00:00:00GitHub just launched a very interesting tool. It's called agentic workflows and it aims to simplify
00:00:05the CI/CD pipeline management by providing a way to orchestrate workflows using natural language
00:00:12programming. It's a pretty cool idea and it might just modernize the way we maintain and moderate
00:00:18our repositories. In this video, we'll take a closer look of how GitHub agentic workflows work
00:00:24and I'll show you how to set it up for your own repository. It's going to be a lot of fun,
00:00:28so let's dive into it.
00:00:30GitHub agentic workflows is a new project by GitHub Next and Microsoft Research as part of
00:00:40a broader vision they call Continuous AI. The goal is to move past dumb automation and into a concept
00:00:47they call Productive Ambiguity. The idea is that traditional GitHub actions are deterministic.
00:00:54If X happens, you should do Y. But tasks like triaging a bug, updating documentation,
00:01:00or catching architectural flaws require a touch of judgment. And agentic workflows allow you to
00:01:06describe that judgment in plain markdown and execute on it. But that also means that there
00:01:11need to be some guardrails in place and that's why it aims to take an actions-first approach.
00:01:16Basically, it inherits the entire GitHub actions ecosystem like team visible logs, secrets management,
00:01:23and auditable permissions. So you get the intelligence of an agent with the guardrails
00:01:29of a standard CI/CD pipeline. These agents run with minimal permissions by default, meaning they
00:01:35can analyze your code and suggest improvements, but they can't perform write operations without
00:01:41explicit approval through predefined sanitized pathways. So basically, the idea is to create
00:01:46an AI DevOps assistant but with the security guardrails around it. And setting it up is super
00:01:52straightforward. You just need to add it using the GitHub CLI extension and you're good to go.
00:01:57The workflow itself happens in a two-step process. You first create a markdown file with the
00:02:03instructions for your agent, then run ghawcompile on that markdown file, and then the system reads
00:02:10your natural language instructions and transforms them into a robust, locked-down GitHub actions
00:02:16workflow stored in a designated .log.yaml file. You then push those changes to your repo and the
00:02:22agent is activated automatically. So let's do a little demo to see how it works in action. Here I
00:02:29have created an empty project and first I'm just going to create a simple Python file with some
00:02:34data variables for now. We'll get back to this file in a moment, but for now that's all we need.
00:02:39Now we need to create a .github folder and then also a workflows subfolder inside of it. And make
00:02:46sure you follow this naming convention so Agentic Workflows knows where to look when compiling the
00:02:51markdown files. And then let's create a markdown file called agent.md. And this file basically
00:02:57consists of two parts. The first part is the header where you specify what permissions this agent will
00:03:03have. And you also need to specify which AI provider you will be using for it. In my case, I will be
00:03:09using Copilot. And everything after that is just free interpretation. You just use natural language
00:03:15to describe what the agent needs to do. In this demo, I'll create this big ol' auditor whose job
00:03:21is to check the code commits, calculate the big ol' complexity of any new code, and if it's inefficient,
00:03:27identify and suggest a better way to optimize it. And I will also ask it to display the findings
00:03:33in a markdown formatted table for a quick overview. And now I'll go back to the root directory and run
00:03:38gh-aw-compile. And if everything is correct, we should get this message saying that we have compiled
00:03:45a new workflow. And if we now look at our file tree, you'll notice that we now have a .log.yaml
00:03:51file, which was automatically compiled by the script, and also a new folder called aw, which
00:03:57contains a GitHub actions log file. So we can now push these changes to our repository. And last
00:04:03thing you should do is set the API key of your chosen AI provider as a secret, so agentic workflows
00:04:10can access it. In my case, I chose Copilot as the engine, so I'm providing my Copilot GitHub token
00:04:15here. Now that that is all done, I will push all of these changes to GitHub. And at this point, the
00:04:21agentic workflow should be set and ready to be activated. And since I configured my workflow to
00:04:26be activated on any new pull requests, let's go ahead and make a new pull request to test it out.
00:04:32I will now create a new branch for my repository. And in this new branch, I will add a new function
00:04:37to our main.py file that will search for matching records. But I deliberately wrote this function to
00:04:44have a very inefficient big O complexity of O of N squared. So if I open a pull request with this code,
00:04:50our agent should identify this function as inefficient and suggest some improvements. So
00:04:56let's try that now. So I've added the code, pushed the changes, and back on GitHub, let's now open a
00:05:02new pull request. And now you'll notice once I open the request, the agentic workflow pipeline will
00:05:08immediately activate and start processing our code changes. And it took the pipeline roughly three
00:05:13minutes to finish. And now we see that our big O auditor has indeed identified our function as
00:05:20inefficient. And it gives us a detailed explanation as to why with a well formatted table, like I
00:05:26asked, followed by a section where it proposes a better solution. And look at that it even calculates
00:05:33the performance impact we could gain by implementing the optimized solution. So I hope this example shows
00:05:39you how with a minimal setup, we can use agentic workflows to put some additional safety checks
00:05:44around our code base. This is where that productive ambiguity comes into play, we can ask the agent to
00:05:51use its own judgment to solve high level goals like maintaining code quality and performance. Now,
00:05:56obviously, this is still a research prototype from GitHub Next, and you're probably going to run into
00:06:01some latency. And you definitely still need that human in the loop to verify the final checks. But
00:06:07this is a broader vision of continuous AI, where we can leverage the power of AI agents to monitor
00:06:14and manage our CI/CD pipelines autonomously. And speaking of self governing systems, if you're
00:06:19managing production environments, you know that keeping everything running smoothly is a 24 seven
00:06:25job. That's why I recommend checking out better stack because we've recently launched our own AI
00:06:31SRE that helps you handle on call incidents while you sleep. So you can stop chasing fires and focus
00:06:38on actually shipping code. So there you have it, folks. If you found this video useful and
00:06:42informative, let me know by clicking that like button underneath the video. And don't forget
00:06:47to subscribe to our channel. This has been Andris from better stack and I will see you in the next
00:06:52videos.