Summary
The add-reviewer safe-output is unreliable when used to re-request a review from the Copilot bot (copilot-pull-request-reviewer, App ID 175728472) on a cross-repo draft PR. Two distinct bugs combine to make it fail in our setup.
Repro
Workflow frontmatter (gh-aw v0.74.x):
safe-outputs:
add-reviewer:
reviewers: [copilot]
max: 1
target-repo: "microsoft/vscode"Workflow lives in microsoft/vscode-engineering; driven PR lives in microsoft/vscode.
Observed behavior in run logs:
Adding reviewers to PR #314780: reviewers=["copilot"], team_reviewers=[]
POST /repos/microsoft/vscode-engineering/pulls/314780/requested_reviewers - 404
##[warning]Failed to add copilot as reviewer: Not Found
Bug 1: target-repo is ignored
The handler POSTs to the workflow's source repo (microsoft/vscode-engineering) rather than the configured target-repo (microsoft/vscode), so the call 404s on any cross-repo target.
Other safe-outputs (add-comment, push-to-pull-request-branch, update-pull-request, reply-to-pull-request-review-comment) honor target-repo correctly in the same workflow.
Bug 2: Wrong API surface for the Copilot bot
Even when target-repo works, the copilot magic value is routed through the REST User-slot path:
POST /repos/{owner}/{repo}/pulls/{n}/requested_reviewers with body {"reviewers":["copilot"]}.
The Copilot reviewer bot is a GitHub App / Bot, not a User. The REST endpoint either no-ops or, on draft PRs, the Copilot bot self-removes from the User slot within ~1s. Confirmed via:
gh api graphql -f query='{ repository(owner:"microsoft",name:"vscode") { pullRequest(number:N) { reviewRequests(first:10) { nodes { requestedReviewer { __typename ... on Bot { login } ... on User { login } } } } } } }'
The working call is the GraphQL requestReviews mutation with botIds:
mutation(\!, \!) {
requestReviews(input:{ pullRequestId:\, botIds:[\], union:true }) {
pullRequest { id }
}
}with botIds: ["BOT_kgDOCnlnWA"] (global node id for copilot-pull-request-reviewer).
Proposed fix
When add-reviewer is invoked with reviewers: [copilot] (or any reviewer whose __typename is Bot):
- Resolve
target-repo correctly (same logic as the other cross-repo safe-outputs).
- Use GraphQL
requestReviews with botIds: [...] for Bot-type reviewers, falling back to the REST User-slot only for actual Users.
Same approach is already implemented in our backstop workflow errors-fix-followup.yml.
Workaround we're using
We accept the flakiness for now and rely on a separate workflow_run-triggered workflow that re-requests Copilot via the GraphQL mutation. Tracked in our repo at .github/skills/errors-fix-driver/WORKAROUNDS.md (#4).
Environment
- gh-aw: v0.74.x
- Workflow:
errors-fix-driver (microsoft/vscode-engineering)
- Target PR: cross-repo, draft, on microsoft/vscode
Summary
The
add-reviewersafe-output is unreliable when used to re-request a review from the Copilot bot (copilot-pull-request-reviewer, App ID 175728472) on a cross-repo draft PR. Two distinct bugs combine to make it fail in our setup.Repro
Workflow frontmatter (gh-aw v0.74.x):
Workflow lives in
microsoft/vscode-engineering; driven PR lives inmicrosoft/vscode.Observed behavior in run logs:
Bug 1:
target-repois ignoredThe handler POSTs to the workflow's source repo (
microsoft/vscode-engineering) rather than the configuredtarget-repo(microsoft/vscode), so the call 404s on any cross-repo target.Other safe-outputs (
add-comment,push-to-pull-request-branch,update-pull-request,reply-to-pull-request-review-comment) honortarget-repocorrectly in the same workflow.Bug 2: Wrong API surface for the Copilot bot
Even when
target-repoworks, thecopilotmagic value is routed through the REST User-slot path:POST /repos/{owner}/{repo}/pulls/{n}/requested_reviewerswith body{"reviewers":["copilot"]}.The Copilot reviewer bot is a GitHub App / Bot, not a User. The REST endpoint either no-ops or, on draft PRs, the Copilot bot self-removes from the User slot within ~1s. Confirmed via:
The working call is the GraphQL
requestReviewsmutation withbotIds:with
botIds: ["BOT_kgDOCnlnWA"](global node id forcopilot-pull-request-reviewer).Proposed fix
When
add-revieweris invoked withreviewers: [copilot](or any reviewer whose__typenameisBot):target-repocorrectly (same logic as the other cross-repo safe-outputs).requestReviewswithbotIds: [...]for Bot-type reviewers, falling back to the REST User-slot only for actual Users.Same approach is already implemented in our backstop workflow
errors-fix-followup.yml.Workaround we're using
We accept the flakiness for now and rely on a separate
workflow_run-triggered workflow that re-requests Copilot via the GraphQL mutation. Tracked in our repo at.github/skills/errors-fix-driver/WORKAROUNDS.md(#4).Environment
errors-fix-driver(microsoft/vscode-engineering)