Read Anthropic’s case study about Graphite Reviewer

How to post a comment on a PR with GitHub Actions

Kenny DuMez
Kenny DuMez
Graphite software engineer

GitHub Actions is an automation platform within GitHub that allows you to automate various workflows across your GitHub repositories. One practical use of GitHub Actions is to automatically post comments on pull requests (PRs). This capability can be extremely useful for code reviews, automated testing results, style checks, or even welcome messages for first-time contributors. This guide will cover how to configure GitHub Actions workflow to post comments on PRs.

GitHub Actions is a CI/CD platform that allows the automation of various software workflows, including build, test, and deployment processes. Actions are triggered by GitHub events like pushing to branches, opening pull requests, or leaving comments.

The pull_request event triggers workflows in response to activities related to pull requests. For posting comments, you'll most likely want to trigger on subtypes of this event such as opened, synchronized, or reopened.

To post comments, GitHub Actions requires authentication, typically using the GITHUB_TOKEN secret and is automatically made available in the workflow environment when a workflow is triggered. The token's permissions are limited to the repository in which the workflow runs, and they can be further restricted or configured via the workflow file. This setup ensures that the token has just enough permissions to perform the tasks needed by the workflow, adhering to the principle of least privilege.

To begin, you first need to set up a workflow file in your repository under .github/workflows/, for example comment-on-pr.yml.

Start by specifying the name of the workflow and the event details:

Terminal
name: Comment on Pull Request
on:
pull_request:
types: [opened, reopened]

This setup triggers the workflow whenever a pull request is opened or reopened.

Define a job that specifies the steps to execute when the workflow is triggered:

Terminal
jobs:
post-comment:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Comment PR
uses: thollander/actions-comment-pull-request@v1
with:
message: 'Thank you for your pull request!'
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  • Checkout code: The actions/checkout@v2 action checks out the repository under $GITHUB_WORKSPACE, so the workflow can access it.

  • Comment PR: This step uses a third-party action thollander/actions-comment-pull-request@v1 to post a comment. You provide a static message here, but it can also be dynamic based on script outputs or other actions.

The message can be customized or dynamically generated based on various factors like the PR content, code analysis tools, or test results. You can use scripting or other actions to set the message dynamically.

You can extend this basic functionality by adding conditions, using different types of GitHub Actions to analyze the PR, and then posting the results from the analysis as comments. Integration with tools like linters, testers, or even deployment scripts can provide feedback directly on the PR through comments.

You might want to conditionally post comments based on the content of the PR or the results of previous steps:

Terminal
steps:
- name: Check for TODOs
id: todo-check
run: |
echo "todo_count=$(grep -r 'TODO' . | wc -l)" >> $GITHUB_ENV
- name: Comment if TODOs found
if: ${{ env.todo_count > 0 }}
uses: thollander/actions-comment-pull-request@v1
with:
message: 'Please address TODO comments before merging.'
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

This workflow checks for TODO comments in the code and posts a comment if any are found.

  • Start by logging into the Graphite web app. You need to ensure that your GitHub repositories are synced with Graphite. This is allows the automation to be able to interact with your repositories.
  • From the sidebar in the Graphite web app, select Automations. This section allows you to manage and create new automation rules.
  • Click on Create rule to start setting up your automation.
  • Select the repository you want to apply the rule to.
  • Specify the filter trigger: This is the condition under which your automation will activate. For commenting on PRs, you might set a trigger for when a PR is opened or updated, or when it contains files of a certain type (e.g., **/*.ts for TypeScript files).
  • Define the action: Choose Leave a comment on the PR as the action to take when the trigger conditions are met. You can then specify the exact message you want to post. For example, you could leave a reminder to write tests for PRs containing changes to sensitive parts of your code.
  • Preview the rule: Before activating the rule, Graphite allows you to preview past PRs that would have matched your new rule. This helps ensure that your conditions are set up correctly.
  • Activate the rule: Once you’re satisfied with the configuration, click Activate rule. This will apply the rule to all open and future PRs that meet the conditions specified.
  • After creating rules, you can view all active rules by navigating to the Automations section. You can also edit any rules to update conditions or actions as necessary by clicking the pencil icon next to the rule you want to edit.
  • Simplicity: Save time by not having to configure and maintain complex GitHub workflow files.
  • Customization: Configure rules with complex conditions based on the specific needs of your project or team, enhancing how you manage code reviews and PR interactions.

For further reading see the Graphite Automations docs.

Graphite
Git stacked on GitHub

Stacked pull requests are easier to read, easier to write, and easier to manage.
Teams that stack ship better software, faster.

Or install our CLI.
Product Screenshot 1
Product Screenshot 2