba..d227a09 100644 --- a/.github/workflow-templates/org-bot-caller.yml +++ b/.github/workflow-templates/org-bot-caller.yml @@ -13,7 +13,7 @@ permissions: jobs: org-bot: - uses: th30d4y/.github/.github/workflows/org-bot.yml@main + uses: th30d4y/.github/.github/workflows/org-bot.yml@1ee789d935075c8a7dcef4a72f0df37e839879ee with: event_type: ${{ github.event_name == 'issues' && 'Issue' || 'Pull Request' }} number: ${{ github.event.issue.number || github.event.pull_request.number }} diff --git a/.github/workflows/org-bot.yml b/.github/workflows/org-bot.yml index 0a4167d..cabb7ab 100644 --- a/.github/workflows/org-bot.yml +++ b/.github/workflows/org-bot.yml @@ -13,7 +13,7 @@ on: type: number title: description: Issue or pull request title - required: false + required: true type: string url: description: Issue or pull request URL diff --git a/README.md b/README.md index 80d88c9..0c869f2 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ permissions: jobs: org-bot: - uses: th30d4y/.github/.github/workflows/org-bot.yml@main + uses: th30d4y/.github/.github/workflows/org-bot.yml@1ee789d935075c8a7dcef4a72f0df37e839879ee with: event_type: ${{ github.event_name == 'issues' && 'Issue' || 'Pull Request' }} number: ${{ github.event.issue.number || github.event.pull_request.number }} From 90bfd67822ac4c316886ff91f11c7e970ad4cb85 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Apr 2026 22:12:50 +0000 Subject: [PATCH 5/7] chore: align template reference strategy and optional title input Agent-Logs-Url: https://github.com/th30d4y/.github/sessions/3ebd0ea0-050b-490d-88d6-b63460c4e3a8 Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com> --- .github/workflow-templates/org-bot-caller.yml | 2 +- .github/workflows/org-bot.yml | 2 +- README.md | 4 +++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflow-templates/org-bot-caller.yml b/.github/workflow-templates/org-bot-caller.yml index d227a09..2bd7cba 100644 --- a/.github/workflow-templates/org-bot-caller.yml +++ b/.github/workflow-templates/org-bot-caller.yml @@ -13,7 +13,7 @@ permissions: jobs: org-bot: - uses: th30d4y/.github/.github/workflows/org-bot.yml@1ee789d935075c8a7dcef4a72f0df37e839879ee + uses: th30d4y/.github/.github/workflows/org-bot.yml@main with: event_type: ${{ github.event_name == 'issues' && 'Issue' || 'Pull Request' }} number: ${{ github.event.issue.number || github.event.pull_request.number }} diff --git a/.github/workflows/org-bot.yml b/.github/workflows/org-bot.yml index cabb7ab..0a4167d 100644 --- a/.github/workflows/org-bot.yml +++ b/.github/workflows/org-bot.yml @@ -13,7 +13,7 @@ on: type: number title: description: Issue or pull request title - required: true + required: false type: string url: description: Issue or pull request URL diff --git a/README.md b/README.md index 0c869f2..07bb9a9 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ permissions: jobs: org-bot: - uses: th30d4y/.github/.github/workflows/org-bot.yml@1ee789d935075c8a7dcef4a72f0df37e839879ee + uses: th30d4y/.github/.github/workflows/org-bot.yml@main with: event_type: ${{ github.event_name == 'issues' && 'Issue' || 'Pull Request' }} number: ${{ github.event.issue.number || github.event.pull_request.number }} @@ -51,6 +51,8 @@ jobs: secrets: inherit ``` +> Tip: once you publish a stable tag for this workflow (for example `v1`), prefer `@v1` instead of `@main`. + ### 3) Validate and roll out 1. Enable on 1–2 repositories first. From 74c72964fd83476a0ef69312923b845af62b5bd1 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Apr 2026 22:13:30 +0000 Subject: [PATCH 6/7] docs: clarify versioning tip and tighten issue number validation Agent-Logs-Url: https://github.com/th30d4y/.github/sessions/3ebd0ea0-050b-490d-88d6-b63460c4e3a8 Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com> --- .github/workflows/org-bot.yml | 4 ++-- README.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/org-bot.yml b/.github/workflows/org-bot.yml index 0a4167d..2c0c778 100644 --- a/.github/workflows/org-bot.yml +++ b/.github/workflows/org-bot.yml @@ -12,7 +12,7 @@ on: required: false type: number title: - description: Issue or pull request title + description: Issue or pull request title (optional; falls back to "(no title)") required: false type: string url: @@ -92,7 +92,7 @@ jobs: const repo = context.repo.repo; try { - if (!issueNumber) { + if (issueNumber == null || Number.isNaN(issueNumber) || issueNumber <= 0) { core.setFailed("Unable to determine issue/pull request number for comment."); return; } diff --git a/README.md b/README.md index 07bb9a9..3776803 100644 --- a/README.md +++ b/README.md @@ -51,7 +51,7 @@ jobs: secrets: inherit ``` -> Tip: once you publish a stable tag for this workflow (for example `v1`), prefer `@v1` instead of `@main`. +> Tip: once you publish a stable tag for this workflow (for example `v1`), prefer `@v1` instead of `@main` so repositories get controlled, versioned updates instead of inheriting breaking changes immediately. ### 3) Validate and roll out From 621bd2f312c6bd5636ac1bd8437281ecf39c0306 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 22 Apr 2026 22:14:06 +0000 Subject: [PATCH 7/7] fix: simplify issue number validation check Agent-Logs-Url: https://github.com/th30d4y/.github/sessions/3ebd0ea0-050b-490d-88d6-b63460c4e3a8 Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com> --- .github/workflows/org-bot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/org-bot.yml b/.github/workflows/org-bot.yml index 2c0c778..44f63a9 100644 --- a/.github/workflows/org-bot.yml +++ b/.github/workflows/org-bot.yml @@ -92,7 +92,7 @@ jobs: const repo = context.repo.repo; try { - if (issueNumber == null || Number.isNaN(issueNumber) || issueNumber <= 0) { + if (Number.isNaN(issueNumber) || issueNumber <= 0) { core.setFailed("Unable to determine issue/pull request number for comment."); return; }