mirrors/z3
3
0
Fork 0
mirror of https://github.com/Z3Prover/z3 synced 2026-02-22 00:07:36 +00:00
Code Activity

Change workflow suggestion agent schedule from daily to weekly

Browse source 
Co-authored-by: NikolajBjorner <3085284+NikolajBjorner@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot] 2026-02-21 03:24:07 +00:00
parent d929f85719
commit 920428f293
2 changed files with 105 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

124
.github/workflows/workflow-suggestion-agent.lock.yml generated vendored
View file

@ -13,7 +13,7 @@
# \ /\ / (_) | | | | ( | | | | (_) \ V V /\__ \
# \/ \/ \___/|_| |_|\_\|_| |_|\___/ \_/\_/ |___/
#
# This file was automatically generated by gh-aw (v0.45.6). DO NOT EDIT.
# This file was automatically generated by gh-aw (v0.47.6). DO NOT EDIT.
#
# To update this file, edit the corresponding .md file and run:
# gh aw compile
@ -21,15 +21,15 @@
#
# For more information: https://github.github.com/gh-aw/introduction/overview/
#
# Daily agent that suggests which agentic workflow agents should be added to the Z3 repository
# Weekly agent that suggests which agentic workflow agents should be added to the Z3 repository
#
# gh-aw-metadata: {"schema_version":"v1","frontmatter_hash":"e843fd2471b755f0e55b763d050dbdc764bee11d999fb91914bd1ac46c73cfc5"}
# gh-aw-metadata: {"schema_version":"v1","frontmatter_hash":"4b33fde33f7b00d5b78ebf13851b0c74a0b8a72ccd1d51ac5714095269b61862","compiler_version":"v0.47.6"}
name: "Workflow Suggestion Agent"
"on":
schedule:
- cron: "31 6 * * *"
# Friendly format: daily (scattered)
- cron: "31 6 * * 3"
# Friendly format: weekly (scattered)
workflow_dispatch:
permissions: {}
@ -49,9 +49,17 @@ jobs:
comment_repo: ""
steps:
- name: Setup Scripts
uses: github/gh-aw/actions/setup@v0.45.6
uses: github/gh-aw/actions/setup@v0.47.6
with:
destination: /opt/gh-aw/actions
- name: Validate context variables
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
with:
script: |
const { setupGlobals } = require('/opt/gh-aw/actions/setup_globals.cjs');
setupGlobals(core, github, context, exec, io);
const { main } = require('/opt/gh-aw/actions/validate_context_variables.cjs');
await main();
- name: Checkout .github and .agents folders
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
@ -119,6 +127,25 @@ jobs:
**Critical**: Tool calls write structured data that downstream jobs process. Without tool calls, follow-up actions will be skipped.
**Note**: If you made no other safe output tool calls during this workflow execution, call the "noop" tool to provide a status message indicating completion or that no actions were needed.
---
## Creating a Discussion, Reporting Missing Tools or Functionality, Reporting Missing Data
**IMPORTANT**: To perform the actions listed above, use the **safeoutputs** tools. Do NOT use `gh`, do NOT call the GitHub API directly. You do not have write access to the GitHub repository.
**Creating a Discussion**
To create a discussion, use the create_discussion tool from safeoutputs.
**Reporting Missing Tools or Functionality**
To report a missing tool or capability, use the missing_tool tool from safeoutputs.
**Reporting Missing Data**
To report missing data required to achieve a goal, use the missing_data tool from safeoutputs.
</instructions>
</safe-outputs>
<github-context>
@ -254,13 +281,15 @@ jobs:
secret_verification_result: ${{ steps.validate-secret.outputs.verification_result }}
steps:
- name: Setup Scripts
uses: github/gh-aw/actions/setup@v0.45.6
uses: github/gh-aw/actions/setup@v0.47.6
with:
destination: /opt/gh-aw/actions
- name: Create gh-aw temp directory
run: bash /opt/gh-aw/actions/create_gh_aw_tmp_dir.sh
- name: Checkout repository
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
with:
persist-credentials: false
# Cache memory file share configuration from frontmatter processed below
- name: Create cache-memory directory
@ -309,8 +338,8 @@ jobs:
engine_name: "GitHub Copilot CLI",
model: process.env.GH_AW_MODEL_AGENT_COPILOT || "",
version: "",
agent_version: "0.0.410",
cli_version: "v0.45.6",
agent_version: "0.0.412",
cli_version: "v0.47.6",
workflow_name: "Workflow Suggestion Agent",
experimental: false,
supports_tools_allowlist: true,
@ -325,7 +354,7 @@ jobs:
staged: false,
allowed_domains: ["defaults"],
firewall_enabled: true,
awf_version: "v0.19.1",
awf_version: "v0.20.2",
awmg_version: "v0.1.4",
steps: {
firewall: "squid"
@ -347,9 +376,9 @@ jobs:
env:
COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }}
- name: Install GitHub Copilot CLI
run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.410
run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.412
- name: Install awf binary
run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.19.1
run: bash /opt/gh-aw/actions/install_awf_binary.sh v0.20.2
- name: Determine automatic lockdown mode for GitHub MCP Server
id: determine-automatic-lockdown
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
@ -361,7 +390,7 @@ jobs:
const determineAutomaticLockdown = require('/opt/gh-aw/actions/determine_automatic_lockdown.cjs');
await determineAutomaticLockdown(github, context, core);
- name: Download container images
run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/gh-aw-firewall/agent:0.19.1 ghcr.io/github/gh-aw-firewall/squid:0.19.1 ghcr.io/github/gh-aw-mcpg:v0.1.4 ghcr.io/github/github-mcp-server:v0.30.3 ghcr.io/github/serena-mcp-server:latest node:lts-alpine
run: bash /opt/gh-aw/actions/download_docker_images.sh ghcr.io/github/gh-aw-firewall/agent:0.20.2 ghcr.io/github/gh-aw-firewall/api-proxy:0.20.2 ghcr.io/github/gh-aw-firewall/squid:0.20.2 ghcr.io/github/gh-aw-mcpg:v0.1.4 ghcr.io/github/github-mcp-server:v0.31.0 ghcr.io/github/serena-mcp-server:latest node:lts-alpine
- name: Write Safe Outputs Config
run: |
mkdir -p /opt/gh-aw/safeoutputs
@ -497,6 +526,31 @@ jobs:
}
}
},
"missing_data": {
"defaultMax": 20,
"fields": {
"alternatives": {
"type": "string",
"sanitize": true,
"maxLength": 256
},
"context": {
"type": "string",
"sanitize": true,
"maxLength": 256
},
"data_type": {
"type": "string",
"sanitize": true,
"maxLength": 128
},
"reason": {
"type": "string",
"sanitize": true,
"maxLength": 256
}
}
},
"missing_tool": {
"defaultMax": 20,
"fields": {
@ -600,7 +654,7 @@ jobs:
"mcpServers": {
"github": {
"type": "stdio",
"container": "ghcr.io/github/github-mcp-server:v0.30.3",
"container": "ghcr.io/github/github-mcp-server:v0.31.0",
"env": {
"GITHUB_LOCKDOWN_MODE": "$GITHUB_MCP_LOCKDOWN",
"GITHUB_PERSONAL_ACCESS_TOKEN": "\${GITHUB_MCP_SERVER_TOKEN}",
@ -651,8 +705,8 @@ jobs:
timeout-minutes: 30
run: |
set -o pipefail
sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --allow-domains api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --enable-host-access --image-tag 0.19.1 --skip-pull \
-- /bin/bash -c '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"${GH_AW_MODEL_AGENT_COPILOT:+ --model "$GH_AW_MODEL_AGENT_COPILOT"}' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log
sudo -E awf --env-all --container-workdir "${GITHUB_WORKSPACE}" --allow-domains api.business.githubcopilot.com,api.enterprise.githubcopilot.com,api.github.com,api.githubcopilot.com,api.individual.githubcopilot.com,api.snapcraft.io,archive.ubuntu.com,azure.archive.ubuntu.com,crl.geotrust.com,crl.globalsign.com,crl.identrust.com,crl.sectigo.com,crl.thawte.com,crl.usertrust.com,crl.verisign.com,crl3.digicert.com,crl4.digicert.com,crls.ssl.com,github.com,host.docker.internal,json-schema.org,json.schemastore.org,keyserver.ubuntu.com,ocsp.digicert.com,ocsp.geotrust.com,ocsp.globalsign.com,ocsp.identrust.com,ocsp.sectigo.com,ocsp.ssl.com,ocsp.thawte.com,ocsp.usertrust.com,ocsp.verisign.com,packagecloud.io,packages.cloud.google.com,packages.microsoft.com,ppa.launchpad.net,raw.githubusercontent.com,registry.npmjs.org,s.symcb.com,s.symcd.com,security.ubuntu.com,telemetry.enterprise.githubcopilot.com,ts-crl.ws.symantec.com,ts-ocsp.ws.symantec.com --log-level info --proxy-logs-dir /tmp/gh-aw/sandbox/firewall/logs --enable-host-access --image-tag 0.20.2 --skip-pull --enable-api-proxy \
-- /bin/bash -c '/usr/local/bin/copilot --add-dir /tmp/gh-aw/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --add-dir "${GITHUB_WORKSPACE}" --disable-builtin-mcps --allow-all-tools --add-dir /tmp/gh-aw/cache-memory/ --allow-all-paths --prompt "$(cat /tmp/gh-aw/aw-prompts/prompt.txt)"${GH_AW_MODEL_AGENT_COPILOT:+ --model "$GH_AW_MODEL_AGENT_COPILOT"}' 2>&1 | tee -a /tmp/gh-aw/agent-stdio.log
env:
COPILOT_AGENT_RUNNER_TYPE: STANDALONE
COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }}
@ -661,6 +715,7 @@ jobs:
GH_AW_PROMPT: /tmp/gh-aw/aw-prompts/prompt.txt
GH_AW_SAFE_OUTPUTS: ${{ env.GH_AW_SAFE_OUTPUTS }}
GITHUB_HEAD_REF: ${{ github.head_ref }}
GITHUB_MCP_SERVER_TOKEN: ${{ secrets.GH_AW_GITHUB_MCP_SERVER_TOKEN || secrets.GH_AW_GITHUB_TOKEN || secrets.GITHUB_TOKEN }}
GITHUB_REF_NAME: ${{ github.ref_name }}
GITHUB_STEP_SUMMARY: ${{ env.GITHUB_STEP_SUMMARY }}
GITHUB_WORKSPACE: ${{ github.workspace }}
@ -829,7 +884,7 @@ jobs:
total_count: ${{ steps.missing_tool.outputs.total_count }}
steps:
- name: Setup Scripts
uses: github/gh-aw/actions/setup@v0.45.6
uses: github/gh-aw/actions/setup@v0.47.6
with:
destination: /opt/gh-aw/actions
- name: Download agent output artifact
@ -883,6 +938,7 @@ jobs:
GH_AW_CHECKOUT_PR_SUCCESS: ${{ needs.agent.outputs.checkout_pr_success }}
GH_AW_CREATE_DISCUSSION_ERRORS: ${{ needs.safe_outputs.outputs.create_discussion_errors }}
GH_AW_CREATE_DISCUSSION_ERROR_COUNT: ${{ needs.safe_outputs.outputs.create_discussion_error_count }}
GH_AW_GROUP_REPORTS: "false"
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
@ -920,7 +976,7 @@ jobs:
success: ${{ steps.parse_results.outputs.success }}
steps:
- name: Setup Scripts
uses: github/gh-aw/actions/setup@v0.45.6
uses: github/gh-aw/actions/setup@v0.47.6
with:
destination: /opt/gh-aw/actions
- name: Download agent artifacts
@ -935,7 +991,7 @@ jobs:
with:
name: agent-output
path: /tmp/gh-aw/threat-detection/
- name: Echo agent output types
- name: Print agent output types
env:
AGENT_OUTPUT_TYPES: ${{ needs.agent.outputs.output_types }}
run: |
@ -944,7 +1000,7 @@ jobs:
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
WORKFLOW_NAME: "Workflow Suggestion Agent"
WORKFLOW_DESCRIPTION: "Daily agent that suggests which agentic workflow agents should be added to the Z3 repository"
WORKFLOW_DESCRIPTION: "Weekly agent that suggests which agentic workflow agents should be added to the Z3 repository"
HAS_PATCH: ${{ needs.agent.outputs.has_patch }}
with:
script: |
@ -962,7 +1018,7 @@ jobs:
env:
COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }}
- name: Install GitHub Copilot CLI
run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.410
run: /opt/gh-aw/actions/install_copilot_cli.sh 0.0.412
- name: Execute GitHub Copilot CLI
id: agentic_execution
# Copilot CLI tool arguments (sorted):
@ -981,7 +1037,7 @@ jobs:
mkdir -p /tmp/gh-aw/
mkdir -p /tmp/gh-aw/agent/
mkdir -p /tmp/gh-aw/sandbox/agent/logs/
copilot --add-dir /tmp/ --add-dir /tmp/gh-aw/ --add-dir /tmp/gh-aw/agent/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --allow-tool 'shell(cat)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(jq)' --allow-tool 'shell(ls)' --allow-tool 'shell(tail)' --allow-tool 'shell(wc)' --share /tmp/gh-aw/sandbox/agent/logs/conversation.md --prompt "$COPILOT_CLI_INSTRUCTION"${GH_AW_MODEL_DETECTION_COPILOT:+ --model "$GH_AW_MODEL_DETECTION_COPILOT"} 2>&1 | tee /tmp/gh-aw/threat-detection/detection.log
copilot --add-dir /tmp/ --add-dir /tmp/gh-aw/ --add-dir /tmp/gh-aw/agent/ --log-level all --log-dir /tmp/gh-aw/sandbox/agent/logs/ --disable-builtin-mcps --allow-tool 'shell(cat)' --allow-tool 'shell(grep)' --allow-tool 'shell(head)' --allow-tool 'shell(jq)' --allow-tool 'shell(ls)' --allow-tool 'shell(tail)' --allow-tool 'shell(wc)' --prompt "$COPILOT_CLI_INSTRUCTION"${GH_AW_MODEL_DETECTION_COPILOT:+ --model "$GH_AW_MODEL_DETECTION_COPILOT"} 2>&1 | tee /tmp/gh-aw/threat-detection/detection.log
env:
COPILOT_AGENT_RUNNER_TYPE: STANDALONE
COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }}
@ -1031,7 +1087,7 @@ jobs:
process_safe_outputs_temporary_id_map: ${{ steps.process_safe_outputs.outputs.temporary_id_map }}
steps:
- name: Setup Scripts
uses: github/gh-aw/actions/setup@v0.45.6
uses: github/gh-aw/actions/setup@v0.47.6
with:
destination: /opt/gh-aw/actions
- name: Download agent output artifact
@ -1058,6 +1114,13 @@ jobs:
setupGlobals(core, github, context, exec, io);
const { main } = require('/opt/gh-aw/actions/safe_output_handler_manager.cjs');
await main();
- name: Upload safe output items manifest
if: always()
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
with:
name: safe-output-items
path: /tmp/safe-output-items.jsonl
if-no-files-found: warn
update_cache_memory:
needs:
@ -1066,18 +1129,31 @@ jobs:
if: always() && needs.detection.outputs.success == 'true'
runs-on: ubuntu-latest
permissions: {}
env:
GH_AW_WORKFLOW_ID_SANITIZED: workflowsuggestionagent
steps:
- name: Setup Scripts
uses: github/gh-aw/actions/setup@v0.45.6
uses: github/gh-aw/actions/setup@v0.47.6
with:
destination: /opt/gh-aw/actions
- name: Download cache-memory artifact (default)
id: download_cache_default
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6
continue-on-error: true
with:
name: cache-memory
path: /tmp/gh-aw/cache-memory
- name: Check if cache-memory folder has content (default)
id: check_cache_default
shell: bash
run: |
if [ -d "/tmp/gh-aw/cache-memory" ] && [ "$(ls -A /tmp/gh-aw/cache-memory 2>/dev/null)" ]; then
echo "has_content=true" >> $GITHUB_OUTPUT
else
echo "has_content=false" >> $GITHUB_OUTPUT
fi
- name: Save cache-memory to cache (default)
if: steps.check_cache_default.outputs.has_content == 'true'
uses: actions/cache/save@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
with:
key: memory-${{ env.GH_AW_WORKFLOW_ID_SANITIZED }}-${{ github.run_id }}

8
.github/workflows/workflow-suggestion-agent.md vendored
View file

@ -1,8 +1,8 @@
---
description: Daily agent that suggests which agentic workflow agents should be added to the Z3 repository
description: Weekly agent that suggests which agentic workflow agents should be added to the Z3 repository
on:
schedule: daily
schedule: weekly
timeout-minutes: 30
@ -28,6 +28,8 @@ safe-outputs:
steps:
- name: Checkout repository
uses: actions/checkout@v5
with:
persist-credentials: false
---
@ -224,7 +226,7 @@ If a very recent discussion exists:
Create a GitHub Discussion with:
**Title:** "[Workflow Suggestions] Daily Report - [Date]"
**Title:** "[Workflow Suggestions] Weekly Report - [Date]"
**Content Structure:**
- **Executive Summary:** Number of suggestions, priority breakdown