Add automatically-request-copilot-review.yaml workflow

[ChrisCarini]

Summary

This PR adds a GitHub Actions workflow to automatically request Copilot code reviews for pull requests in linkedin/Liger-Kernel.

Changes

• Added .github/workflows/automatically-request-copilot-review.yaml
• The workflow will automatically request Copilot reviews on all PRs

⚠️ ⚠️ ⚠️ ACTION REQUIRED ⚠️ ⚠️ ⚠️

You still need to create a GitHub Personal Access Token (PAT) and add it to the repository secrets for this GitHub repository!

1. Click here to create a classic GitHub PAT with the correct scopes (repo)
   • Note: You will have to select an Expiration value you feel is reasonable from a usability + security perspective given the necessary scopes and usage.
   • Note2: Creating a fine-grained PAT with the permission(s) documented https://github.com/ChrisCarini/gh-copilot-review?tab=readme-ov-file#token-permissions is a better option, from a security standpoint.
2. You will need to set a repository secret named GH_TOKEN_COPILOT_REVIEW for all the desired repositories
3. Once the secret named GH_TOKEN_COPILOT_REVIEW is added, please merge in the PR after getting the necessary approval(s).

How it works

When a pull request is opened or updated in the linkedin/Liger-Kernel product, this workflow will:

1. Checkout the repository
2. Automatically request a Copilot review using the configured token
   • Note: Whoever created the PAT will show up as the one requesting the review from Copilot.

[shimizust]

Thank you! Added the github pat token

[Copilot]

Pull Request Overview

This PR adds a GitHub Actions workflow to automatically request Copilot code reviews for all pull requests in the linkedin/Liger-Kernel repository. The workflow triggers on PR events (opened, ready_for_review, reopened, synchronize) and uses a third-party GitHub CLI extension to request Copilot reviews.

• Automated Copilot review requests for all non-draft PRs
• Integration with ChrisCarini/gh-copilot-review extension
• Configuration requiring a GitHub Personal Access Token with repo scope

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

Using github.token for installing third-party extensions may have insufficient permissions. The default GITHUB_TOKEN has limited scope and may not work reliably for extension installation. Consider using the same GH_TOKEN_COPILOT_REVIEW secret for consistency, or document the specific permissions required for the default token.

Suggested change

	GH_TOKEN: ${{ github.token }}
	GH_TOKEN: ${{ secrets.GH_TOKEN_COPILOT_REVIEW }}

[Copilot]

Installing a third-party extension without version pinning poses security risks. The extension could be updated with malicious code between workflow runs. Consider pinning to a specific version or commit hash, such as gh extension install ChrisCarini/gh-copilot-review --pin.

Suggested change

	run: gh extension install ChrisCarini/gh-copilot-review
	run: gh extension install ChrisCarini/gh-copilot-review --pin

[shimizust]

@ChrisCarini I'm having trouble getting this to work. I added the gh pat, but it is failing to request the review. On local, I can successfully trigger the review: gh copilot-review https://github.com/linkedin/Liger-Kernel/pull/877

The secret isn't being passed to the workflow for prs originating from forks. Any ideas?

[ChrisCarini]

@ChrisCarini I'm having trouble getting this to work. I added the gh pat, but it is failing to request the review. On local, I can successfully trigger the review: gh copilot-review https://github.com/linkedin/Liger-Kernel/pull/877

The secret isn't being passed to the workflow for prs originating from forks. Any ideas?

@shimizust - Since you created an environment to be used, I believe you need to set the secret/PAT there. I don't currently see one set there, but I do in actions - try moving the secret to the environment you created.