<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>GitHub Actions &#183; PiniShv</title><link>https://pinishv.com/tags/github-actions/</link><description>Pini Shvartsman leads AI transformation inside a 100+ engineer SaaS org. Field notes on autonomous engineering: AI-powered execution, human accountability.</description><generator>Hugo -- gohugo.io</generator><language>en</language><copyright>© 2026 Pini Shvartsman</copyright><lastBuildDate>Wed, 17 Sep 2025 00:00:00 +0000</lastBuildDate><atom:link href="https://pinishv.com/tags/github-actions/index.xml" rel="self" type="application/rss+xml"/><item><title>When CI/CD Speaks Human: A Friendly Nudge to DevOps (and Developers)</title><link>https://pinishv.com/articles/when-ci-cd-speaks-human/</link><pubDate>Wed, 17 Sep 2025 00:00:00 +0000</pubDate><guid>https://pinishv.com/articles/when-ci-cd-speaks-human/</guid><description>GitHub Next&amp;rsquo;s Agentic Workflows point to a near-future where we describe CI/CD in plain English and compile it to Actions—auditable, safe, and GitHub-native.</description><content:encoded>&lt;p>I spend my days thinking about how to make engineering teams more effective. Whether it&amp;rsquo;s rolling out AI tooling that boosts developer productivity or exploring automation that eliminates the tedious parts of our workflow, I&amp;rsquo;m always looking for that next breakthrough that will let us focus on what actually matters: building great software.&lt;/p>
&lt;p>That&amp;rsquo;s why GitHub Next&amp;rsquo;s &lt;strong>Agentic Workflows&lt;/strong> project hit me like a lightning bolt. This isn&amp;rsquo;t just another automation tool, it&amp;rsquo;s a fundamental shift in how we&amp;rsquo;ll think about CI/CD, repository management, and team coordination.&lt;/p>
&lt;div style="position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;">
&lt;iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen" loading="eager" referrerpolicy="strict-origin-when-cross-origin" src="https://www.youtube.com/embed/XjSl56BX-Z0?autoplay=0&amp;amp;controls=1&amp;amp;end=0&amp;amp;loop=0&amp;amp;mute=0&amp;amp;start=0" style="position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;" title="YouTube video">&lt;/iframe>
&lt;/div>
&lt;h2 class="relative group">What&amp;rsquo;s the idea?
&lt;div id="whats-the-idea" class="anchor">&lt;/div>
&lt;span
class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100 select-none">
&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#whats-the-idea" aria-label="Anchor">#&lt;/a>
&lt;/span>
&lt;/h2>
&lt;p>GitHub Agentic Workflows transforms &lt;strong>natural language markdown files into GitHub Actions&lt;/strong> that are executed by AI agents. You write automation in markdown instead of complex YAML, letting AI-powered decision making handle the details while maintaining GitHub&amp;rsquo;s native security and collaboration model.&lt;/p>
&lt;p>The workflow is straightforward: install the GitHub CLI extension with &lt;code>gh extension install githubnext/gh-aw&lt;/code>, describe your automation in a markdown file with frontmatter specifying triggers and permissions, then compile it to standard Actions YAML with &lt;code>gh aw compile&lt;/code>. The system supports multiple AI engines (Claude, Codex, and others) and maintains security through sandboxed execution with minimal permissions.&lt;/p>
&lt;p>This is explicitly a &lt;strong>research demonstrator from GitHub Next and Microsoft Research&lt;/strong>, not a production product. The goal is to explore &amp;ldquo;Continuous AI&amp;rdquo;, the systematic, automated application of AI to software collaboration, and learn out in the open.&lt;/p>
&lt;p>The design is &lt;strong>Actions-first&lt;/strong> (familiar GitHub execution model) and &lt;strong>engine-neutral&lt;/strong> (swap AI backends as needed). Your markdown source remains the source of truth, while the compiled YAML integrates seamlessly with existing GitHub workflows and governance.&lt;/p>
&lt;h2 class="relative group">How this will transform DevOps teams (if used carefully)
&lt;div id="how-this-will-transform-devops-teams-if-used-carefully" class="anchor">&lt;/div>
&lt;span
class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100 select-none">
&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#how-this-will-transform-devops-teams-if-used-carefully" aria-label="Anchor">#&lt;/a>
&lt;/span>
&lt;/h2>
&lt;p>I&amp;rsquo;ve been watching multiple DevOps teams spend countless hours on repetitive investigative work—debugging CI failures, triaging flaky tests, writing post-mortems that follow the same patterns. Agentic Workflows could automate the tedious parts while keeping humans firmly in control.&lt;/p>
&lt;p>Here&amp;rsquo;s what I&amp;rsquo;m most excited about:&lt;/p>
&lt;p>&lt;strong>Automated CI failure investigation&lt;/strong> — Think &amp;ldquo;CI Doctor&amp;rdquo; workflows that automatically investigate build failures and flakiness, then open Issues with their findings and suggested actions. No more manual time spent on repetitive post-mortem analysis. The AI does the legwork; your team makes the decisions.&lt;/p>
&lt;p>&lt;strong>Effortless status reporting&lt;/strong> — Weekly research reports and daily status updates delivered as scheduled Issues. Better visibility into what&amp;rsquo;s happening across your infrastructure without modifying a single pipeline. The information just appears where your team already looks.&lt;/p>
&lt;p>&lt;strong>Organization-specific guardrails&lt;/strong> — This is crucial. Role-based execution limits, &amp;ldquo;plan→apply&amp;rdquo; workflows with human approval checkpoints, and integrated MCP tools all running in sandboxed, network-confined environments. You get the automation benefits without losing control.&lt;/p>
&lt;p>The key insight: your governance model doesn&amp;rsquo;t change. These workflows compile to standard GitHub Actions, so your existing review processes, permissions, and audit trails remain intact.&lt;/p>
&lt;h2 class="relative group">How this will supercharge Development teams
&lt;div id="how-this-will-supercharge-development-teams" class="anchor">&lt;/div>
&lt;span
class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100 select-none">
&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#how-this-will-supercharge-development-teams" aria-label="Anchor">#&lt;/a>
&lt;/span>
&lt;/h2>
&lt;p>I&amp;rsquo;ve watched developers get buried under the administrative overhead of modern development—triaging issues, chasing missing PR details, manually updating documentation that should sync automatically. Here&amp;rsquo;s where I see Agentic Workflows making the biggest difference:&lt;/p>
&lt;p>&lt;strong>Intelligent triage that actually works&lt;/strong> — Workflows that request missing details from issue reporters, automatically categorize and label new issues, and reduce the noise that constantly interrupts focused development time. Finally, a way to maintain issue quality without developers playing 20 questions.&lt;/p>
&lt;p>&lt;strong>PR assistance with real context&lt;/strong> — Code-aware workflows that update documentation when APIs change, check dependencies for known issues, suggest fixes when PR builds fail, and identify opportunities to improve test coverage or performance. Crucially, all delivered through PRs that developers can review and approve—never silent changes to your codebase.&lt;/p>
&lt;p>&lt;strong>Continuous research and knowledge sharing&lt;/strong> — Workflows that create Issues with summaries of relevant trends, new tools, or techniques in your domain. Instead of wondering what you&amp;rsquo;re missing in the ecosystem, the information comes to you where you already work.&lt;/p>
&lt;p>Here&amp;rsquo;s a simple example that captures the magic—an issue clarifier that runs when issues are opened:&lt;/p>
&lt;div class="highlight">&lt;pre tabindex="0" class="chroma">&lt;code class="language-markdown" data-lang="markdown">&lt;span class="line">&lt;span class="cl">---
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">on:
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> issues:
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> types: [opened]
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">permissions: read-all
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">safe-outputs:
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl"> add-comment:
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">---
&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="gh"># Issue Clarifier
&lt;/span>&lt;/span>&lt;/span>&lt;span class="line">&lt;span class="cl">&lt;span class="gh">&lt;/span>Analyze the current issue and ask for additional details if the issue is unclear.
&lt;/span>&lt;/span>&lt;/code>&lt;/pre>&lt;/div>&lt;p>That&amp;rsquo;s it. English instructions that compile to Actions YAML your team can review and govern.&lt;/p>
&lt;h2 class="relative group">Special caution regarding code changes
&lt;div id="special-caution-regarding-code-changes" class="anchor">&lt;/div>
&lt;span
class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100 select-none">
&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#special-caution-regarding-code-changes" aria-label="Anchor">#&lt;/a>
&lt;/span>
&lt;/h2>
&lt;p>Here&amp;rsquo;s where I want to be crystal clear: &lt;strong>any workflow that touches your actual codebase must go through pull requests for human review&lt;/strong>. The beauty of this system is that AI agents can suggest changes, improvements, and fixes, but they deliver them through the same PR process your team already trusts.&lt;/p>
&lt;p>I&amp;rsquo;ve seen too many automation projects fail because they bypassed human oversight. The GitHub team got this right—workflows that modify code create PRs, not direct commits. This preserves your team&amp;rsquo;s ability to review, discuss, and reject changes that don&amp;rsquo;t make sense.&lt;/p>
&lt;h2 class="relative group">My pragmatic advice
&lt;div id="my-pragmatic-advice" class="anchor">&lt;/div>
&lt;span
class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100 select-none">
&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#my-pragmatic-advice" aria-label="Anchor">#&lt;/a>
&lt;/span>
&lt;/h2>
&lt;ul>
&lt;li>&lt;strong>Start small and specific.&lt;/strong> Pick one repetitive task that&amp;rsquo;s eating your team&amp;rsquo;s time—issue triage, status reporting, or CI failure investigation.&lt;/li>
&lt;li>&lt;strong>Security is non-negotiable.&lt;/strong> Use the read-only defaults, explicit tool allow-lists, and human-visible outputs. This is research-grade software; treat it accordingly.&lt;/li>
&lt;li>&lt;strong>Governance doesn&amp;rsquo;t change.&lt;/strong> Because it compiles to Actions YAML, your existing review processes, branch protections, and policies still apply. This is an authoring tool, not a permission bypass.&lt;/li>
&lt;li>&lt;strong>Keep humans in the loop.&lt;/strong> The goal isn&amp;rsquo;t to eliminate human judgment—it&amp;rsquo;s to eliminate human busy work.&lt;/li>
&lt;/ul>
&lt;h2 class="relative group">Why I think this is the future
&lt;div id="why-i-think-this-is-the-future" class="anchor">&lt;/div>
&lt;span
class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100 select-none">
&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#why-i-think-this-is-the-future" aria-label="Anchor">#&lt;/a>
&lt;/span>
&lt;/h2>
&lt;p>I&amp;rsquo;ve spent years watching teams struggle with the gap between intent and implementation. Developers know what they want their CI/CD to do, but getting there requires wrestling with YAML syntax, learning platform-specific APIs, and debugging workflows that should just work.&lt;/p>
&lt;p>Agentic Workflows flips this: you describe what you want, and the system handles the how. Your DevOps team keeps control over policies, permissions, and infrastructure. Your developers get to focus on features instead of YAML archaeology.&lt;/p>
&lt;p>Most importantly, everything stays auditable, reviewable, and governed through the same processes your team already trusts.&lt;/p>
&lt;h2 class="relative group">Ready to try it?
&lt;div id="ready-to-try-it" class="anchor">&lt;/div>
&lt;span
class="absolute top-0 w-6 transition-opacity opacity-0 ltr:-left-6 rtl:-right-6 not-prose group-hover:opacity-100 select-none">
&lt;a class="group-hover:text-primary-300 dark:group-hover:text-neutral-700 !no-underline" href="#ready-to-try-it" aria-label="Anchor">#&lt;/a>
&lt;/span>
&lt;/h2>
&lt;p>If you&amp;rsquo;re curious (and you should be), the quick start is genuinely quick:&lt;/p>
&lt;ol>
&lt;li>&lt;strong>Install the extension&lt;/strong>: &lt;code>gh extension install githubnext/gh-aw&lt;/code>&lt;/li>
&lt;li>&lt;strong>Add a sample workflow&lt;/strong>: &lt;code>gh aw add weekly-research -r githubnext/agentics --pr&lt;/code>&lt;/li>
&lt;li>&lt;strong>Set up your AI secret&lt;/strong>: &lt;code>gh secret set ANTHROPIC_API_KEY -a actions --body &amp;quot;&amp;lt;your-key&amp;gt;&amp;quot;&lt;/code>&lt;/li>
&lt;li>&lt;strong>Run it&lt;/strong>: &lt;code>gh aw run weekly-research&lt;/code>&lt;/li>
&lt;/ol>
&lt;p>Start with something low-risk—issue triage, status reports, or CI failure investigation. Keep approvals enabled, review everything the system generates, and learn what works for your team.&lt;/p>
&lt;p>&lt;strong>Key resources:&lt;/strong>&lt;/p>
&lt;ul>
&lt;li>&lt;strong>Main extension&lt;/strong>: &lt;a
href="https://github.com/githubnext/gh-aw"
target="_blank"
>githubnext/gh-aw&lt;/a>&lt;/li>
&lt;li>&lt;strong>Sample workflows&lt;/strong>: &lt;a
href="https://github.com/githubnext/agentics"
target="_blank"
>githubnext/agentics&lt;/a>&lt;/li>
&lt;/ul>
&lt;p>This is where engineering productivity is heading. The question isn&amp;rsquo;t whether AI will change how we automate our workflows—it&amp;rsquo;s whether we&amp;rsquo;ll be ready when it does.&lt;/p></content:encoded></item></channel></rss>