Read Anthropic’s case study about Graphite Reviewer

How to write custom GitHub Actions for code reviews

Kenny DuMez
Kenny DuMez
Graphite software engineer

GitHub Actions offer a powerful platform for automating various development workflows, including code review. By creating custom GitHub Actions, teams can automate parts of their review processes, such as running linters, checking coding standards, or even enforcing certain file changes before a pull request can be merged. This guide walks through the steps to develop custom GitHub Actions specifically tailored for code review automation.

GitHub Actions enable automation of workflows directly within your GitHub repository. Actions are triggered by GitHub events like pushing to branches, opening pull requests, or leaving comments, and can run a series of commands in response.

Custom GitHub Actions can streamline the code review process by:

  • Automating repetitive tasks like code linting and syntax checking.
  • Ensuring adherence to coding standards.
  • Providing immediate feedback on pull requests.

Before you begin, ensure you have:

  • A GitHub account and a repository where you can implement Actions.
  • Basic knowledge of YAML syntax and workflow configuration in GitHub.
  • Familiarity with the programming language you will use to write scripts (e.g., JavaScript, Python).

Create a file named action.yml in the root of your repository. This file contains metadata about the Action. For example, an action to execute a JavaScript program to leave comments on PRs would look something like this.

Terminal
name: 'Leave comment'
description: 'Leaves a comment on specified PRs'
inputs:
github_token:
description: 'GitHub token for authentication'
required: true
pr_number:
description: 'The number of the Pull Request to comment on'
required: true
comment_body:
description: 'The content of the comment to post'
required: true
runs:
using: 'node12'
main: 'index.js'
  • inputs: This section now includes three parameters that the Action requires to function:

    • github_token: This input is necessary for the Action to authenticate with GitHub and perform operations like commenting on a PR.
    • pr_number: This is the identifier for the pull request on which the comment should be posted. This must be supplied by the user when they configure the workflow that uses this action.
    • comment_body: This is the actual text of the comment that will be posted to the pull request. It allows the user of the action to specify what the comment should say.
  • runs: This section defines how the Action is executed:

    • using: Specifies that this action runs in a Node.js environment. Here, it's specifically set to use Node.js version 12.
    • main: Points to index.js as the entry point script for the action. This JavaScript file should contain the code that uses the provided inputs to post a comment on the pull request.

The main logic of the Action is typically written in a file like index.js. Here's an example of a simple Node.js script that comments on a pull request:

Terminal
const github = require('@actions/github')
const core = require('@actions/core')
async function run() {
try {
const token = core.getInput('github_token')
const octokit = github.getOctokit(token)
const { context = {} } = github
const prNumber = context.payload.pull_request.number
const owner = context.repo.owner
const repo = context.repo.repo
const comment = {
owner,
repo,
issue_number: prNumber,
body: 'Automated code review: All checks passed.'
}
await octokit.issues.createComment(comment)
} catch (error) {
core.setFailed(error.message)
}
}
run()

After you've tested your Action locally and ensured it works as expected:

  • Push the changes to your GitHub repository.
  • Tag your repository with a version number (e.g., v1.0.0).
  • Reference this tag when using the Action in workflows.

To use your custom Action within a workflow in another repository, you can reference it in a workflow file:

Terminal
name: Automated Code Review
on: [pull_request]
jobs:
lint-and-review:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Run custom code review
uses: your-username/code-review-linter@v1.0.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}

This workflow triggers every time a pull request is opened and runs your custom code review Action.

Instead of writing and maintaining custom GitHub Actions to automate commenting on PRs, you can leverage Graphite Automations, which offers a streamlined and more robust way to automate PR interactions. Here's an alternative approach using Graphite Automations:

  • Log into the Graphite web app.
  • Navigate to the Automations section from the sidebar, where you can manage and create automation rules.
  • Click on 'Create rule' to start defining your automation.
  • Select the repository you want to apply the rule to. Ensure it is one of your synced repositories.
  • Set the filter trigger for the PRs you want to target. For example, you could set it to trigger when a PR is updated or when new commits are pushed.
  • Specify additional conditions such as the type of files changed (e.g., only .js files), the branch name, or PR labels.
  • Choose 'Leave a comment on the PR' as the action.
  • Configure the comment content you want to automate. For instance, the comment could be a reminder to run certain tests or a notification that a review is needed.
  • Preview the rule to check how it would behave with past PRs to ensure your conditions are correctly configured.
  • Activate the rule. It will now automatically apply to all open PRs that meet the specified conditions, as well as any future PRs.

For further reading see the official Graphite documentation.

Graphite
Git stacked on GitHub

Stacked pull requests are easier to read, easier to write, and easier to manage.
Teams that stack ship better software, faster.

Or install our CLI.
Product Screenshot 1
Product Screenshot 2