Skip to content

Run evals in parallel with safe_outputs by rewiring compiler job needs#45752

Merged
pelikhan merged 9 commits into
mainfrom
copilot/update-compiler-for-evals-job
Jul 15, 2026
Merged

Run evals in parallel with safe_outputs by rewiring compiler job needs#45752
pelikhan merged 9 commits into
mainfrom
copilot/update-compiler-for-evals-job

Conversation

Copilot AI commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

This change updates workflow compilation so the evals job no longer waits on safe_outputs. evals now runs after agent (and detection when present), enabling parallel execution with safe outputs while keeping dependency correctness.

  • Dependency graph change

    • evals needs were changed from safe_outputs|agent + activation to agent + activation (+ detection when enabled).
    • safe_outputs is no longer a hard dependency of evals.
  • Job condition alignment

    • The evals runtime guard now consistently keys off needs.agent.result != 'skipped', instead of switching between agent and safe_outputs.
  • Targeted compiler coverage

    • Added focused unit coverage for evals dependency resolution in:
      • detection-disabled safe-outputs configs
      • detection-enabled safe-outputs configs
jobs:
  evals:
    needs: [agent, activation]          # + detection when detection job is enabled
    if: ${{ always() && needs.agent.result != 'skipped' }}

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Copilot AI changed the title Update evals job needs to run parallel with safe_outputs Run evals in parallel with safe_outputs by rewiring compiler job needs Jul 15, 2026
Copilot AI requested a review from pelikhan July 15, 2026 14:49
@pelikhan pelikhan marked this pull request as ready for review July 15, 2026 14:50
Copilot AI review requested due to automatic review settings July 15, 2026 14:50
@github-actions

github-actions Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

🧠 Matt Pocock Skills Reviewer has completed the skills-based review. ✅

@github-actions

github-actions Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

PR Code Quality Reviewer completed the code quality review.

@github-actions

github-actions Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Test Quality Sentinel completed test quality analysis.

@github-actions

github-actions Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Design Decision Gate 🏗️ completed the design decision gate check.

No ADR enforcement needed: PR #45752 does not have the 'implementation' label and has 73 new lines of code in business logic directories (threshold: 100).

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request updates the gh-aw workflow compiler to rewire the evals job so it no longer depends on safe_outputs, allowing evals to run in parallel with safe outputs while still preserving required ordering via agent (and detection when enabled).

Changes:

  • Reworked evals job needs to depend on agent + activation, plus detection when the detection job is enabled.
  • Aligned the evals job runtime guard to consistently check needs.agent.result != 'skipped'.
  • Added focused unit tests covering evals dependency resolution with and without detection.
Show a summary per file
File Description
pkg/workflow/evals_job.go Rewires evals dependency selection and aligns the if: guard to agent, enabling parallel execution with safe outputs.
pkg/workflow/evals_job_test.go Adds targeted unit tests validating the new needs and if behavior for evals with/without detection.

Review details

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 2/2 changed files
  • Comments generated: 1
  • Review effort level: Low

Comment thread pkg/workflow/evals_job.go Outdated
Comment on lines +56 to +58
// Evals always depends on agent, and additionally on detection when the detection job is enabled.
// This allows evals to run in parallel with safe_outputs.
needs := []string{string(constants.AgentJobName), string(constants.ActivationJobName)}

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The dependency rewiring looks correct. Evals now depends directly on agent (always) and detection (when enabled), enabling parallel execution with safe_outputs while preserving proper ordering. The if condition consistently references needs.agent.result since agent is always in the needs list. Test coverage for both detection-enabled and detection-disabled paths is adequate.

🧵 Reviewed using Impeccable skills by Impeccable Skills Reviewer · 10.1 AIC · ⌖ 7.67 AIC · ⊞ 5K

@github-actions github-actions Bot mentioned this pull request Jul 15, 2026

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Skills-Based Review 🧠

Applied /tdd — one minor gap in test coverage; otherwise a clean, well-scoped change. No blocking issues.

📋 Key Themes & Highlights

Key Themes

  • Correctness: The dependency rewiring is sound. IsDetectionJobEnabled(nil) correctly returns false, so the nil safe-outputs path still produces [agent, activation].
  • Test coverage: Two focused tests cover detection-disabled and detection-enabled configs. The one missing case is SafeOutputs == nil (the old else branch) — see inline comment.

Positive Highlights

  • ✅ Net simplification: 11 lines of branching replaced by one conditional append
  • ✅ Tests are well-structured with clear names and assertion intent
  • ✅ Comment updated correctly from safe_outputsagent to track the behaviour change
  • IsDetectionJobEnabled is the established single source of truth — correct reuse here

🧠 Reviewed using Matt Pocock's skills by Matt Pocock Skills Reviewer · 29.7 AIC · ⌖ 4.48 AIC · ⊞ 6.7K
Comment /matt to run again

assert.NotContains(t, job.Needs, string(constants.SafeOutputsJobName))
assert.Contains(t, job.If, "needs.agent.result")
assert.NotContains(t, job.If, "needs.safe_outputs.result")
}

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[/tdd] Missing test for the SafeOutputs == nil path — the old code had an explicit if data.SafeOutputs != nil branch covering this case.

The new code handles it correctly via IsDetectionJobEnabled(nil) == false, but a test with SafeOutputs: nil would lock that in as a regression guard.

💡 Suggested test
func TestBuildEvalsJobNeedsWithoutSafeOutputs(t *testing.T) {
    compiler := NewCompiler()
    data := &WorkflowData{
        AI:          "copilot",
        Evals:       &EvalsConfig{Questions: []EvalDefinition{{ID: "q1", Question: "Does it build?"}}},
        SafeOutputs: nil,
    }
    job, err := compiler.buildEvalsJob(data)
    require.NoError(t, err)
    assert.ElementsMatch(t, []string{
        string(constants.AgentJobName),
        string(constants.ActivationJobName),
    }, job.Needs)
}

@copilot please address this.

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Test Quality Sentinel: 60/100. Missing build tag violation. See analysis.

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Non-blocking observations

The dependency graph change is well-reasoned and parallel execution is safe — evals only consumes agent artifacts, not safe_outputs outputs.

Findings

Medium — Stale function-level doc comment (evals_job.go:19-20): still describes the old sequential dependency on safe_outputs. Misleads future readers.

Medium — Missing SafeOutputs == nil test (evals_job_test.go): the old code had an explicit branch for this path; the new code handles it implicitly via IsDetectionJobEnabled's nil guard, but no test covers this common case. Add TestBuildEvalsJobNeedsWithNilSafeOutputs.

🔎 Code quality review by PR Code Quality Reviewer · 35.4 AIC · ⌖ 4.56 AIC · ⊞ 5.6K
Comment /review to run again

Comments that could not be inline-anchored

pkg/workflow/evals_job.go:20

Stale function-level doc comment: the description still says the evals job runs after the safe_outputs job, but this PR intentionally changes that. The comment now misleads readers into thinking the old sequential dependency still holds.

<details>
<summary>💡 Suggested fix</summary>

Update lines 19–20:

// buildEvalsJob creates a separate evals job that runs after the agent job
// (and after the detection job when detection is enabled), in parallel with safe_outputs.

Without …

pkg/workflow/evals_job_test.go:56

Missing test for SafeOutputs == nil: the old code had an explicit branch for this path; the new code handles it implicitly (nil SafeOutputs means IsDetectionJobEnabled returns false, so only agent+activation needs). This path is the default for many workflows and has no coverage in this PR.

<details>
<summary>💡 Suggested fix</summary>

Add a third test:

func TestBuildEvalsJobNeedsWithNilSafeOutputs(t *testing.T) {
    compiler := NewCompiler()
    data := &amp;WorkflowData{
        A</details>

@pelikhan

Copy link
Copy Markdown
Collaborator

@copilot merge main and recompile

@gh-aw-bot

Copy link
Copy Markdown
Collaborator

pr-sous-chef
@copilot please run the pr-finisher skill, address these unresolved review comments, and rerun checks once finished:

Run: https://github.com/github/gh-aw/actions/runs/29426851914

Generated by 👨‍🍳 PR Sous Chef · 13.8 AIC · ⌖ 8.01 AIC · ⊞ 7.5K ·
Comment /souschef to run again

Copilot AI and others added 3 commits July 15, 2026 15:20
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
…er-for-evals-job

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot AI commented Jul 15, 2026

Copy link
Copy Markdown
Contributor Author

@copilot merge main and recompile

Done — merged main (commit 827a154), fixed the inaccurate dependency comment in evals_job.go (now correctly mentions both agent and activation), and recompiled all 256 workflows successfully.

Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>
Copilot AI requested a review from gh-aw-bot July 15, 2026 15:45
@pelikhan

Copy link
Copy Markdown
Collaborator

@copilot merge main and recompile

Copilot AI and others added 2 commits July 15, 2026 16:56
…er-for-evals-job

Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>
Co-authored-by: pelikhan <4175913+pelikhan@users.noreply.github.com>

Copilot AI commented Jul 15, 2026

Copy link
Copy Markdown
Contributor Author

@copilot merge main and recompile

Done — merged latest main (5 new commits including frontmatter extraction refactoring and evals metadata additions) and recompiled all 256 workflows successfully.

@gh-aw-bot

Copy link
Copy Markdown
Collaborator

pr-sous-chef
@copilot please run the pr-finisher skill, and rerun checks once the branch is up to date.

Generated by 👨‍🍳 PR Sous Chef · 8.47 AIC · ⌖ 5.51 AIC · ⊞ 7.5K ·
Comment /souschef to run again

…er-for-evals-job

Co-authored-by: gh-aw-bot <259018956+gh-aw-bot@users.noreply.github.com>

Copilot AI commented Jul 15, 2026

Copy link
Copy Markdown
Contributor Author

pr-sous-chef
@copilot please run the pr-finisher skill, and rerun checks once the branch is up to date.
...

PR Finisher Summary

  • Reviews — All in-scope review feedback addressed. Updated both inline and function-level doc comments to accurately reflect evals dependency graph (agent + activation, with optional detection).

  • Checks (local) — All local validation passed:

    • make fmt — ✅ passed
    • make lint — ✅ passed (184 pre-existing warnings unrelated to this PR)
    • make test-unit — ✅ evals-specific tests passed; 3 pre-existing TestRunBootstrapWithRuntime_* failures due to sandbox network blocking (attempts to fetch from github/central-agentic-ops return 403)
    • make recompile — ✅ 256/256 workflows compiled successfully
  • Checks (CI) — CI status is stale after agent push and cannot be re-triggered by this agent. Prior failures were not available due to GitHub API 403 errors. Local validation is authoritative for this session.

  • Mergeable — Branch is up to date with main (merged commits 7f0eff7, b0fb069, 448ec73) and has no conflicts.

Actions taken:

  1. Merged latest main (3 new commits: discussion outcome evaluators, README onboarding, docs migration note)
  2. Recompiled all 256 workflows successfully
  3. Validated all local checks pass

Hand-off:
CI must be re-triggered by a maintainer (close/reopen PR, workflow_dispatch, or push from a human) before merge to verify changes on the full CI infrastructure.

Still needed:

  • Human to re-trigger CI to confirm green checks on the agent's HEAD
  • Final approval from reviewers if required by branch protection rules

The PR is code-complete, locally validated, and ready for merge pending CI re-trigger.

@pelikhan pelikhan merged commit eab9e5c into main Jul 15, 2026
@pelikhan pelikhan deleted the copilot/update-compiler-for-evals-job branch July 15, 2026 18:04
@github-actions

Copy link
Copy Markdown
Contributor

🎉 This pull request is included in a new release.

Release: v0.82.10

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants