feat: Add GitHub Actions workflow for AI-driven automated documentation#1
feat: Add GitHub Actions workflow for AI-driven automated documentation#1alpemreelmas wants to merge 1 commit intomainfrom
Conversation
İş AkışıGitHub Actions iş akışı Değişiklikler
Sıra DiyagramısequenceDiagram
participant GH as GitHub Actions
participant Analyze as analyze-changes
participant OpenAI as OpenAI API
participant Claude as Claude Agent
participant Update as agentic-update
participant Repo as Repository
GH->>Analyze: PR merged (tetikleme)
Analyze->>Repo: Değiştirilen dosyaları topla
Analyze->>Analyze: İlk 100 satırı çıkar
Analyze->>Analyze: Markdown dokümanlarını topla
Analyze->>OpenAI: change_summary + doc_summary gönder
OpenAI-->>Analyze: DOC_PLAN.md oluştur (gerekli vs değil)
Analyze->>Analyze: Artifact olarak kaydet
Update->>Update: Başlat (analyze-changes bitti)
Update->>Update: doc-plan artifact indir
Update->>Claude: Güncelleme planını gönder
Claude->>Claude: Belgeleme güncellemelerini analiz et
Claude-->>Update: Uygulama talimatları
Update->>Repo: Yeni branch oluştur (docs/update-flow-*)
Update->>Repo: Değişiklikleri commit et
Update->>GH: Güncelleme PR'ı aç
GH-->>GH: PR açıldı, yorum eklendi (plan dahil)
Tahmini Kod İncelemesi Çabası🎯 4 (Karmaşık) | ⏱️ ~45 dakika
Pre-merge checks and finishing touches✅ Passed checks (3 passed)
✨ Finishing touches🧪 Generate unit tests (beta)
Warning Review ran into problems🔥 ProblemsErrors were encountered while retrieving linked issues. Errors (1)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Summary of ChangesHello @alpemreelmas, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request implements an AI-driven automated documentation update flow. It introduces a new GitHub Actions workflow that, upon a Pull Request merge, analyzes code changes to identify modifications to business flows or system processes. If significant changes are detected, it leverages AI to generate or update corresponding documentation in the Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a new GitHub Actions workflow for AI-driven documentation updates. The implementation is comprehensive, leveraging both OpenAI and Anthropic models for planning and execution. My review focuses on improving the security, robustness, and maintainability of the workflow. Key feedback includes addressing a critical security vulnerability related to agent permissions, improving error handling in shell scripts to prevent silent failures, and fixing brittle logic that parses LLM output. These changes will make the workflow more secure and reliable.
| - Execute the changes, push the branch, and create the PR. | ||
| - Do not ask for approval. | ||
| claude_args: | | ||
| --dangerously-skip-permissions |
There was a problem hiding this comment.
The use of --dangerously-skip-permissions grants the LLM agent unrestricted shell access on the runner. This is a significant security vulnerability. A malicious or compromised model response could execute arbitrary commands, potentially exfiltrating secrets (GH_PAT, OPENAI_API_KEY, ANTHROPIC_API_KEY), altering repository code in unintended ways, or using the runner for malicious activities. The principle of least privilege should be strictly followed.
| while IFS= read -r file; do | ||
| if [ -n "$file" ] && [ -f "$file" ]; then | ||
| mkdir -p ".artifacts/changed_files/$(dirname "$file")" | ||
| head -n 100 "$file" > ".artifacts/changed_files/$file" 2>/dev/null || true |
There was a problem hiding this comment.
Suppressing errors with 2>/dev/null || true can hide important issues during workflow execution, such as file permission errors or other problems with the head command. This makes debugging failures very difficult, as the step will appear to succeed even if it processed no data. It's better to let the step fail on an unexpected error.
head -n 100 "$file" > ".artifacts/changed_files/$file"| find docs -name "*.md" -type f 2>/dev/null | while read file; do | ||
| if [ -f "$file" ]; then | ||
| mkdir -p ".artifacts/docs/$(dirname "$file")" | ||
| head -n 100 "$file" > ".artifacts/docs/$file" 2>/dev/null || true | ||
| fi | ||
| done |
There was a problem hiding this comment.
The script suppresses errors from find (with 2>/dev/null) and head (with 2>/dev/null || true). This can hide important issues, such as the docs directory not existing or files being unreadable, making the workflow unreliable and hard to debug.
if [ -d "docs" ]; then
find docs -name "*.md" -type f | while read file; do
if [ -f "$file" ]; then
mkdir -p ".artifacts/docs/$(dirname "$file")"
head -n 100 "$file" > ".artifacts/docs/$file"
fi
done
fi| github-token: ${{ secrets.GH_PAT }} | ||
| script: | | ||
| const plan = `${{ steps.read-plan.outputs.plan }}`; | ||
| const isRequired = plan.includes('Status\nREQUIRED') || plan.includes('Status: REQUIRED'); |
There was a problem hiding this comment.
The logic to determine if a documentation update is required is brittle and likely incorrect. It checks for Status\nREQUIRED or Status: REQUIRED. However, based on the prompt provided to the OpenAI model (lines 112-113), the expected output format is ## Status\n[REQUIRED]. The current check will likely always fail to detect when an update is required.
const isRequired = plan.includes('[REQUIRED]');| for file in *.md; do | ||
| if [ -f "$file" ]; then | ||
| head -n 100 "$file" > ".artifacts/docs/$file" 2>/dev/null || true | ||
| fi | ||
| done |
There was a problem hiding this comment.
The for file in *.md loop is not a robust way to find files. If no .md files exist in the root directory, the loop will execute once with the literal string *.md. This construct also has a potential bug where it can overwrite documentation files from the docs/ subdirectory if a file with the same name exists in the root (e.g., README.md).
find . -maxdepth 1 -name "*.md" -type f | while read file; do
if [ -f "$file" ]; then
# Use local_path to avoid overwriting files from the docs/ dir
local_path="${file#./}"
mkdir -p ".artifacts/docs/$(dirname "$local_path")"
head -n 100 "$file" > ".artifacts/docs/$local_path"
fi
done| env: | ||
| GH_TOKEN: ${{ secrets.GH_PAT }} | ||
| GITHUB_TOKEN: ${{ secrets.GH_PAT }} |
There was a problem hiding this comment.
You are setting both GH_TOKEN and GITHUB_TOKEN in the env block for this step. This is redundant. The anthropics/claude-code-action action uses the github_token input parameter, which is already being set from secrets.GH_PAT on line 181. The env block can be removed to simplify the workflow file.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 5
📜 Review details
Configuration used: CodeRabbit UI
Review profile: ASSERTIVE
Plan: Pro
Disabled knowledge base sources:
- Jira integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (1)
target_repo/documentation-update.yml(1 hunks)
🔇 Additional comments (2)
target_repo/documentation-update.yml (2)
175-175: Action is legitimate and properly versioned.
anthropics/claude-code-action@v1is an official Anthropic GitHub Action that is actively maintained and documented. The v1 tag is current (latest: v1.0.21) and the usage pattern is correct. No changes needed.
221-223: No action needed — model and flag are valid.The model
claude-sonnet-4-5-20250929is the currently available Claude Sonnet 4.5 (released September 29, 2025), with the date in the name indicating its release date rather than any staleness. The--dangerously-skip-permissionsflag is a documented Claude Code CLI parameter designed to bypass permission prompts in non-interactive environments (CI/CD, Docker, headless scenarios). Both are intentional and appropriate for this use case.
| analyze-changes: | ||
| if: github.event.pull_request.merged == true && !startsWith(github.event.pull_request.head.ref, 'docs/') | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| ref: ${{ github.event.pull_request.base.ref }} | ||
| fetch-depth: 2 | ||
|
|
||
| - name: Get changed files and their content | ||
| id: changed-files | ||
| run: | | ||
| # Get list of files changed in the merge commit | ||
| CHANGED_FILES=$(git diff --name-only HEAD^1 HEAD) | ||
|
|
||
| echo "changed_files<<EOF" >> $GITHUB_OUTPUT | ||
| echo "$CHANGED_FILES" >> $GITHUB_OUTPUT | ||
| echo "EOF" >> $GITHUB_OUTPUT | ||
|
|
||
| mkdir -p .artifacts/changed_files | ||
|
|
||
| # Get content of each changed file | ||
| while IFS= read -r file; do | ||
| if [ -n "$file" ] && [ -f "$file" ]; then | ||
| mkdir -p ".artifacts/changed_files/$(dirname "$file")" | ||
| head -n 100 "$file" > ".artifacts/changed_files/$file" 2>/dev/null || true | ||
| fi | ||
| done <<< "$CHANGED_FILES" | ||
|
|
||
| - name: Get documentation content | ||
| id: get-docs | ||
| run: | | ||
| mkdir -p .artifacts/docs | ||
| find docs -name "*.md" -type f 2>/dev/null | while read file; do | ||
| if [ -f "$file" ]; then | ||
| mkdir -p ".artifacts/docs/$(dirname "$file")" | ||
| head -n 100 "$file" > ".artifacts/docs/$file" 2>/dev/null || true | ||
| fi | ||
| done | ||
| for file in *.md; do | ||
| if [ -f "$file" ]; then | ||
| head -n 100 "$file" > ".artifacts/docs/$file" 2>/dev/null || true | ||
| fi | ||
| done | ||
|
|
||
| - name: Prepare Context | ||
| id: prepare-context | ||
| run: | | ||
| CHANGE_SUMMARY="" | ||
| while IFS= read -r file; do | ||
| if [ -n "$file" ] && [ -f ".artifacts/changed_files/$file" ]; then | ||
| CHANGE_SUMMARY+="\n\nFile: $file\n" | ||
| CHANGE_SUMMARY+="First 100 lines:\n\`\`\`\n$(cat ".artifacts/changed_files/$file")\n\`\`\`\n" | ||
| fi | ||
| done <<< "${{ steps.changed-files.outputs.changed_files }}" | ||
|
|
||
| DOC_SUMMARY="" | ||
| find .artifacts/docs -name "*.md" -type f 2>/dev/null | while read file; do | ||
| rel_path=${file#.artifacts/docs/} | ||
| DOC_SUMMARY+="\n\nDocument: $rel_path\n" | ||
| DOC_SUMMARY+="First 100 lines:\n\`\`\`\n$(cat "$file")\n\`\`\`\n" | ||
| done | ||
|
|
||
| echo "change_summary<<EOF" >> $GITHUB_OUTPUT | ||
| echo "$CHANGE_SUMMARY" >> $GITHUB_OUTPUT | ||
| echo "EOF" >> $GITHUB_OUTPUT | ||
|
|
||
| echo "doc_summary<<EOF" >> $GITHUB_OUTPUT | ||
| echo "$DOC_SUMMARY" >> $GITHUB_OUTPUT | ||
| echo "EOF" >> $GITHUB_OUTPUT | ||
|
|
||
| - name: Create Documentation Plan | ||
| id: create-plan | ||
| uses: openai/openai-action@v1 | ||
| with: | ||
| api-key: ${{ secrets.OPENAI_API_KEY }} | ||
| prompt: | | ||
| You are a Senior Technical Writer and Documentation Planner for Flalingo. | ||
|
|
||
| CONTEXT: | ||
| - A PR has just been merged. | ||
| - We need to determine if the changes significantly affect a "flow" (business logic, user journey, system process). | ||
| - If a flow is modified, we must update the documentation. | ||
| - Small code changes or additions do not need to be documented. | ||
|
|
||
| INPUTS: | ||
| - CODE CHANGES: See below. | ||
| - EXISTING DOCUMENTATION: See below. | ||
|
|
||
| TASK: | ||
| 1. Analyze the code changes. | ||
| 2. Decide if a flow has been modified. | ||
| 3. Create a detailed "Documentation Update Plan". | ||
|
|
||
| PLAN FORMAT (Markdown): | ||
|
|
||
| # Documentation Update Plan | ||
|
|
||
| ## Status | ||
| [REQUIRED / NOT_REQUIRED] | ||
|
|
||
| ## Analysis | ||
| [Brief explanation of why updates are or are not needed] | ||
|
|
||
| ## Changes Required (if Status is REQUIRED) | ||
| For each file to be created or updated: | ||
|
|
||
| ### File: `docs/<filename>.md` | ||
| **Action:** [Create / Update / Rewrite] | ||
| **Content Requirements:** | ||
| - **Purpose:** [What this flow does] | ||
| - **Scope:** [Boundaries of the flow] | ||
| - **Components:** [Modules involved] | ||
| - **Capabilities:** [What it can do] | ||
| - **Limitations:** [Constraints] | ||
| - **Developer Notes:** [Technical details] | ||
|
|
||
| CODE CHANGES: | ||
| ${{ steps.prepare-context.outputs.change_summary }} | ||
|
|
||
| EXISTING DOCUMENTATION: | ||
| ${{ steps.prepare-context.outputs.doc_summary }} | ||
|
|
||
| - name: Save Plan Artifact | ||
| run: | | ||
| mkdir -p .artifacts | ||
| echo "${{ steps.create-plan.outputs.completion }}" > .artifacts/DOC_PLAN.md | ||
|
|
||
| - name: Upload Plan | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: doc-plan | ||
| path: .artifacts/DOC_PLAN.md | ||
|
|
||
| agentic-update: | ||
| needs: analyze-changes | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: write | ||
| pull-requests: write | ||
| issues: write | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| ref: ${{ github.event.pull_request.base.ref }} | ||
| fetch-depth: 0 | ||
|
|
||
| - uses: actions/download-artifact@v4 | ||
| with: | ||
| name: doc-plan | ||
| path: .artifacts | ||
|
|
||
| - name: Read Plan | ||
| id: read-plan | ||
| run: | | ||
| PLAN=$(cat .artifacts/DOC_PLAN.md) | ||
| echo "plan<<EOF" >> $GITHUB_OUTPUT | ||
| echo "$PLAN" >> $GITHUB_OUTPUT | ||
| echo "EOF" >> $GITHUB_OUTPUT | ||
|
|
||
| - name: Execute Documentation Updates (Claude Code) | ||
| uses: anthropics/claude-code-action@v1 | ||
| env: | ||
| GH_TOKEN: ${{ secrets.GH_PAT }} | ||
| GITHUB_TOKEN: ${{ secrets.GH_PAT }} | ||
| with: | ||
| anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} | ||
| github_token: ${{ secrets.GH_PAT }} | ||
| show_full_output: true | ||
| prompt: | | ||
| You are an Agentic Technical Writer for Flalingo. | ||
|
|
||
| CONTEXT: | ||
| - You are running in a CI/CD workflow after a PR merge. | ||
| - Your goal is to update the documentation based on the provided plan. | ||
|
|
||
| DOCUMENTATION PLAN: | ||
| --- | ||
| ${{ steps.read-plan.outputs.plan }} | ||
| --- | ||
|
|
||
| INSTRUCTIONS: | ||
| 1. Read the "Documentation Update Plan" above. | ||
| 2. Check the "Status". | ||
| - If Status is "NOT_REQUIRED", print "No updates needed" and exit. | ||
| 3. If Status is "REQUIRED": | ||
| - Follow the "Changes Required" section. | ||
| - Create or update the specified Markdown files in the `docs/` directory. | ||
| - Ensure the content follows the structure: Purpose, Scope, Components, Capabilities, Limitations, Developer Notes. | ||
| - Write high-quality, clear English documentation. | ||
| - Do NOT include security or performance concerns unless critical. | ||
| 4. Create Pull Request: | ||
| - Create a new branch: `docs/update-flow-${{ github.event.pull_request.number }}` | ||
| - Configure git user (Documentation Bot). | ||
| - Commit changes with message: "docs: Update flow documentation" | ||
| - Push the branch. | ||
| - Create a PR using `gh pr create`: | ||
| - Title: "docs: Update flow documentation for PR #${{ github.event.pull_request.number }}" | ||
| - Body: "Automated documentation updates based on changes in PR #${{ github.event.pull_request.number }}." | ||
| - Base: ${{ github.event.pull_request.base.ref }} | ||
| - Reviewer: ${{ github.event.pull_request.user.login }} | ||
|
|
||
| CRITICAL: | ||
| - You have permission to write to the repository. | ||
| - Execute the changes, push the branch, and create the PR. | ||
| - Do not ask for approval. | ||
| claude_args: | | ||
| --dangerously-skip-permissions | ||
| --max-turns 50 | ||
| --model claude-sonnet-4-5-20250929 |
There was a problem hiding this comment.
Hata işleme ve idempotency riski.
İş akışında hata işleme mekanizması eksiktir. OpenAI API veya Claude API çağrıları başarısız olursa, iş akışı devam edebilir veya kısmi verilerle çalışabilir. Ayrıca, bu iş akışı birden çok kez çalışırsa, aynı belgelendirme güncellemelerine sahip birden fazla PR oluşturulabilir.
- OpenAI ve Claude adımlarına açık hata kontrolleri ekleyin (
if: failure()veya başarısızlık durumunda çık) - Mevcut bir
docs/update-flow-*PR'sı kontrol edin; varsa, yeni PR yerine mevcut olanı güncelleyin - İşlemlerin başarısını doğrulamak için adım sonrası kontroller ekleyin
- name: Create Documentation Plan
id: create-plan
uses: openai/openai-action@v1
with:
api-key: ${{ secrets.OPENAI_API_KEY }}
prompt: |
# ... (prompt content)
- name: Validate Plan
run: |
if [ ! -f .artifacts/DOC_PLAN.md ] || [ ! -s .artifacts/DOC_PLAN.md ]; then
echo "Error: Documentation plan is empty or missing"
exit 1
fi🤖 Prompt for AI Agents
In target_repo/documentation-update.yml around lines 14-223, the workflow lacks
error handling and idempotency: add explicit failure handling for the Create
Documentation Plan and Execute Documentation Updates steps (ensure the job stops
on API errors — e.g., use step-level if/outputs or fail-fast behaviour so the
workflow exits when OpenAI/Claude calls fail), add a Validate Plan step
immediately after create-plan that checks .artifacts/DOC_PLAN.md exists and is
non-empty and fails the job if not, and modify the agentic-update flow to detect
an existing branch/PR named docs/update-flow-<PR#> (or existing open PR
targeting the same base with that branch) and update that PR/branch instead of
always creating a new one, plus add post-step success checks after publishing
docs to confirm files were committed/pushed and a PR was created (and fail the
job if those checks do not pass).
| - uses: actions/checkout@v4 | ||
| with: | ||
| ref: ${{ github.event.pull_request.base.ref }} | ||
| fetch-depth: 2 |
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
find . -name "documentation-update.yml" -type fRepository: htuzel/azmi-bot
Length of output: 97
🏁 Script executed:
cat -n ./target_repo/documentation-update.ymlRepository: htuzel/azmi-bot
Length of output: 10929
🏁 Script executed:
# Search for any related documentation or comments in the repo about this workflow
rg -i "github.event.pull_request" ./target_repo/ -A 2 -B 2Repository: htuzel/azmi-bot
Length of output: 7960
🌐 Web query:
GitHub Actions pull_request.closed event behavior checkout ref base.ref
💡 Result:
Short answer
- For pull_request.closed GitHub sets GITHUB_REF differently depending on how it was closed:
- If merged: GITHUB_REF = the base branch ref (e.g., refs/heads/main). [1]
- If closed but not merged: GITHUB_REF = refs/pull/NN/merge. [1]
- actions/checkout defaults to the event ref (GITHUB_REF). So on pull_request.closed the checkout step will check out whatever GITHUB_REF is (base branch when merged, refs/pull/NN/merge when just closed). [2][4]
Implications / gotchas
- The pull_request webhook payload can be empty for merged PRs and for PRs from forks, so using fields from the payload on a closed/merged event can be unreliable. [1]
- Checking out the PR head branch by name is risky for security/TOCTOU; prefer pinning to an immutable SHA when you must run code from a PR. [6][4]
How to explicitly control checkout
- To check out the merge commit GitHub created (default for many PR events) or the repo ref, you can leave actions/checkout default.
- To check out the PR source commit (immutable), use the SHA: with: ref: ${{ github.event.pull_request.head.sha }} (or ${{ github.sha }} depending on event context). To check out the source branch name use ${{ github.head_ref }} (but branch names are mutable). [2][4][6]
Sources
[1] GitHub Docs — Events that trigger workflows (pull_request behavior and GITHUB_REF notes).
[2] GitHub actions/checkout README (defaults and the ref input).
[4] GitHub Docs — webhook payload notes about merged PRs and forks.
[6] GitHub Security Lab guidance on TOCTOU and using head ref vs immutable SHAs.
Checkout of base branch defeats the purpose; git diff HEAD^1 HEAD will compare wrong commits.
The workflow checks out base.ref (line 20), which is the base branch post-merge, not the PR's merge commit. Subsequently, git diff HEAD^1 HEAD on line 27 diffs the last two commits of the base branch—not the files changed by the PR. While fetch-depth: 2 is sufficient to ensure HEAD^1 exists, the configuration is fundamentally incorrect.
To capture PR changes, either:
- Remove the
refparameter to use the default merge commit checkout, or - Explicitly use
ref: ${{ github.event.pull_request.head.sha }}with appropriate fetch-depth, then diff against the base branch (e.g.,git diff origin/base...HEAD).
🤖 Prompt for AI Agents
In target_repo/documentation-update.yml around lines 18 to 21, the workflow is
checking out the PR's base branch (ref: github.event.pull_request.base.ref)
which makes subsequent git diff HEAD^1 HEAD compare the wrong commits; fix this
by either removing the ref parameter so the default checkout yields the merge
commit for the PR, or explicitly set ref: ${ github.event.pull_request.head.sha
} and increase fetch-depth so the head commit is available, then perform the
diff against the base branch (for example diff origin/<base>...HEAD) instead of
HEAD^1 HEAD.
| find .artifacts/docs -name "*.md" -type f 2>/dev/null | while read file; do | ||
| rel_path=${file#.artifacts/docs/} | ||
| DOC_SUMMARY+="\n\nDocument: $rel_path\n" | ||
| DOC_SUMMARY+="First 100 lines:\n\`\`\`\n$(cat "$file")\n\`\`\`\n" | ||
| done |
There was a problem hiding this comment.
KRITIK: Subshell'de değişken ataması kaybolacak.
Lines 71-75'te, find komutunun çıktısı pipe üzerinden while read döngüsüne yönlendirilmektedir. Pipe kullanan while döngüsü bir subshell'de çalışır ve bu subshell içinde atanan değişkenler (DOC_SUMMARY) subshell çıkışında kaybolur. Sonuç olarak, DOC_SUMMARY boş kalacak ve daha sonraki adımlarda OpenAI prompt'unda mevcut belgelere referans olmayacaktır.
Bu sorunu çözmek için, dosyaları bir dizi içinde toplayın:
DOC_SUMMARY=""
- find .artifacts/docs -name "*.md" -type f 2>/dev/null | while read file; do
- rel_path=${file#.artifacts/docs/}
- DOC_SUMMARY+="\n\nDocument: $rel_path\n"
- DOC_SUMMARY+="First 100 lines:\n\`\`\`\n$(cat "$file")\n\`\`\`\n"
- done
+ while IFS= read -r file; do
+ if [ -f "$file" ]; then
+ rel_path=${file#.artifacts/docs/}
+ DOC_SUMMARY+="\n\nDocument: $rel_path\n"
+ DOC_SUMMARY+="First 100 lines:\n\`\`\`\n$(cat "$file")\n\`\`\`\n"
+ fi
+ done < <(find .artifacts/docs -name "*.md" -type f 2>/dev/null)Alternatif olarak, tüm dosyaları bir diziye toplayıp sonra işleyin.
🤖 Prompt for AI Agents
In target_repo/documentation-update.yml around lines 71 to 75, the while read
loop is run through a pipe so it executes in a subshell and any assignments to
DOC_SUMMARY are lost; fix by collecting the file list in the parent shell first
(e.g. populate an array using process-substitution or mapfile from the find
output, or use find -print0 and read into an array), then iterate over that
array in the current shell and append each file’s path and contents to
DOC_SUMMARY so the variable retains its value for later steps.
|
|
||
| - name: Create Documentation Plan | ||
| id: create-plan | ||
| uses: openai/openai-action@v1 |
There was a problem hiding this comment.
🧩 Analysis chain
🌐 Web query:
openai/openai-action GitHub action
💡 Result:
I couldn't find an official openai/openai-action repository on GitHub. Searches show multiple third‑party "OpenAI" GitHub Actions (e.g., ChatGPT/Completions/PR‑review actions) in the Marketplace, but not a repo named openai/openai-action from OpenAI. See examples: OpenAI ChatGPT Action, OpenAI Completions, and various PR-review actions. [1][2][3]
If you meant a specific third‑party action, tell me the exact repository or Marketplace entry and I’ll fetch its README/usage. References:
- OpenAI ChatGPT Action (Marketplace listing). [1]
- OpenAI Completions (Marketplace listing). [2]
- Example OpenAI PR-review/commit actions on Marketplace. [3]
🌐 Web query:
OpenAI official GitHub actions marketplace
💡 Result:
The official OpenAI GitHub Action is openai/codex-action (Codex Exec) — repo and docs show how to use it in GitHub Actions. See:
- openai/codex-action repository. [1]
- OpenAI Codex docs (GitHub Action / Codex SDK). [2]
External action verification required: openai/openai-action
openai/openai-action@v1 does not appear to be an official OpenAI GitHub action. No official repository openai/openai-action exists on GitHub. If an OpenAI action is needed, consider using the official openai/codex-action or verify that the referenced action is from a trusted third-party source with active maintenance.
🤖 Prompt for AI Agents
In target_repo/documentation-update.yml at line 87, the workflow references an
unverified action uses: openai/openai-action@v1; replace it with a trusted
action or verify/pin the third‑party source. Either change the uses to the
official OpenAI action (for example openai/codex-action@v1) if its functionality
matches your needs, or update the reference to a verified repository by using
the full owner/repo@SHA of a maintained action and add a note in the workflow or
repo docs pointing to the action's GitHub URL and maintainers so reviewers can
confirm it’s trusted and actively maintained.
| github-token: ${{ secrets.GH_PAT }} | ||
| script: | | ||
| const plan = `${{ steps.read-plan.outputs.plan }}`; | ||
| const isRequired = plan.includes('Status\nREQUIRED') || plan.includes('Status: REQUIRED'); |
There was a problem hiding this comment.
Durum tespiti mantığı güvenilir olmayabilir.
Line 232'deki statü tespiti plan.includes('Status\nREQUIRED') ve plan.includes('Status: REQUIRED') kontrollerine dayanmaktadır. Markdown biçimlendirmesi ve satır sonu karakterleri nedeniyle bu kontrol başarısız olabilir. Özellikle OpenAI yanıtının tam olarak beklenen formatta olacağı garantilenmiyor.
Daha güvenilir bir yöntem kullanın:
const plan = `${{ steps.read-plan.outputs.plan }}`;
- const isRequired = plan.includes('Status\nREQUIRED') || plan.includes('Status: REQUIRED');
+ const isRequired = /##\s+Status\s+REQUIRED/i.test(plan) || /^Status:\s*REQUIRED/im.test(plan);Veya OpenAI prompt'unda JSON format kullanmayı düşünün ve ardından parse edin.
🤖 Prompt for AI Agents
In target_repo/documentation-update.yml around line 232, the current status
detection uses brittle string includes with exact "Status\nREQUIRED" and
"Status: REQUIRED"; replace that with a robust check: normalize newlines and
whitespace (e.g., convert CRLF to LF and collapse spaces), then use a
case-insensitive regular expression to match patterns like "Status" followed by
optional colon or newline and any amount of whitespace then "REQUIRED" (or
similar variants), and prefer switching the OpenAI prompt to return structured
JSON and parse the status field if possible for full reliability.
1 participant
Pull Request
Description
Implement automatic (AI Driven) document update flow.
This PR introduces a new GitHub Actions workflow (documentation-update.yml) that automatically keeps project documentation in sync with code changes. When a Pull Request is merged, this agentic workflow analyzes the code changes to determine if any business flows or system processes have been modified. If changes are detected, it automatically generates or updates the corresponding documentation in the
docs/directory and opens a new Pull Request for review.Type of Change
Changes Made
Please describe the changes in detail:
Modified Files
documentation-update.yml
New Files
claude-code-action) to write the actual documentation content based on the plan.Testing
Testing Done
Test Results
Describe what you tested and the results:
Screenshots
N/A
Documentation
Checklist
Before Submitting
Security
OPENAI_API_KEY,ANTHROPIC_API_KEY,GH_PAT)Workflows (if applicable)
Scripts (if applicable)
set -euo pipefailchmod +x)Breaking Changes
If this PR introduces breaking changes, please describe:
OPENAI_API_KEY,ANTHROPIC_API_KEY, andGH_PATsecrets to be set in the repository.Additional Notes
This workflow uses a dual-model approach: OpenAI for high-level planning and analysis, and Claude for detailed content generation and git operations.
Reviewer Checklist
For reviewers:
Thank you for contributing to Azmi Bot!
Summary by CodeRabbit
Sürüm Notları
✏️ Tip: You can customize this high-level summary in your review settings.