Skip to content

📖 Enhance README with comprehensive examples and improved workflows #148

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

📖 Enhance README with comprehensive examples and improved workflows #148

wants to merge 8 commits into from

Conversation

Copy link

Copilot AI commented Sep 26, 2025
edited
Loading

  • Analyze current repository structure and understand the action
  • Review existing examples in README.md
  • Run tests to ensure repository is in working state
  • Identify areas where examples need to be more descriptive
  • Create more comprehensive workflow examples for different use cases
  • Enhance the allow list file example with better descriptions
  • Add real-world scenarios and use cases
  • Update the documentation to be more helpful for users
  • Test all changes and ensure they don't break existing functionality
  • Address code review feedback about token documentation
  • Final formatting and testing completed
  • Remove Advanced Use Cases section per @stoe feedback
  • Update organization workflow to use matrix strategy and read org names from filenames
  • Simplify Allow List File Examples section (removed confusing detailed examples)
  • Add documentation links for immutable releases and enterprise policies
  • Remove incorrect fine-grained token guidance for enterprise settings
  • Fix JSON escaping in shell script for matrix generation

Latest Changes

Shell Script Syntax Fix:

  • Fixed JSON escaping in the matrix generation shell script
  • Line 96: Changed MATRIX_JSON="{"include":[" to MATRIX_JSON="{\"include\":["
  • Line 108: Changed MATRIX_JSON="$MATRIX_JSON{"org":"$ORG_NAME","file":"$file"}" to MATRIX_JSON="$MATRIX_JSON{\"org\":\"$ORG_NAME\",\"file\":\"$file\"}"
  • Ensured proper JSON syntax throughout the shell script for GitHub Actions matrix generation

The shell script now correctly generates valid JSON for the matrix strategy, preventing potential parsing errors in GitHub Actions workflows.

Original prompt

This section details on the original issue you should resolve

<issue_title>📖 Add example</issue_title>
<issue_description>Have a descriptive example in the readme.md</issue_description>

<agent_instructions>Update any existing examples to be more descriptive.</agent_instructions>

Comments on the Issue (you are @copilot in this section)

Fixes #5

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

Copilot AI changed the title [WIP] 📖 Add example 📖 Enhance README with comprehensive and descriptive examples Sep 26, 2025
Copilot finished work on behalf of stoe September 26, 2025 05:35
Copilot AI requested a review from stoe September 26, 2025 05:35
@stoe
Copy link
Contributor

stoe commented Sep 26, 2025

@copilot, no need for "Advanced Use Cases"

Copy link
Author

Copilot AI commented Sep 26, 2025

@copilot, no need for "Advanced Use Cases"

Removed the "Advanced Use Cases" section as requested. The README now flows directly from Security Considerations to Allow List File Examples. Commit: 455dfeb

Copilot finished work on behalf of stoe September 26, 2025 05:41
stoe
stoe requested changes Sep 26, 2025
View reviewed changes
Copy link
Contributor

@stoe stoe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot, also incorporate

Copy link
Author

Copilot AI commented Sep 26, 2025

@copilot, also incorporate

Added documentation links to the Allow List File section:

  • Using immutable releases and tags guide
  • Enterprise policies documentation
    Commit: 88b9d61

Copilot AI changed the title 📖 Enhance README with comprehensive and descriptive examples 📖 Enhance README with comprehensive examples and improved workflows Sep 26, 2025
Copilot AI requested a review from stoe September 26, 2025 05:54
Copilot finished work on behalf of stoe September 26, 2025 05:54
stoe
stoe reviewed Sep 26, 2025
View reviewed changes
Copilot finished work on behalf of stoe September 26, 2025 06:04
Copilot AI requested a review from stoe September 26, 2025 06:04
@stoe stoe marked this pull request as ready for review September 26, 2025 06:06
@stoe stoe requested a review from a team as a code owner September 26, 2025 06:06
Copilot AI review requested due to automatic review settings September 26, 2025 06:06
Copilot AI reviewed Sep 26, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR significantly enhances the README.md with comprehensive, real-world examples and documentation to help users successfully implement GitHub Actions allow lists across different environments. The documentation has been transformed from basic usage to a complete implementation guide.

  • Expanded from a single basic example to three comprehensive workflow examples covering enterprise, organization, and GitHub Enterprise Server scenarios
  • Added detailed token setup guide with proper scopes and security considerations
  • Enhanced allow list documentation with best practices for versioning and security

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

Copilot AI requested a review from stoe September 26, 2025 06:09
Copilot finished work on behalf of stoe September 26, 2025 06:09
stoe
stoe requested changes Sep 26, 2025
View reviewed changes
Copilot AI requested a review from stoe September 26, 2025 06:19
Copilot finished work on behalf of stoe September 26, 2025 06:19
@stoe stoe enabled auto-merge (squash) September 26, 2025 06:21
@joshjohanning
Copy link
Contributor

Hmm - don't know if I love the examples Copilot is generating :')

As additional examples, I like validating the YML before running

https://github.com/joshjohanning-org/actions-allow-list-as-code/blob/42ee72844b6a42c4df6b5335537926bdfe4160cd/.github/workflows/actions-allow-list.yml#L23-L30

As well as using a GitHub App for authentication (for an org) instead of a PAT

https://github.com/joshjohanning-org/actions-allow-list-as-code/blob/42ee72844b6a42c4df6b5335537926bdfe4160cd/.github/workflows/actions-allow-list.yml#L32-L38

@stoe
Copy link
Contributor

stoe commented Sep 27, 2025

Agreed, @joshjohanning
The generated ones are an experiment and I'm also not too fond of them.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@stoe stoe Awaiting requested review from stoe stoe is a code owner

Requested changes must be addressed to merge this pull request.

Assignees

@stoe stoe

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

📖 Add example

3 participants

@stoe @joshjohanning