8.0 KiB
title, description
| title | description |
|---|---|
| CI/CD Environments | Set up Goose in your CI/CD pipeline to automate tasks |
import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem';
Goose isn’t just useful on your local machine, it can also streamline tasks in CI/CD environments. By integrating Goose into your pipeline, you can automate tasks such as:
- Code reviews
- Documentation checks
- Build and deployment workflows
- Infrastructure and environment management
- Rollbacks and recovery processes
- Intelligent test execution
This guide walks you through setting up Goose in your CI/CD pipeline, with a focus on using GitHub Actions for code reviews.
Using Goose with GitHub Actions
You can run Goose directly within GitHub Actions. Follow these steps to set up your workflow.
:::info TLDR
Copy the GitHub Workflow
name: Goose
on:
pull_request:
types: [opened, synchronize, reopened, labeled]
permissions:
contents: write
pull-requests: write
issues: write
env:
PROVIDER_API_KEY: ${{ secrets.REPLACE_WITH_PROVIDER_API_KEY }}
PR_NUMBER: ${{ github.event.pull_request.number }}
jobs:
goose-comment:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Gather PR information
run: |
{
echo "# Files Changed"
gh pr view $PR_NUMBER --json files \
-q '.files[] | "* " + .path + " (" + (.additions|tostring) + " additions, " + (.deletions|tostring) + " deletions)"'
echo ""
echo "# Changes Summary"
gh pr diff $PR_NUMBER
} > changes.txt
- name: Install Goose CLI
run: |
mkdir -p /home/runner/.local/bin
curl -fsSL https://github.com/block/goose/releases/download/stable/download_cli.sh \
| CONFIGURE=false INSTALL_PATH=/home/runner/.local/bin bash
echo "/home/runner/.local/bin" >> $GITHUB_PATH
- name: Configure Goose
run: |
mkdir -p ~/.config/goose
cat <<EOF > ~/.config/goose/config.yaml
GOOSE_PROVIDER: REPLACE_WITH_PROVIDER
GOOSE_MODEL: REPLACE_WITH_MODEL
keyring: false
EOF
- name: Create instructions for Goose
run: |
cat <<EOF > instructions.txt
Create a summary of the changes provided. Don't provide any session or logging details.
The summary for each file should be brief and structured as:
<filename/path (wrapped in backticks)>
- dot points of changes
You don't need any extensions, don't mention extensions at all.
The changes to summarise are:
$(cat changes.txt)
EOF
- name: Test
run: cat instructions.txt
- name: Run Goose and filter output
run: |
goose run --instructions instructions.txt | \
# Remove ANSI color codes
sed -E 's/\x1B\[[0-9;]*[mK]//g' | \
# Remove session/logging lines
grep -v "logging to /home/runner/.config/goose/sessions/" | \
grep -v "^starting session" | \
grep -v "^Closing session" | \
# Trim trailing whitespace
sed 's/[[:space:]]*$//' \
> pr_comment.txt
- name: Post comment to PR
run: |
cat -A pr_comment.txt
gh pr comment $PR_NUMBER --body-file pr_comment.txt
:::
1. Create the Workflow File
Create a new file in your repository at .github/workflows/goose.yml. This will contain your GitHub Actions workflow.
2. Define the Workflow Triggers and Permissions
Configure the action such that it:
- Triggers the workflow when a pull request is opened, updated, reopened, or labeled
- Grants the necessary permissions for Goose to interact with the repository
- Configures environment variables for your chosen LLM provider
name: Goose
on:
pull_request:
types: [opened, synchronize, reopened, labeled]
permissions:
contents: write
pull-requests: write
issues: write
env:
PROVIDER_API_KEY: ${{ secrets.REPLACE_WITH_PROVIDER_API_KEY }}
PR_NUMBER: ${{ github.event.pull_request.number }}
3. Install and Configure Goose
To install and set up Goose in your workflow, add the following steps:
steps:
- name: Install Goose CLI
run: |
mkdir -p /home/runner/.local/bin
curl -fsSL https://github.com/block/goose/releases/download/stable/download_cli.sh \
| CONFIGURE=false INSTALL_PATH=/home/runner/.local/bin bash
echo "/home/runner/.local/bin" >> $GITHUB_PATH
- name: Configure Goose
run: |
mkdir -p ~/.config/goose
cat <<EOF > ~/.config/goose/config.yaml
GOOSE_PROVIDER: REPLACE_WITH_PROVIDER
GOOSE_MODEL: REPLACE_WITH_MODEL
keyring: false
EOF
:::info Replacements
Replace REPLACE_WITH_PROVIDER and REPLACE_WITH_MODEL with your LLM provider and model names and add any other necessary configuration required.
:::
4. Gather PR Changes and Prepare Instructions
This step extracts pull request details and formats them into structured instructions for Goose.
- name: Create instructions for Goose
run: |
cat <<EOF > instructions.txt
Create a summary of the changes provided. Don't provide any session or logging details.
The summary for each file should be brief and structured as:
<filename/path (wrapped in backticks)>
- dot points of changes
You don't need any extensions, don't mention extensions at all.
The changes to summarise are:
$(cat changes.txt)
EOF
5. Run Goose and Clean Output
Now, run Goose with the formatted instructions and clean the output by removing ANSI color codes and unnecessary log messages.
- name: Run Goose and filter output
run: |
goose run --instructions instructions.txt | \
# Remove ANSI color codes
sed -E 's/\x1B\[[0-9;]*[mK]//g' | \
# Remove session/logging lines
grep -v "logging to /home/runner/.config/goose/sessions/" | \
grep -v "^starting session" | \
grep -v "^Closing session" | \
# Trim trailing whitespace
sed 's/[[:space:]]*$//' \
> pr_comment.txt
6. Post Comment to PR
Finally, post the Goose output as a comment on the pull request:
- name: Post comment to PR
run: |
cat -A pr_comment.txt
gh pr comment $PR_NUMBER --body-file pr_comment.txt
With this workflow, Goose will run on pull requests, analyze the changes, and post a summary as a comment on the PR.
This is just one example of what's possible. Feel free to modify your GitHub Action to meet your needs.
Security Considerations
When running Goose in a CI/CD enviroment, keep these security practices in mind:
-
Secret Management
- Store your sensitive credentials (like API keys) as GitHub Secrets.
- Never expose these credentials in logs or PR comments.
-
Principle of Least Privilege
- Grant only the necessary permissions in your workflow and regularly audit them.
-
Input Validation
- Ensure any inputs passed to Goose are sanitized and validated to prevent unexpected behavior.