Skip to content
Home ยป Auto Create Pull Requests with GitHub Actions Using GitHub CLI

Auto Create Pull Requests with GitHub Actions Using GitHub CLI

In this article we will learn how to auto create pull requests with GitHub Actions using GitHub CLI.

GitHub Actions is a continuous integration and continuous delivery platform that allows you to automate your build, test, and deployment pipeline. GitHub Actions is a popular choice to empower developers with the ability to automate their workflows across issues, pull requests, and a lot more in GitHub.

Among other things, GitHub has a GitHub Marketplace for GitHub Actions that contains thousands of GitHub Actions for thousands of use cases created by thousands of different users.

Some of these GitHub Actions are extremely useful, and some may be malicious. Why even take the chance with your own GitHub repository?

Why you shouldn’t use third party GitHub Actions

As popular as some of these GitHub Actions are, integrating GitHub Actions into Github repositories can add to an organization’s risk surface. Here are a few areas of concern.

  • Third party GitHub Actions could potentially run malicious code.
  • Third party GitHub Actions could be built on malicious Docker images.
  • GitHub Actions often need access to secrets that need to be stored securely and referenced safely.
  • Unknown packages used by GitHub Actions could have multiple open source vulnerabilities.

Although third party GitHub Actions could be hurtful to you and your repository, there are verified creators that have GitHub Actions for you to use on the Marketplace.

Use GitHub CLI in your GitHub Actions to auto create pull requests

GitHub now has GitHub CLI preinstalled on all GitHub-hosted runners. GitHub CLI is an open source tool for using GitHub from your computer’s command line, but here we’ll be using it in our GitHub Action.

There are many awesome features provided by this tool. GitHub CLI includes GitHub features such as:

  • View, create, clone, and fork repositories
  • Create, close, edit, and view issues and pull requests
  • Review, diff, and merge pull requests
  • Run, view, and list workflows
  • And so much more!

I’m sure you can guess which feature from this list that we’re going to work with today.

Auto create pull requests with GitHub Actions using GitHub CLI

name: Open PR to merge main into staging every Friday at 9am ET

on:
  schedule:
  # Every Friday at 9:00am ET
  - cron: '0 14 * * FRI'
  workflow_dispatch:

jobs:
  open-pr-main-to-staging: 
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v3
      - name: open pull request
        run: gh pr create -B staging -H main --title 'Merge main into staging' --body 'Created by Github action' --repo ${{ github.repository }} --reviewer coininthecloud
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Here is a straight forward example of a GitHub Action workflow configured to open a pull request every Friday at 9:00am to merge the main branch into the staging branch.

on:
  schedule:
  # Every Friday at 9:00am ET
  - cron: '0 14 * * FRI'
  workflow_dispatch:

This piece of the workflow defines our execution schedule which is Friday at 9:00am ET every week. The workflow_dispatch line enables a feature of GitHub Actions that allows you to trigger a specific workflow run on-demand without the need for a code push or pull request. This is very helpful when you want this workflow ran any time before Friday at 9:00am.

jobs:
  open-pr-main-to-staging: 
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v3
      - name: open pull request
        run: gh pr create -B staging -H main --title 'Merge main into staging' --body 'Created by Github action' --repo ${{ github.repository }} --reviewer coininthecloud
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

This piece of the workflow defines the steps taken, actions used, and commands ran.

The main piece to focus on here is the gh command under the “open pull request” step. If you read the command being ran, it’s often self explanatory.

The command is creating a pull request named “Merge main into staging” from the main branch to the staging branch. The body of the pull request is defined by the --body flag and the repository that we are working in is defined by the --repo flag.

An important flag that should not be overlooked is the --reviewer flag. This will tag all of the users listed to the pull request for manual review and approval.

Wrapping up

This article demonstrates how to auto create pull requests with GitHub Actions using GitHub CLI. A main point to this method is to avoid third party GitHub Actions as previously mentioned in the article.

GitHub Actions with the GitHub CLI are extremely powerful and can be used to simplify existing GitHub Actions workflows to remove the need for third party GitHub Actions.

Thank you so much for reading and I hope you learned something new! If you have any questions or suggestions, please add them in the comments section below.

Leave a Reply

Your email address will not be published. Required fields are marked *