- Plan on pull request — shallow-fetches the comparison commit, runs
ravion ... config apply --dry-runfor each changed resource, and posts every plan in a single, updating PR comment. - Apply on merge — shallow-fetches the comparison commit and runs
ravion ... config applyfor each changed resource when the branch merges into your default branch.
Authenticate in CI
The CLI reads a service-account API key from theRAVION_API_KEY environment variable.
1
Create a service-account API key
Create a service account for CI and an API key for it. See
ravion service-account and ravion api-key.2
Store the key as a repository secret
In your GitHub repository, go to Settings → Secrets and variables → Actions and add a secret
named
RAVION_API_KEY with the API key value.Add the workflow
Copy the prompt below into your coding agent to add and configure the GitHub action.Discover your Ravion config files and add the CI workflow.
.github/workflows/ravion.yml. Define each project or pipeline as a contiguous indexed ID/file pair. Anchor every *_FILE value and reuse those aliases in ravion_paths, so each config file path appears once.
Set RAVION_CLI_VERSION to the CLI release you want CI to use. Leave RAVION_AUTOAPPROVE as "false" to require manual approval of stack change pipeline runs in the Ravion dashboard, or set it to "true" to auto-approve project applies.
.github/workflows/ravion.yml
GitHub leaves a path-filtered workflow’s check pending when the workflow is configured as a
required status check but none of its paths match. Keep this workflow optional, or use a separate
always-running check for branch protection.
In CI the CLI isn’t attached to a terminal, so its output is already plain text. The plan step
also sets
NO_COLOR=1 to strip any ANSI color codes before the output goes into the PR comment.Next steps
Project config file
Pull, edit, and apply a project’s config.
Pipeline config file
Pull, edit, and apply a pipeline’s config.