Skip to content

PR Buildkite Detective (Elastic-specific)

Analyze failed PR checks backed by Buildkite and report findings (read-only).

Workflow source: gh-aw-estc-pr-buildkite-detective.md

How it works

Triggered automatically when a commit status or check run reports a failure. Uses BUILDKITE_API_TOKEN to fetch failed job logs from the Buildkite REST API, then analyzes the logs and posts a PR comment with root cause and recommended fixes. Read-only — never pushes changes.

Quick Install

mkdir -p .github/workflows && curl -sL \
  https://raw.githubusercontent.com/elastic/ai-github-actions/v0/gh-agent-workflows/estc-pr-buildkite-detective/example.yml \
  -o .github/workflows/estc-pr-buildkite-detective.yml

Trigger

Event Types Condition
status N/A Commit status changed to failure
check_run completed Check run completed with conclusion failure

Inputs

Input Description Required Default
additional-instructions Repo-specific instructions appended to the agent prompt No ""
setup-commands Shell commands run before the agent starts No ""
allowed-bot-users Allowed bot actor usernames (comma-separated) No github-actions[bot]

Required Secrets

  • COPILOT_GITHUB_TOKEN
  • BUILDKITE_API_TOKEN

Safe Outputs

  • add-comment — post a comment explaining the failure (max 1, hides older detective comments)
  • noop — emitted when diagnosis is unchanged since the last report

If the agent starts but the pre-fetched Buildkite summary is unavailable, it emits noop (No Buildkite failure data). If no failed script jobs are found (or the build is not a PR build / not in a failed state), the workflow exits early with a notice and does not emit noop.

Example Workflow

name: Estc PR Buildkite Detective
on:
  status:
  check_run:
    types: [completed]

permissions:
  actions: read
  contents: read
  discussions: write
  issues: write
  pull-requests: write  # required by gh-aw compiler for add-comment (github/gh-aw#16673)

jobs:
  run:
    if: >-
      (github.event_name == 'status' && github.event.state == 'failure') ||
      (github.event_name == 'check_run' && github.event.check_run.conclusion == 'failure')
    uses: elastic/ai-github-actions/.github/workflows/gh-aw-estc-pr-buildkite-detective.lock.yml@v0
    secrets:
      COPILOT_GITHUB_TOKEN: ${{ secrets.COPILOT_GITHUB_TOKEN }}
      BUILDKITE_API_TOKEN: ${{ secrets.BUILDKITE_API_TOKEN }}