stale-bot-implementation

[indurireddy-TF]

What this PR does

Introduces a stale issue automation bot implemented in Go.

Applies a clear decision workflow:

Marks issues as stale when maintainers request clarification and no response is received within the threshold.

Removes the stale label when users respond.

Alerts maintainers on silent description edits (ghost edits).

Automatically closes issues that remain stale beyond the close threshold.

Supports concurrent issue processing with rate limiting.

Uses configurable time thresholds and labels via environment variables.

[gemini-code-assist]

Summary of Changes

Hello @indurireddy-TF, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request delivers a robust automation solution for managing GitHub issues by introducing a Go-based stale bot. The bot intelligently processes issues, identifying those requiring attention or closure based on predefined activity thresholds and maintainer input. It streamlines issue maintenance, ensuring that discussions remain active and unresolved items are handled efficiently, while also providing alerts for potentially overlooked changes.

Highlights

• Stale Issue Automation Bot: Introduced a new Go-based bot to automate the management of stale GitHub issues.
• Decision Workflow: Implemented a comprehensive decision tree for the bot to determine issue status (stale, active, closed) based on activity and maintainer interaction.
• Silent Edit Detection: Added functionality to detect and alert maintainers when a user silently edits an issue's description.
• Configurable Thresholds: Enabled configuration of stale and close time thresholds, as well as other operational parameters, via environment variables.
• Concurrent Processing with Rate Limiting: Designed the bot to process issues concurrently while adhering to GitHub API rate limits.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• contributing/samples/stale-bot-agent/PROMPT_INSTRUCTION.txt
  • Added a detailed instruction prompt for the AI agent, outlining the decision tree for issue auditing.
• contributing/samples/stale-bot-agent/agent.go
  • Implemented core logic for fetching GitHub issue data using GraphQL.
  • Developed functions to build a chronological timeline of issue events (comments, edits, labels).
  • Added replayHistoryToFindState to determine the current state of an issue based on its history.
  • Included helper functions for GitHub API interactions like adding/removing labels, posting comments, and closing issues.
• contributing/samples/stale-bot-agent/config.go
  • Defined and initialized configuration variables for GitHub API access, repository details, label names, and time thresholds.
  • Implemented utility functions to retrieve environment variables with fallbacks for integers, floats, and strings.
• contributing/samples/stale-bot-agent/main.go
  • Set up the main application entry point for the stale bot.
  • Loaded the AI agent's prompt instructions and configured the Gemini model.
  • Orchestrated the processing of issues, including fetching old open issues and processing them concurrently.
  • Provided logging for the bot's operations and performance metrics.
• contributing/samples/stale-bot-agent/util.go
  • Implemented HTTP request utilities with retry and backoff logic for robust API calls.
  • Included functions for GET, POST, PATCH, and DELETE requests to the GitHub API.
  • Added an API call counter for monitoring usage.
  • Developed GetOldOpenIssueNumbers to search for issues meeting the staleness criteria.

Ignored Files

• Ignored by pattern: .github/workflows/** (1)
  • .github/workflows/stale.yml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a new stale bot agent for GitHub repositories, implemented in Go using the ADK framework. The agent's core functionality is defined in agent.go, which includes fetching issue data via GraphQL, building a chronological event timeline, and replaying this history to determine an issue's current state (e.g., last actor, activity time, whether it's stale, or if a maintainer alert is needed for silent edits). It also provides tool functions for interacting with GitHub, such as adding/removing labels, posting comments, and closing issues. The PROMPT_INSTRUCTION.txt file outlines the detailed decision-making workflow for the AI agent, covering scenarios for active, stale, and pending issues based on user roles and activity. Configuration parameters like thresholds and API limits are managed in config.go, while main.go orchestrates the agent's execution, processing issues concurrently in chunks and logging performance metrics. Utility functions for robust HTTP requests with retries and API call counting are provided in util.go. Review comments primarily focus on improving error handling and consistency: specifically, using safer type assertions for GraphQL error responses, handling potential json.Marshal errors in HTTP requests, correcting a placeholder format in the prompt instruction, changing a log.Printf level from 'FATAL' to 'ERROR', suggesting a more efficient isMaintainer check using a map, and standardizing variable naming conventions for labels.

[verdverm]

Why is an agent and LLM needed for this? Why is a rule based system insufficient? It looks like the rules are well defined and I'm pretty sure this is what most people are doing when I have seen it over the years (since before LLMs)

[hyangah]

This is unsupported go version.

[indurireddy-TF]

updated with new 1.26 version #800

[hyangah]

Does it require this project store secrets in github to support this? Currently there is no github workflow that requires extra secret setup. This will be the first that introduces the need so we need good justification on why LLM is necessary.

[indurireddy-TF]

We actually implemented this exact same LLM-based stale bot in adk-python as a sample, so the main goal here is to maintain consistency across the Go and Python libraries. The LLM is used to build a "Smart" bot that reads comment intent rather than just checking timestamps. #800

[hyangah]

Pin to the specific commit (following the google internal security guideline for github action)

[indurireddy-TF]

Done #800

[hyangah]

Is it true that this allows anyone with the write permission to run this workflow on any branch? If so I think anyone with write permission can theoretically run this on custom branch and access the secret. We need to tie this to a GitHub Environment and configure it to be accessible only from the protected branch.

[indurireddy-TF]

I originally mirrored the .github/workflows/stale.yml exactly from the adk-python repository to ensure consistency across both projects (their workflow currently doesn't use Environment protections either).
However, you are absolutely right about the risk of workflow_dispatch exposing the secret on custom branches.

[hyangah]

2026

[indurireddy-TF]

Done

[hyangah]

Can we have unit tests to verify at least the basic functionalities? (issue parsing, correctly determining staleness, ...)

[indurireddy-TF]

added necessary testcases #800

[hyangah]

is this logging needed?

[indurireddy-TF]

Not needed ,Removed.#800

[indurireddy-TF]

Hi @hyangah Due to a permission error when trying to push updates to this branch, I am going to create a new PR from my fork and include all of these changes there. I will close this one and share the link to the new PR shortly.

[indurireddy-TF]

Hi @hyangah #800 This is a new PR with all necessary test cases and new changes. Please take a look at it.