[ci-scan] Add ci-failure-fix workflow

[kotlarmilos]

What

Adds a new agentic workflow ci-failure-fix and reworks the CI outer-loop failure trio to stop muting/disabling tests and instead attempt real mitigations, looping in authors when a fix is uncertain.

Three-tier fixer model

ci-failure-fix walks open Known Build Errors (KBEs) and produces exactly one outcome per KBE:

1. Confident fix (validated, small, in-bounds) -> draft [ci-fix] fix PR.
2. Help-wanted (plausible candidate diff, unverified or out-of-bounds) -> draft [ci-fix] Needs review: PR carrying a best-effort diff, a "what is unverified / where I need help" section, and an owner loop-in.
3. Loop-in comment (no producible diff: JIT/GC codegen, security/API design, infra) -> a single comment, as a last resort.

Hard rules: never mute/disable/skip tests; one outcome per KBE; at most one open PR + one comment per KBE (no spam); skip a KBE if an open PR already addresses it.

Companion changes

• ci-failure-scan is reduced to detection-only.
• ci-failure-scan-feedback is extended to score the new fixer outcomes, tracking confident fix PRs and help-wanted PRs separately. A help-wanted PR closed unmerged is not, by itself, counted as a quality miss.

Why

Replaces the prior mute/disable approach with mitigation plus author hand-off, and feeds both scan and fix quality back through the shared feedback loop so detection and mitigation improve together.

[Copilot]

Pull request overview

This PR reshapes the “CI outer-loop failure” automation by making ci-failure-scan detection-only (KBE filing) and introducing a new ci-failure-fix workflow responsible for mitigation (draft fix PRs / help-wanted PRs / last-resort handoff comments). It also updates the feedback workflow to score scanner vs fixer outcomes separately.

Changes:

• Remove PR-emitting behavior from ci-failure-scan (KBEs only) and update its compiled lock workflow accordingly.
• Add a new ci-failure-fix agentic workflow (+ lock) that attempts fixes or performs owner hand-off without muting/disabling tests.
• Extend ci-failure-scan-feedback to ingest/score both workflows and track separate KPIs for scan vs fix.

Show a summary per file

File	Description
.github/workflows/ci-failure-scan.md	Updates scanner prompt to be detection-only; removes test-disable PR guidance and adds handoff-to-fixer framing.
.github/workflows/ci-failure-scan.lock.yml	Regenerated compiled workflow to remove PR creation capabilities and associated permissions/config.
.github/workflows/ci-failure-scan-feedback.md	Extends feedback/scoring logic to include the new fixer workflow and separate metrics.
.github/workflows/ci-failure-scan-feedback.lock.yml	Regenerated compiled workflow to allow edits to both scan and fix prompts.
.github/workflows/ci-failure-fix.md	New mitigation workflow prompt: produces fix/help PRs or last-resort handoff comments, never test muting.
.github/workflows/ci-failure-fix.lock.yml	Compiled lock workflow for the new ci-failure-fix agentic workflow.

Copilot's findings

• Files reviewed: 6/6 changed files
• Comments generated: 3

[Copilot]

Copilot's findings

• Files reviewed: 7/7 changed files
• Comments generated: 4

[Copilot]

Copilot's findings

• Files reviewed: 8/8 changed files
• Comments generated: 4

[github-actions]

🤖 Copilot Code Review — PR #128991

Note

This review was AI/Copilot-generated.

Holistic Assessment

Motivation: Well justified. Replacing the prior "scan + mute tests" approach with "scan (detection) + fix/hand-off (mitigation)" is architecturally sound. The separation of concerns lets each workflow iterate independently and eliminates the contentious test-disabling that previously required human cleanup.

Approach: The three-tier model (confident fix → help-wanted PR → loop-in comment) is well-designed. The "always try to produce a diff" bias is the right default — it gives reviewers something concrete to react to instead of just a comment. The feedback workflow correctly evaluates fixer and scanner on separate quality axes.

Summary: ✅ LGTM. The PR is internally consistent across all modified files. All previously-flagged review issues (hard rule #1 inconsistency, skip-reason vocabulary gaps, updated:>= stranding old KBEs, tally token alignment) were resolved in follow-up commits. The pat_pool manual-patch workaround for the compiler limitation is correctly applied across all three lock files. No blocking issues remain.

---

Detailed Findings

✅ Separation of concerns — clean and consistent

• ci-failure-scan.md: create-pull-request removed from frontmatter; all Branch B/C logic (test-disable PRs) excised; hard rule CoreFx hardcodes paths in the Native scripts. #9 changed from "no same-run test-disable PR" to "never mute."
• ci-failure-fix.md: Owns all mitigation. Hard rule Define a root README.md #3 explicitly prohibits [ActiveIssue], [SkipOnPlatform], csproj exclusions — the enumeration is thorough enough to prevent creative workarounds.
• Cross-references between the two workflows are bidirectional (scanner points to fixer, fixer points to scanner, feedback evaluates both).

✅ Dedup logic — thorough

Step 3 of ci-failure-fix.md checks 6 conditions before acting on any KBE: open fix PR, merged fix PR, recently-closed-unmerged PR, human PR, author-engaged comments, and prior handoff comment. This effectively prevents spam and respects human-in-the-loop signals. The freshness gate (60 min) in Step 2 further avoids races with the labeler.

✅ Feedback workflow — correctly extended

• Fixer quality (Section C) is kept separate from scanner quality (Section B) — no metric cross-contamination.
• Help-wanted PRs closed unmerged correctly NOT counted as rejected unless maintainer pushback keywords are detected. This matches the design intent (help-wanted PRs explicitly invite closure).
• New rejection keywords (wrong fix, this isn't the cause, wrong owner, not my area, don't @ me) are appropriate for fixer-specific feedback.

✅ Shared area-skills.instructions.md — well-structured

Path clarity issue from earlier review addressed: line 9 explicitly states "Skill paths in the table below are relative to .github/skills/" and gives a concrete expansion example. The DRY principle is served — agents and skills reference one canonical mapping.

✅ create-kbe.instructions.md extensions — pragmatic

• Integrity-filtered PR handling prevents duplicate KBE filing when a relevant PR exists but is hidden by the integrity gate.
• Unconditional merged-fix search for assertion/native signatures addresses a real gap where closed KBEs don't appear in open-only dedup.

✅ Lock files — manual patches applied

All three lock files carry the pat_pool manual patch with a clear explanation comment referencing upstream gh-aw issue #30232. The HEAD commit specifically re-applies this patch, indicating awareness of the recompile lifecycle.

💡 Timeout budget (non-blocking observation)

The 90-minute timeout for the fixer is reasonable given the 5-PR cap, but root-cause analysis (AzDO timeline walking, git log bisection) plus build-validation for confident fixes could be tight when multiple KBEs are actionable. The design handles this gracefully — a fix that can't be validated in time drops to help-wanted, and per-KBE tracking means unprocessed KBEs are picked up next run. No change needed.

---

Models contributing: claude-opus-4.6

Generated by Code Review for issue #128991 · ● 11.5M · ◷