Reusable Pull Request Dashboard

[trask]

Ported from https://github.com/open-telemetry/semantic-conventions-genai

Example dashboard it creates: open-telemetry/semantic-conventions-genai#204

[Copilot]

Pull request overview

This PR introduces a centralized, reusable “Pull Request Dashboard” system in open-telemetry/shared-workflows, including a scheduled workflow to build/publish per-repo dashboards, a Netlify webhook bridge to trigger targeted refreshes, and supporting Python/Node tooling and documentation.

Changes:

• Add a scheduled + dispatchable GitHub Actions workflow to compute dashboard state, post review guidance, send Slack notifications, and publish a dashboard issue per configured repository.
• Add a Netlify webhook bridge (function + deploy workflow) to dispatch targeted refreshes on relevant GitHub webhook events.
• Add the Python implementation for state management, rendering, classification via Copilot CLI, and publishing/notification utilities, plus configuration/docs.

Reviewed changes

Copilot reviewed 20 out of 21 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
README.md	Updates repository description and replaces placeholder maintainer list with named maintainers.
.github/workflows/pull-request-dashboard.yml	New central workflow to build/update dashboard state, post guidance, notify Slack, and publish the dashboard issue.
.github/workflows/deploy-pull-request-dashboard-webhook.yml	New workflow to deploy the Netlify webhook bridge.
.github/scripts/pull-request-dashboard/README.md	Documents configuration, state layout, and how to run/refresh the dashboard.
.github/scripts/pull-request-dashboard/RATIONALE.md	Architecture and tradeoff rationale for the centralized workflow design.
.github/scripts/pull-request-dashboard/WEBHOOK_SETUP.md	Operational setup guide for Netlify + GitHub App permissions and dispatch contract.
.github/scripts/pull-request-dashboard/repositories.json	Initial target-repository configuration (approver teams, approvals, Slack routing/mapping).
.github/scripts/pull-request-dashboard/dashboard.py	Main dashboard generator (fetch facts/threads, classify, route, render, and manage git-backed state).
.github/scripts/pull-request-dashboard/classification.py	Copilot CLI-based per-thread classification + on-run caching.
.github/scripts/pull-request-dashboard/github_cli.py	GitHub CLI helpers (REST/GraphQL access, retries, review thread pagination).
.github/scripts/pull-request-dashboard/render.py	Markdown rendering for dashboard tables, draft section, and diagnostics.
.github/scripts/pull-request-dashboard/state.py	State file schema/versioning, load/save helpers, and merge utilities.
.github/scripts/pull-request-dashboard/state_branch.py	Git worktree + CAS-style push logic for the dashboard state branch.
.github/scripts/pull-request-dashboard/publish_dashboard.py	Publishes the accepted dashboard markdown to a labeled dashboard issue.
.github/scripts/pull-request-dashboard/notify_slack.py	Sends due Slack notifications based on accepted dashboard state.
.github/scripts/pull-request-dashboard/notifications.py	Slack notification cadence logic and webhook delivery/retry implementation.
.github/scripts/pull-request-dashboard/utils.py	Shared utility helpers (timestamps, truncation, formatting).
.github/scripts/pull-request-dashboard/netlify.toml	Netlify build/functions configuration for the webhook bridge.
.github/scripts/pull-request-dashboard/netlify/functions/github-webhook.js	Netlify function to validate GitHub webhooks and dispatch the central workflow.
.github/scripts/copilot-cli/package.json	Pins the @github/copilot CLI dependency used by classification.
.github/scripts/copilot-cli/package-lock.json	Lockfile for the pinned Copilot CLI install used in workflow runs.

Files not reviewed (1)

• .github/scripts/copilot-cli/package-lock.json: Generated file

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 19 out of 20 changed files in this pull request and generated 2 comments.

Files not reviewed (1)

• .github/scripts/copilot-cli/package-lock.json: Generated file

[Copilot]

Pull request overview

Copilot reviewed 19 out of 20 changed files in this pull request and generated 3 comments.

Files not reviewed (1)

• .github/scripts/copilot-cli/package-lock.json: Generated file

[Copilot]

Pull request overview

Copilot reviewed 19 out of 20 changed files in this pull request and generated 3 comments.

Files not reviewed (1)

• .github/scripts/copilot-cli/package-lock.json: Generated file

[Copilot]

Pull request overview

Copilot reviewed 19 out of 20 changed files in this pull request and generated no new comments.

Files not reviewed (1)

• .github/scripts/copilot-cli/package-lock.json: Generated file

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated no new comments.

Files not reviewed (1)

• .github/scripts/pull-request-dashboard/package-lock.json: Generated file

Comments suppressed due to low confidence (1)

.github/workflows/pull-request-dashboard.yml:180

• The run-repo-dashboard job calls the reusable workflow but does not declare a permissions block, so it inherits this workflow's top-level permissions: contents: read (lines 33-34). A called reusable workflow's GITHUB_TOKEN permissions can only be downgraded from the caller's, never elevated. The reusable workflow's update-dashboard and notify-slack jobs declare contents: write and push the state branch to origin (this repo) via state_branch.push_state, which authenticates with secrets.GITHUB_TOKEN. Capped at contents: read, that git push --force-with-lease will fail with HTTP 403, the CAS retry loop will exhaust, and update_dashboard will return non-zero — failing every dashboard run.

Grant the calling job contents: write so the called jobs that need it can push state (the other scopes the reusable jobs declare are satisfied by the GitHub App token, not GITHUB_TOKEN).

      trigger_action: ${{ needs.resolve-targets.outputs.trigger_action }}
      trigger_review_id: ${{ needs.resolve-targets.outputs.trigger_review_id }}
      required_approvals: ${{ matrix.required_approvals || 1 }}
      approver_teams_json: ${{ toJSON(matrix.approver_teams || fromJSON('[]')) }}
      slack_channel: ${{ matrix.slack_channel }}
      slack_user_mapping_json: ${{ toJSON(matrix.slack_user_mapping || fromJSON('{}')) }}

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated 1 comment.

Files not reviewed (1)

• .github/scripts/pull-request-dashboard/package-lock.json: Generated file

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated no new comments.

Files not reviewed (1)

• .github/scripts/pull-request-dashboard/package-lock.json: Generated file

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated 1 comment.

Files not reviewed (1)

• .github/scripts/pull-request-dashboard/package-lock.json: Generated file

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated 1 comment.

Files not reviewed (1)

• .github/scripts/pull-request-dashboard/package-lock.json: Generated file

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated 2 comments.

Files not reviewed (1)

• .github/scripts/pull-request-dashboard/package-lock.json: Generated file

[Copilot]

Pull request overview

Copilot reviewed 22 out of 23 changed files in this pull request and generated no new comments.

Files not reviewed (1)

• .github/scripts/pull-request-dashboard/package-lock.json: Generated file