>_ DevTrendsja

言語

ホーム

言語

セクション

フロントエンド バックエンド モバイル DevOps AI / ML ゲーム開発 ブロックチェーン セキュリティ
Go

How to Make GitHub Actions Write Reports and Analyze Code Using Plain Text

4,706 スター

Imagine you come to work in the morning, open GitHub, and there's already a neat Issue waiting for you with a summary of all yesterday's discussions, a list of critical bugs, and even a draft plan for the day. And all of this wasn't done by your intern, but by an automated agent to whom you simply wrote a note in Markdown.

Sounds like a scenario from the future? Actually, this is already a reality that GitHub is actively testing as part of the gh-aw project (Agentic Workflows). Let's figure out why this could forever change how we write CI/CD pipelines.

What Are Agentic Workflows and Why Do We Need Them

Usually, setting up GitHub Actions involves writing YAML configs where you instruct the system step-by-step: "download the repository", "install dependencies", "run the script". This works great for predictable tasks but falls short when faced with something creative or analytical.

The gh-aw project offers a different approach. Instead of writing a rigid algorithm, you describe the task in natural language. A special CLI extension converts your Markdown file into a full Workflow, where an AI agent (for example, Copilot or Claude) works behind the scenes. It decides on its own which data from the repository it needs to read, how to analyze it, and what result to produce.

This is the ideal tool for those who want to automate "human" routines: writing reports, checking documentation for relevance, or initial ticket sorting.

How It Works in Practice

The best part here is the low barrier to entry. You don't need to be an expert in Prompt Engineering or deeply know the GitHub API.

Here's an example of what a task description looks like:

---
on:
  schedule: daily
permissions:
  contents: read
  issues: read
  pull-requests: read
safe-outputs:
  create-issue:
    title-prefix: "[team-status] "
    labels: [report, daily-status]
    close-older-issues: true
---

## Daily Issues Report

Создай бодрый ежедневный отчет для команды в виде GitHub issue. 
Проанализируй открытые задачи и выдели самые важные.

When this workflow runs, the agent enters your repository, "reads" the latest events, and creates an Issue. Note that in block safe-outputs we clearly limit the agent's permissions: it can create tickets, but only with a specific prefix and tags. This isn't a "black box" with full access, but a controlled assistant.

Three Pillars of Security: Why the Agent Won't Delete Your Prod

When we give a neural network access to code, the first question that comes up is "Won't it cause problems?". The developers from GitHub Next paid enormous attention to this:

  1. Principle of Least Privilege: By default, the agent only has read permissions. For it to be able to write something (create a PR or Issue), you must explicitly allow this in the config.
  2. Sandboxing: All actions are executed in isolated containers. The agent can't just "escape" into your infrastructure.
  3. Network Firewall (AWF): In the project's ecosystem, there's a special component — Agent Workflow Firewall. It controls where the agent tries to send data to the outside world, preventing leaks.

What Else the gh-aw Ecosystem Can Do

The project isn't limited to just the CLI. It's an entire infrastructure for creating smart assistants:

  • MCP Gateway: Allows connecting external tools via the Model Context Protocol. This means your agent can not only read GitHub, but also peek into other services if you give it that capability.
  • The Agentics: A collection of ready-made components and templates. No need to reinvent the wheel — you can take ready-made "building blocks" for typical tasks.
  • Compile-time validation: The system checks your Markdown file before running to ensure the agent understands the instructions and has the necessary permissions.

Who Will Find This Useful Today

In my practice, I often encounter tasks that are "too complex for Bash, but too boring for a human".

For example:

  • Documentation Maintenance: An agent can once a week check whether function signatures in the code have changed, and if the README is outdated — suggest edits.
  • Sentiment Analysis: In large Open Source projects, an agent can monitor comments and highlight for maintainers those discussions where the level of toxicity or dissatisfaction is growing.
  • Changelog Generation: Instead of painfully trying to remember what you programmed over the month, you can ask the agent to compile a nice list of changes based on merge requests.

Conclusion: Is It Worth Trying?

GitHub Agentic Workflows is still experimental territory (as the banner WARNING in the repository honestly warns). However, this is arguably the most mature approach to integrating AI into CI/CD today.

If you're tired of routine reporting or want to add a bit of "brains" to your repository, definitely worth installing gh aw and trying to run at least one simple report. It's a great way to feel how AI is turning from a toy into a real working developer tool.

Ready to delegate part of your work to a bot? Check out Peli's Agent Factory — it has many inspiring examples of what these agents can already do.

関連プロジェクト