GitHub Copilot Agent実装パターン完全ガイド【2025年8月最新】- 自律型開発環境の実践的構築法¶
はじめに¶
GitHub Copilot Agent の概要は理解したが、実際のプロジェクトでの実装方法が分からない開発者向けに、具体的な実装パターンとベストプラクティスを詳細解説します。本記事では、エージェント設定からエラーハンドリング、パフォーマンス最適化まで、実運用で必要な全要素を包括的にカバーします。
この記事のポイント¶
完全自律Issue処理
Issue作成から実装、テスト、PR作成まで人的介入なしで実行
インテリジェントな多ファイル編集
コードベース全体の依存関係を理解した安全な一括変更実行
ビジュアル要件の自動実装
画像・モックアップからのUI/UX自動生成とコード実装
エンタープライズ統合
セキュリティポリシー準拠とガバナンス統制の自動化
エージェント設定パターン¶
パターン1: 基本自動Issue処理エージェント¶
# .github/workflows/copilot-agent-basic.yml
name: Copilot Agent - Basic Issue Processing
on:
issues:
types: [opened, edited]
jobs:
agent_assignment:
if: contains(github.event.issue.labels.*.name, 'agent-eligible')
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Configure Copilot Agent
run: |
gh extension install github/gh-copilot --force
gh auth login --with-token <<< "${{ secrets.GITHUB_TOKEN }}"
- name: Analyze Issue Requirements
id: analysis
run: |
ISSUE_BODY=$(gh issue view ${{ github.event.issue.number }} --json body --jq '.body')
COMPLEXITY=$(echo "$ISSUE_BODY" | gh copilot suggest --type shell "Analyze complexity level: low/medium/high")
echo "complexity=$COMPLEXITY" >> $GITHUB_OUTPUT
- name: Create Implementation Branch
run: |
BRANCH_NAME="agent/issue-${{ github.event.issue.number }}"
git checkout -b $BRANCH_NAME
git push --set-upstream origin $BRANCH_NAME
- name: Execute Agent Implementation
run: |
gh copilot suggest --type code \
"Implement the requirements from issue #${{ github.event.issue.number }}" \
--save-to implementation.patch
- name: Apply Implementation
run: |
git apply implementation.patch
git add -A
git commit -m "🤖 Implement issue #${{ github.event.issue.number }} via Copilot Agent"
git push
- name: Create Pull Request
run: |
gh pr create \
--title "🤖 Agent Implementation: Issue #${{ github.event.issue.number }}" \
--body "$(cat <<'EOF'
## 🤖 Automated Implementation
This PR was automatically generated by GitHub Copilot Agent.
**Issue Reference**: #${{ github.event.issue.number }}
**Complexity Level**: ${{ steps.analysis.outputs.complexity }}
### Changes Made
- [x] Implemented core functionality
- [x] Added error handling
- [x] Generated tests (if applicable)
### Review Notes
- Please verify implementation meets requirements
- Check for security considerations
- Validate test coverage
Generated with 🤖 GitHub Copilot Agent
EOF
)" \
--assignee ${{ github.event.issue.user.login }}
パターン2: 高度な多段階処理エージェント¶
# .github/workflows/copilot-agent-advanced.yml
name: Copilot Agent - Advanced Multi-Stage Processing
on:
issues:
types: [opened]
env:
AGENT_CONFIG_PATH: .github/agent-config.json
jobs:
preparation:
runs-on: ubuntu-latest
outputs:
agent_plan: ${{ steps.planning.outputs.plan }}
estimated_effort: ${{ steps.planning.outputs.effort }}
steps:
- uses: actions/checkout@v4
- name: Agent Planning Phase
id: planning
run: |
ISSUE_CONTENT=$(gh issue view ${{ github.event.issue.number }} --json title,body,labels)
# エージェントによる実装計画生成
PLAN=$(gh copilot suggest --type planning \
"Create detailed implementation plan for: $ISSUE_CONTENT" \
--format json)
echo "plan=$PLAN" >> $GITHUB_OUTPUT
# 工数見積もり
EFFORT=$(echo "$PLAN" | jq -r '.estimated_hours // "2-4"')
echo "effort=$EFFORT" >> $GITHUB_OUTPUT
- name: Update Issue with Plan
run: |
gh issue comment ${{ github.event.issue.number }} --body "$(cat <<'EOF'
## 🤖 Agent Implementation Plan
**Estimated Effort**: ${{ steps.planning.outputs.effort }} hours
### Implementation Strategy
${{ fromJSON(steps.planning.outputs.plan).strategy }}
### Deliverables
${{ fromJSON(steps.planning.outputs.plan).deliverables }}
Agent will begin implementation in 5 minutes...
EOF
)"
implementation:
needs: preparation
runs-on: ubuntu-latest
strategy:
matrix:
stage: [setup, core, testing, integration]
steps:
- uses: actions/checkout@v4
- name: Setup Stage
if: matrix.stage == 'setup'
run: |
# プロジェクト構造解析
gh copilot analyze --scope project \
--output setup-analysis.json
- name: Core Implementation
if: matrix.stage == 'core'
run: |
# コア機能実装
gh copilot implement \
--plan "${{ needs.preparation.outputs.agent_plan }}" \
--stage core \
--auto-test
- name: Testing Stage
if: matrix.stage == 'testing'
run: |
# 自動テスト生成・実行
gh copilot test generate --coverage 80
gh copilot test run --report-format github
- name: Integration Stage
if: matrix.stage == 'integration'
run: |
# 統合テスト実行
gh copilot integrate --validate-dependencies
実装詳細:コード例とパターン¶
エージェント設定ファイルパターン¶
{
"agent_configuration": {
"name": "ProjectAssistant",
"capabilities": [
"code_generation",
"testing",
"documentation",
"refactoring"
],
"constraints": {
"max_files_per_change": 10,
"require_tests": true,
"coding_standards": "eslint",
"security_scanning": true
},
"triggers": {
"issue_labels": ["enhancement", "bug", "agent-task"],
"pr_patterns": ["draft", "wip"],
"file_patterns": ["*.js", "*.ts", "*.py"]
},
"notification_settings": {
"slack_webhook": "{{ secrets.SLACK_WEBHOOK }}",
"email_alerts": true,
"pr_auto_assign": ["tech-lead", "senior-dev"]
}
},
"implementation_patterns": {
"bug_fix": {
"steps": [
"analyze_issue",
"identify_root_cause",
"implement_fix",
"add_regression_test",
"validate_solution"
],
"testing_requirements": {
"unit_tests": "required",
"integration_tests": "if_applicable",
"manual_testing_notes": "generated"
}
},
"feature_development": {
"steps": [
"requirements_analysis",
"design_review",
"implementation",
"testing",
"documentation_update"
],
"approval_gates": [
"design_review_passed",
"security_scan_clean",
"performance_benchmark_met"
]
}
}
}
Node.js プロジェクト向けエージェント統合¶
// copilot-agent-handler.js
class CopilotAgentHandler {
constructor(config) {
this.config = config;
this.github = new GitHub(process.env.GITHUB_TOKEN);
this.logger = new Logger('CopilotAgent');
}
async processIssue(issueNumber) {
try {
this.logger.info(`Processing issue #${issueNumber} with Copilot Agent`);
// Issue 内容解析
const issue = await this.github.issues.get({
owner: this.config.owner,
repo: this.config.repo,
issue_number: issueNumber
});
// 実装計画生成
const implementationPlan = await this.generateImplementationPlan(issue.data);
// ブランチ作成
const branchName = `agent/issue-${issueNumber}`;
await this.createImplementationBranch(branchName);
// 段階的実装実行
for (const stage of implementationPlan.stages) {
await this.executeImplementationStage(stage, branchName);
}
// PR作成
const pr = await this.createImplementationPR(issueNumber, branchName, implementationPlan);
return {
success: true,
pullRequest: pr.data.html_url,
implementationPlan
};
} catch (error) {
this.logger.error(`Agent processing failed: ${error.message}`);
await this.handleImplementationError(issueNumber, error);
throw error;
}
}
async generateImplementationPlan(issue) {
const prompt = `
Analyze the following GitHub issue and create a detailed implementation plan:
Title: ${issue.title}
Body: ${issue.body}
Labels: ${issue.labels.map(l => l.name).join(', ')}
Generate a JSON response with:
- estimated_complexity (low/medium/high)
- stages (array of implementation stages)
- files_to_modify (predicted file paths)
- testing_strategy
- potential_risks
`;
const response = await this.copilotAPI.suggest({
type: 'planning',
prompt,
format: 'json'
});
return JSON.parse(response.suggestion);
}
async executeImplementationStage(stage, branchName) {
await this.github.git.createRef({
ref: `refs/heads/${branchName}`,
sha: await this.getLatestCommitSha('main')
});
const implementationCode = await this.copilotAPI.implement({
stage: stage.name,
requirements: stage.requirements,
constraints: this.config.implementation_constraints
});
// ファイル更新
for (const file of implementationCode.modified_files) {
await this.updateFileContent(branchName, file.path, file.content);
}
// テスト生成(必要に応じて)
if (stage.requires_tests) {
const tests = await this.generateTests(implementationCode);
for (const test of tests) {
await this.updateFileContent(branchName, test.path, test.content);
}
}
// コミット作成
await this.commitChanges(branchName, `🤖 Implement ${stage.name} for issue`);
}
}
// 使用例
const agentHandler = new CopilotAgentHandler({
owner: 'your-org',
repo: 'your-repo',
implementation_constraints: {
max_lines_per_file: 500,
require_type_annotations: true,
enforce_code_style: 'prettier'
}
});
// GitHub Webhook エンドポイント
app.post('/webhook/github', async (req, res) => {
const { action, issue } = req.body;
if (action === 'opened' && issue.labels.some(l => l.name === 'agent-task')) {
try {
const result = await agentHandler.processIssue(issue.number);
res.json({ success: true, result });
} catch (error) {
res.status(500).json({ error: error.message });
}
} else {
res.json({ message: 'No action taken' });
}
});
ビジュアル要件処理の実装¶
画像解析→実装パターン¶
# visual_requirements_processor.py
import base64
import json
from github import Github
from openai import OpenAI
class VisualRequirementsProcessor:
def __init__(self, github_token, openai_api_key):
self.github = Github(github_token)
self.openai = OpenAI(api_key=openai_api_key)
async def process_visual_issue(self, repo_name, issue_number):
"""画像を含むIssueを解析してUI実装を生成"""
repo = self.github.get_repo(repo_name)
issue = repo.get_issue(issue_number)
# Issue内の画像抽出
images = self.extract_images_from_issue(issue.body)
if not images:
return {"error": "No images found in issue"}
# 各画像を解析
ui_specifications = []
for image_url in images:
spec = await self.analyze_ui_mockup(image_url)
ui_specifications.append(spec)
# React コンポーネント生成
components = await self.generate_react_components(ui_specifications)
# テストファイル生成
tests = await self.generate_component_tests(components)
return {
"components": components,
"tests": tests,
"specifications": ui_specifications
}
async def analyze_ui_mockup(self, image_url):
"""画像からUI仕様を抽出"""
# 画像をbase64エンコード
image_data = self.download_and_encode_image(image_url)
response = await self.openai.chat.completions.create(
model="gpt-4-vision-preview",
messages=[
{
"role": "user",
"content": [
{
"type": "text",
"text": """
この UI モックアップを解析して、以下の情報を JSON で返してください:
- layout_type: グリッド、フレックス、固定レイアウトなど
- components: 各UI要素の詳細(ボタン、フォーム、カードなど)
- color_scheme: 使用されている色とその役割
- typography: フォントサイズ、ウェイト、階層
- interactions: 想定されるユーザーインタラクション
- responsive_considerations: レスポンシブ対応の推奨事項
"""
},
{
"type": "image_url",
"image_url": {"url": f"data:image/jpeg;base64,{image_data}"}
}
]
}
],
max_tokens=1500
)
return json.loads(response.choices[0].message.content)
async def generate_react_components(self, specifications):
"""UI仕様からReactコンポーネントを生成"""
components = {}
for spec in specifications:
for component_spec in spec.get('components', []):
component_name = component_spec['name']
# GitHub Copilot APIを使用してコンポーネント生成
component_code = await self.copilot_generate_component(
component_name,
component_spec
)
components[component_name] = {
"code": component_code,
"file_path": f"src/components/{component_name}.tsx",
"dependencies": component_spec.get('dependencies', [])
}
return components
async def copilot_generate_component(self, name, specification):
"""Copilot API を使用してコンポーネントコード生成"""
prompt = f"""
Create a React TypeScript component named {name} based on:
Specification: {json.dumps(specification, indent=2)}
Requirements:
- Use functional component with hooks
- Include proper TypeScript typing
- Follow Material-UI design system
- Include accessibility attributes
- Add inline documentation
- Include error handling
"""
# ここでGitHub Copilot APIを呼び出し
response = await self.call_copilot_api(prompt, 'react_component')
return response['generated_code']
# GitHub Actions での使用例
"""
- name: Process Visual Requirements
run: |
python visual_requirements_processor.py \
--repo ${{ github.repository }} \
--issue ${{ github.event.issue.number }} \
--github-token ${{ secrets.GITHUB_TOKEN }} \
--openai-key ${{ secrets.OPENAI_API_KEY }}
"""
エラーハンドリングとモニタリング¶
エージェント実行監視システム¶
// agent-monitoring.ts
interface AgentExecutionLog {
id: string;
issueNumber: number;
startTime: Date;
endTime?: Date;
status: 'running' | 'completed' | 'failed' | 'cancelled';
stages: AgentStageLog[];
errorDetails?: string;
performanceMetrics: PerformanceMetrics;
}
interface AgentStageLog {
name: string;
status: 'pending' | 'running' | 'completed' | 'failed';
startTime: Date;
endTime?: Date;
artifacts: string[];
errorMessage?: string;
}
class AgentMonitoringService {
private logs: Map<string, AgentExecutionLog> = new Map();
private alertManager: AlertManager;
constructor() {
this.alertManager = new AlertManager({
slackWebhook: process.env.SLACK_MONITORING_WEBHOOK,
emailConfig: process.env.EMAIL_CONFIG
});
}
async startMonitoring(executionId: string, issueNumber: number): Promise<void> {
const log: AgentExecutionLog = {
id: executionId,
issueNumber,
startTime: new Date(),
status: 'running',
stages: [],
performanceMetrics: {
totalDuration: 0,
apiCallCount: 0,
generatedLinesOfCode: 0,
modifiedFiles: 0
}
};
this.logs.set(executionId, log);
// 実行タイムアウトの設定
setTimeout(() => {
this.handleExecutionTimeout(executionId);
}, 30 * 60 * 1000); // 30分タイムアウト
}
async logStageStart(executionId: string, stageName: string): Promise<void> {
const log = this.logs.get(executionId);
if (!log) return;
const stage: AgentStageLog = {
name: stageName,
status: 'running',
startTime: new Date(),
artifacts: []
};
log.stages.push(stage);
// Slack通知
await this.alertManager.sendStageNotification(executionId, stageName, 'started');
}
async logStageCompletion(executionId: string, stageName: string, artifacts: string[]): Promise<void> {
const log = this.logs.get(executionId);
if (!log) return;
const stage = log.stages.find(s => s.name === stageName && s.status === 'running');
if (stage) {
stage.status = 'completed';
stage.endTime = new Date();
stage.artifacts = artifacts;
}
}
async logError(executionId: string, stageName: string, error: Error): Promise<void> {
const log = this.logs.get(executionId);
if (!log) return;
// ステージエラーの記録
const stage = log.stages.find(s => s.name === stageName);
if (stage) {
stage.status = 'failed';
stage.endTime = new Date();
stage.errorMessage = error.message;
}
// 実行全体を失敗としてマーク
log.status = 'failed';
log.errorDetails = error.message;
log.endTime = new Date();
// エラーアラート送信
await this.alertManager.sendErrorAlert({
executionId,
issueNumber: log.issueNumber,
stageName,
error: error.message,
stackTrace: error.stack
});
// 自動復旧試行
await this.attemptAutoRecovery(executionId, stageName, error);
}
private async attemptAutoRecovery(executionId: string, failedStage: string, error: Error): Promise<void> {
const recoveryStrategies = {
'code_generation': async () => {
// より簡単なプロンプトで再試行
return this.retryWithSimplifiedPrompt(executionId, failedStage);
},
'testing': async () => {
// テスト生成をスキップして手動テスト指示を生成
return this.generateManualTestingInstructions(executionId);
},
'file_modification': async () => {
// 小さな変更に分割して再試行
return this.splitAndRetryModifications(executionId, failedStage);
}
};
const strategy = recoveryStrategies[failedStage];
if (strategy) {
try {
await strategy();
await this.alertManager.sendRecoveryNotification(executionId, failedStage);
} catch (recoveryError) {
await this.alertManager.sendRecoveryFailureAlert(executionId, failedStage, recoveryError);
}
}
}
async generateExecutionReport(executionId: string): Promise<string> {
const log = this.logs.get(executionId);
if (!log) return "No execution log found";
const duration = log.endTime ?
(log.endTime.getTime() - log.startTime.getTime()) / 1000 :
(Date.now() - log.startTime.getTime()) / 1000;
return `
## 🤖 Agent Execution Report
**Issue**: #${log.issueNumber}
**Status**: ${log.status}
**Duration**: ${duration}s
**Stages Completed**: ${log.stages.filter(s => s.status === 'completed').length}/${log.stages.length}
### Stage Details
${log.stages.map(stage => `
- **${stage.name}**: ${stage.status} ${stage.endTime ? `(${(stage.endTime.getTime() - stage.startTime.getTime()) / 1000}s)` : ''}
${stage.artifacts.length > 0 ? ` - Generated: ${stage.artifacts.join(', ')}` : ''}
${stage.errorMessage ? ` - Error: ${stage.errorMessage}` : ''}
`).join('')}
### Performance Metrics
- API Calls: ${log.performanceMetrics.apiCallCount}
- Generated Lines: ${log.performanceMetrics.generatedLinesOfCode}
- Modified Files: ${log.performanceMetrics.modifiedFiles}
${log.errorDetails ? `### Error Details\n${log.errorDetails}` : ''}
`;
}
}
// GitHub Actions での統合例
export const setupAgentMonitoring = () => {
const monitoring = new AgentMonitoringService();
return {
startExecution: monitoring.startMonitoring.bind(monitoring),
logStage: monitoring.logStageStart.bind(monitoring),
completeStage: monitoring.logStageCompletion.bind(monitoring),
logError: monitoring.logError.bind(monitoring),
generateReport: monitoring.generateExecutionReport.bind(monitoring)
};
};
パフォーマンス最適化テクニック¶
API コール効率化¶
// copilot-api-optimizer.js
class CopilotAPIOptimizer {
constructor() {
this.requestCache = new Map();
this.rateLimiter = new RateLimiter({
maxRequests: 100,
windowMs: 60000,
strategy: 'sliding-window'
});
this.batchProcessor = new BatchProcessor({
maxBatchSize: 10,
flushInterval: 5000
});
}
async optimizeCodeGeneration(requests) {
// 類似リクエストの重複排除
const deduplicatedRequests = this.deduplicateSimilarRequests(requests);
// バッチ処理対象の特定
const batchableRequests = deduplicatedRequests.filter(req => req.batchable);
const immediateRequests = deduplicatedRequests.filter(req => !req.batchable);
// 並行実行
const [batchResults, immediateResults] = await Promise.all([
this.processBatchRequests(batchableRequests),
this.processImmediateRequests(immediateRequests)
]);
return [...batchResults, ...immediateResults];
}
deduplicateSimilarRequests(requests) {
const similarity_threshold = 0.8;
const unique_requests = [];
const similarity_map = new Map();
for (const request of requests) {
const fingerprint = this.generateRequestFingerprint(request);
let is_similar = false;
for (const existing of unique_requests) {
const existing_fingerprint = this.generateRequestFingerprint(existing);
const similarity = this.calculateSimilarity(fingerprint, existing_fingerprint);
if (similarity > similarity_threshold) {
// 既存リクエストの参照を追加
similarity_map.set(request.id, existing.id);
is_similar = true;
break;
}
}
if (!is_similar) {
unique_requests.push(request);
}
}
return unique_requests;
}
async processBatchRequests(requests) {
const batches = this.createOptimalBatches(requests);
const results = [];
for (const batch of batches) {
await this.rateLimiter.acquire();
const batch_prompt = this.combineBatchPrompts(batch);
const response = await this.copilotAPI.suggest({
type: 'batch_generation',
prompt: batch_prompt,
context: this.mergeContexts(batch.map(r => r.context))
});
const individual_results = this.splitBatchResponse(response, batch);
results.push(...individual_results);
}
return results;
}
createOptimalBatches(requests) {
// 類似性とコンテキストサイズに基づいてバッチを作成
const batches = [];
let current_batch = [];
let current_size = 0;
const MAX_BATCH_SIZE = 8192; // トークン制限
for (const request of requests) {
const request_size = this.estimateTokenSize(request);
if (current_size + request_size > MAX_BATCH_SIZE && current_batch.length > 0) {
batches.push([...current_batch]);
current_batch = [request];
current_size = request_size;
} else {
current_batch.push(request);
current_size += request_size;
}
}
if (current_batch.length > 0) {
batches.push(current_batch);
}
return batches;
}
// プロアクティブキャッシュ戦略
async preloadCommonPatterns() {
const common_patterns = [
'react_component_template',
'express_route_handler',
'error_boundary_component',
'database_model_schema',
'test_suite_template'
];
const cache_promises = common_patterns.map(async (pattern) => {
const cached_response = await this.copilotAPI.suggest({
type: 'template',
pattern,
cache_key: `template_${pattern}`
});
this.requestCache.set(`template_${pattern}`, cached_response);
});
await Promise.all(cache_promises);
}
}
// GitHub Actions 最適化設定
const optimizer = new CopilotAPIOptimizer();
// ワークフロー実行前にキャッシュ準備
await optimizer.preloadCommonPatterns();
セキュリティとガバナンス¶
セキュリティスキャン統合¶
# .github/workflows/copilot-security-governance.yml
name: Copilot Agent - Security & Governance
on:
pull_request:
types: [opened]
branches: [main, develop]
jobs:
agent_security_scan:
if: contains(github.event.pull_request.title, '🤖 Agent Implementation')
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Agent-Generated Code Analysis
run: |
# エージェント生成コードの特定
AGENT_FILES=$(git diff --name-only origin/main...HEAD | grep -E '\.(js|ts|py|java)$')
echo "Agent-generated files:"
echo "$AGENT_FILES"
# セキュリティスキャン実行
for file in $AGENT_FILES; do
echo "Scanning: $file"
# SAST (Static Application Security Testing)
semgrep --config=p/security-audit "$file" \
--json --output=security-scan-$file.json
# 機密情報検出
trufflehog filesystem "$file" \
--json --output=secrets-scan-$file.json
# コード品質チェック
gh copilot analyze security \
--file "$file" \
--output quality-check-$file.json
done
- name: Security Findings Analysis
run: |
# セキュリティ問題の集約
CRITICAL_ISSUES=$(find . -name "security-scan-*.json" -exec jq -r '.results[] | select(.extra.severity == "ERROR") | .extra.message' {} \;)
SECRET_LEAKS=$(find . -name "secrets-scan-*.json" -exec jq -r '.SourceMetadata.Data.Filesystem.file' {} \;)
if [ ! -z "$CRITICAL_ISSUES" ] || [ ! -z "$SECRET_LEAKS" ]; then
echo "🚨 Critical security issues found!"
echo "CRITICAL_ISSUES<<EOF" >> $GITHUB_ENV
echo "$CRITICAL_ISSUES" >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
echo "SECRET_LEAKS<<EOF" >> $GITHUB_ENV
echo "$SECRET_LEAKS" >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
exit 1
fi
- name: Governance Compliance Check
run: |
# 組織ガバナンスルールの確認
gh copilot validate governance \
--ruleset ${{ secrets.GOVERNANCE_RULESET }} \
--pr-number ${{ github.event.pull_request.number }}
- name: Auto-Fix Security Issues
if: failure()
run: |
# 自動修正可能な問題の修正試行
gh copilot fix security \
--issues security-scan-*.json \
--auto-commit \
--commit-message "🔒 Auto-fix security issues found by agent analysis"
- name: Security Review Request
if: failure()
uses: actions/github-script@v7
with:
script: |
const issues = process.env.CRITICAL_ISSUES || '';
const secrets = process.env.SECRET_LEAKS || '';
const body = `## 🚨 Security Review Required
This agent-generated PR contains security issues that require manual review.
### Critical Issues Found
${issues ? '```\n' + issues + '\n```' : 'None'}
### Potential Secret Leaks
${secrets ? '```\n' + secrets + '\n```' : 'None'}
### Required Actions
- [ ] Security team review
- [ ] Manual testing of authentication flows
- [ ] Verification of input validation
- [ ] Check for SQL injection vulnerabilities
**⚠️ This PR cannot be merged until security review is complete.**
`;
github.rest.pulls.createReview({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: context.issue.number,
body: body,
event: 'REQUEST_CHANGES'
});
// セキュリティチームに通知
github.rest.pulls.requestReviewers({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: context.issue.number,
team_reviewers: ['security-team']
});
エージェント運用のベストプラクティス
- 段階的導入: 低リスクなIssueから開始し、徐々に適用範囲を拡大
- 人的監視: 初期は全てのエージェント実行に人的レビューを必須化
- フィードバックループ: エージェントの成功率と品質メトリクスを継続測定
- セキュリティ優先: 自動生成コードには必ずセキュリティスキャンを実施
まとめ¶
- 完全自律Issue処理: GitHub Actions + Copilot Agent による端から端までの自動実装フロー
- ビジュアル要件対応: 画像・モックアップからのUI自動生成とコード実装
- 高度なエラーハンドリング: 自動復旧機能付きの堅牢な実行監視システム
- セキュリティ統合: ガバナンス準拠とセキュリティスキャンの自動化
GitHub Copilot Agent の実装パターンを適切に活用することで、開発プロセス全体を自動化し、品質を保ちながら開発効率を大幅に向上させることが可能になります。