Refactor issue creation logic and add missing secret handling

[Copilot]

When secret validation fails in the agent job, workflows now create specific tracking issues similar to agent failure issues. This provides clear, actionable feedback about missing secrets rather than generic failure notifications.

Changes

Extracted Reusable Issue Management (actions/setup/js/issue_helpers.cjs)

• ensureParentIssue() - Find or create parent tracking issue
• linkSubIssue() - Link via GraphQL API
• findExistingIssue(), addIssueComment(), createIssue() - Common operations

Refactored handle_agent_failure.cjs

Uses extracted helpers instead of duplicated code.

Added Missing Secret Handler (actions/setup/js/handle_missing_secret.cjs)

Reads /tmp/gh-aw/missing_secret_info.json created by validate_multi_secret.sh on failure. Creates/updates issues with:

• Required secret names
• Engine name
• Documentation URL
• Repository-specific setup instructions

Updated validate_multi_secret.sh

On validation failure, writes JSON file with secret metadata:

{
  "missing_secrets": ["SECRET_1", "SECRET_2"],
  "engine_name": "Claude Code",
  "docs_url": "https://docs.anthropic.com"
}

Integrated Into Conclusion Job (pkg/workflow/notify_comment.go)

Adds handle_missing_secret step before handle_agent_failure in conclusion job. Runs only when /tmp/gh-aw/missing_secret_info.json exists.

Added Markdown Templates (actions/setup/md/)

• missing_secret_issue.md - Initial issue template
• missing_secret_comment.md - Follow-up comment template

Both aligned with existing template style.

Architecture

Agent Job (validates secrets)
  ↓ (fails)
Creates /tmp/gh-aw/missing_secret_info.json
  ↓ (uploads artifacts)
Conclusion Job (downloads artifacts)
  ↓
handle_missing_secret.cjs → creates specific issue
  ↓
handle_agent_failure.cjs → handles other failures
  ↓
Both link to shared parent "[agentics] Agentic Workflow Issues"

All 126 workflows recompiled with new functionality.

Original prompt

When checking for secrets in the agent job and secrets are missing, create an issue similarly to the way you create issue in the conclusion job when the agent job failed.

Refactor the code that creates the failure issue (find parent issue or create, or add comment etc...) and reuse that script with the secret validation as well.

Place the markdown template of the issue in actions/setup/md as well so that it can be easily reveiewed. Align with the style of the other templates.

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.