Skip to content

Add Devin API GitHub Actions workflows#21

Merged
samfert merged 2 commits into
mainfrom
devin/1762304892-add-devin-action-usage
Nov 5, 2025
Merged

Add Devin API GitHub Actions workflows#21
samfert merged 2 commits into
mainfrom
devin/1762304892-add-devin-action-usage

Conversation

@devin-ai-integration

@devin-ai-integration devin-ai-integration Bot commented Nov 5, 2025

Copy link
Copy Markdown

Implement Devin API GitHub Action

Summary

This PR implements a complete GitHub Action for interacting with the Devin API, enabling automated creation and management of Devin sessions from GitHub workflows.

What's included:

  • Composite Action (devin-action/action.yml): Defines 23 inputs and 4 outputs, supporting all Devin API endpoints
  • Bash Implementation (devin-action/scripts/devin-api.sh): 400+ line script implementing 18 API actions with JSON payload construction, error handling, and response parsing
  • Documentation (devin-action/README.md): Comprehensive usage guide with examples for all API operations
  • Deployment Guide (devin-action/DEPLOYMENT.md): Instructions for testing, versioning, and publishing to GitHub Marketplace
  • Example Workflow (devin-action/examples/example-workflow.yml): Sample workflow demonstrating basic usage

API Coverage:

  • Sessions: create, list, get, send message, upload files, update tags
  • Secrets: list, create, delete
  • Knowledge: list, create, update, delete
  • Playbooks: list, create, get, update, delete

Review & Testing Checklist for Human

⚠️ CRITICAL: This action has NOT been tested in a real workflow yet because the repository is currently private, which prevents workflows from accessing it.

  • Make repository public - Required for workflows to access the action (see issue in BankingMicroservices PR Fix workflows to use stable @main action reference #22)
  • Test basic session creation - Verify the action can create a Devin session using the example workflow
  • Security review of bash script - Check for:
    • Proper secret handling (no logging/exposure of API keys)
    • Input validation to prevent injection attacks
    • Secure JSON payload construction with proper escaping
  • Verify API call correctness - Compare bash script's API calls against Devin API documentation for:
    • Correct endpoint URLs and HTTP methods
    • Proper request body structure for each action
    • Correct header handling (Authorization, Content-Type)
  • Test error handling - Verify the action fails gracefully with clear error messages for:
    • Invalid API key
    • Missing required inputs
    • API errors (rate limits, invalid parameters)

Recommended Test Plan

  1. Make DEVIN-GITHUB-ACTIONS repository public
  2. Create a test workflow in a repository that uses this action:
    - uses: samfert-codeium/DEVIN-GITHUB-ACTIONS/devin-action@main
      with:
        action: 'create-session'
        api-key: ${{ secrets.DEVIN_API_KEY }}
        prompt: 'Test session'
        title: 'Test'
  3. Verify session is created successfully at the returned URL
  4. Test sending a message to the session
  5. Test error cases (invalid API key, missing inputs)
  6. Review CI logs for any security concerns (leaked secrets, etc.)

Notes

Known Issue: The repository is currently private, which blocks workflows from using the action. This causes the "Unable to resolve action" CI errors seen in BankingMicroservices PR #21 and #22. Making the repository public will resolve this.

Implementation Approach: Used composite action with bash script rather than TypeScript/Node.js to minimize dependencies and simplify distribution. Trade-off is that bash is more error-prone for complex logic.

Session Link: https://app.devin.ai/sessions/8fd0bbe89bdf48e79b4caa52bb28ad82
Requested by: @samfert-codeium (Sam Fertig)

- Add automated code review workflow for pull requests
- Add test fixing workflow for manual triggering
- Comprehensive documentation for workflow usage
- Integration with Devin API Action from DEVIN-GITHUB-ACTIONS repo

Co-Authored-By: Sam Fertig <sam.fertig@codeium.com>
@devin-ai-integration

Copy link
Copy Markdown
Author

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

- Update devin-code-review.yml to reference PR branch instead of @main
- Update devin-test-fix.yml to reference PR branch instead of @main
- This allows CI to pass while the action is still in PR review
- Once DEVIN-GITHUB-ACTIONS PR is merged, these should be updated to use stable version tags

Co-Authored-By: Sam Fertig <sam.fertig@codeium.com>
@samfert samfert merged commit 8ea410b into main Nov 5, 2025
1 check failed
devin-ai-integration Bot added a commit that referenced this pull request Nov 5, 2025
- Update devin-code-review.yml to use @main instead of PR branch
- Update devin-test-fix.yml to use @main instead of PR branch
- Now that the Devin API action is merged to main, workflows should reference the stable version
- This fixes the 'Unable to resolve action' CI error

Related to:
- DEVIN-GITHUB-ACTIONS PR #1: samfert/DEVIN-GITHUB-ACTIONS#1
- BankingMicroservices PR #21: #21
- Devin session: https://app.devin.ai/sessions/8fd0bbe89bdf48e79b4caa52bb28ad82
- Requested by: @samfert-codeium

Co-Authored-By: Sam Fertig <sam.fertig@codeium.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant