CI/CD 自动化完全指南 — 让 AI Agent 参与你的开发流程
GitHub Actions 是最流行的 CI/CD 平台之一。将 OpenClaw 与 GitHub Actions 集成,可以实现:
# 在 GitHub 仓库设置中添加 Secret
# Settings → Secrets and variables → Actions → New repository secret
# Name: OPENCLAW_API_TOKEN
# Value: your-api-token# .github/workflows/code-review.yml
name: AI Code Review
on:
pull_request:
types: [opened, synchronize]
permissions:
contents: read
pull-requests: write
jobs:
review:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Get PR diff
id: diff
run: |
DIFF=$(git diff origin/${{ github.base_ref }}...HEAD)
echo "diff<<EOF" >> $GITHUB_OUTPUT
echo "$DIFF" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
- name: AI Review
uses: openclaw/github-action@v1
with:
task: |
审查以下代码变更,提供改进建议:
1. 代码质量和风格
2. 潜在的bug
3. 安全问题
4. 性能优化建议
代码变更:
${{ steps.diff.outputs.diff }}
model: claude-sonnet-4
env:
OPENCLAW_API_TOKEN: ${{ secrets.OPENCLAW_API_TOKEN }}
- name: Comment PR
uses: actions/github-script@v7
with:
script: |
const review = '${{ steps.review.outputs.result }}';
github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: `## 🤖 AI Code Review\n\n${review}`
});# .github/workflows/test-report.yml
name: AI Test Report
on:
push:
branches: [main, develop]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '20'
- name: Install dependencies
run: npm ci
- name: Run tests
run: npm test -- --coverage 2>&1 | tee test-output.txt
continue-on-error: true
- name: Generate AI Report
uses: openclaw/github-action@v1
with:
task: |
分析以下测试结果,生成简洁的测试报告:
1. 测试通过率
2. 失败的测试及原因
3. 覆盖率分析
4. 改进建议
测试输出:
$(cat test-output.txt)
env:
OPENCLAW_API_TOKEN: ${{ secrets.OPENCLAW_API_TOKEN }}
- name: Upload report
uses: actions/upload-artifact@v4
with:
name: test-report
path: test-output.txt# .github/workflows/security-scan.yml
name: Security Scan
on:
schedule:
- cron: '0 2 * * 1' # 每周一凌晨2点
workflow_dispatch:
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run npm audit
run: npm audit --json > audit-result.json 2>&1 || true
- name: AI Security Analysis
uses: openclaw/github-action@v1
with:
task: |
分析以下 npm audit 结果,生成安全报告:
1. 漏洞统计(严重/高/中/低)
2. 关键漏洞详情
3. 修复建议
4. 风险评估
Audit 结果:
$(cat audit-result.json)
env:
OPENCLAW_API_TOKEN: ${{ secrets.OPENCLAW_API_TOKEN }}# .github/workflows/update-docs.yml
name: Update Docs
on:
push:
paths:
- 'src/**'
- 'README.md'
jobs:
docs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Detect changes
id: changes
run: |
CHANGED=$(git diff --name-only HEAD~1 HEAD)
echo "files<<EOF" >> $GITHUB_OUTPUT
echo "$CHANGED" >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
- name: Update docs
if: contains(steps.changes.outputs.files, 'src/')
uses: openclaw/github-action@v1
with:
task: |
根据以下代码变更更新文档:
变更的文件:${{ steps.changes.outputs.files }}
请更新 README.md 中的相关部分。
output: docs
env:
OPENCLAW_API_TOKEN: ${{ secrets.OPENCLAW_API_TOKEN }}
- name: Commit docs
run: |
git config user.name "OpenClaw Bot"
git config user.email "bot@openclaw.ai"
git add -A
git diff --staged --quiet || git commit -m "docs: auto-update documentation"
git push如果你在 VPS 上自托管 OpenClaw,可以通过 SSH 集成:
# .github/workflows/deploy.yml
name: Deploy with OpenClaw
on:
push:
branches: [main]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Deploy via OpenClaw
uses: appleboy/ssh-action@v1
with:
host: ${{ secrets.VPS_HOST }}
username: ${{ secrets.VPS_USER }}
key: ${{ secrets.VPS_SSH_KEY }}
script: |
cd /var/www/miaoquai
git pull
openclaw gateway restartactions/cache 缓存 npm/pip 依赖continue-on-error