A GitHub Action that automatically runs the devops-maturity CLI whenever devops-maturity.yml is updated, generates a new badge reflecting the current maturity level, and opens a pull request for team review.
When a team edits their devops-maturity.yml assessment file the action will:
- Install the
devops-maturityCLI. - Run
dm config --file devops-maturity.ymlto calculate the score and badge. - Update the
README.mdbadge in-place (or prepend one if none exists). - Open (or update) a pull request containing the badge change for review.
Add the following workflow file to your repository at
.github/workflows/devops-maturity.yml:
name: DevOps Maturity Check
on:
push:
branches:
- main
paths:
- 'devops-maturity.yml'
workflow_dispatch:
jobs:
update-badges:
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- uses: actions/checkout@v4
- uses: devops-maturity/devops-maturity-action@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}Place a devops-maturity.yml file at the root of your repository. Use
dm assess interactively to generate the initial file, or start from the
template below:
# DevOps Maturity Assessment
# https://devops-maturity.github.io/
project_name: my-project
# Basics
D101: true # Branch Builds (must have)
D102: true # Pull Request Builds (must have)
D103: false # Clean Build Environments (nice to have)
# Quality
D201: true # Unit Testing (must have)
D202: false # Functional Testing (must have)
# … (see devops-maturity.yml in this repo for the full list)| Input | Required | Default | Description |
|---|---|---|---|
github-token |
yes | — | Token used to create the pull request. Pass ${{ secrets.GITHUB_TOKEN }}. |
file |
no | devops-maturity.yml |
Path to the assessment YAML file. |
readme-path |
no | README.md |
Path to the README file to update with the badge. |
pr-branch |
no | chore/update-devops-maturity-badges |
Branch name for the pull request. |
commit-message |
no | chore: update devops-maturity badges |
Commit message for the badge update. |
pr-title |
no | chore: update devops-maturity badges |
Title of the pull request. |
pr-body |
no | (auto-generated) | Body text of the pull request. |
cli-version |
no | (latest) | Pin a specific CLI version for reproducible results (e.g. 0.1.0). |
| Output | Description |
|---|---|
score |
Overall maturity score as a percentage (e.g. "72.3%"). |
level |
Maturity level: WIP, PASSING, BRONZE, SILVER, or GOLD. |
badge-url |
shields.io badge URL for the current maturity level. |
badge-markdown |
Ready-to-paste Markdown snippet for the badge. |
pull-request-number |
Number of the created (or updated) pull request. |
pull-request-url |
HTML URL of the created (or updated) pull request. |
- id: maturity
uses: devops-maturity/devops-maturity-action@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Print results
run: |
echo "Score : ${{ steps.maturity.outputs.score }}"
echo "Level : ${{ steps.maturity.outputs.level }}"
echo "PR : ${{ steps.maturity.outputs.pull-request-url }}"The workflow job must have the following permissions:
permissions:
contents: write # to push the badge-update branch
pull-requests: write # to open the pull requestThe action searches the target README for an existing DevOps Maturity shields.io badge using a regular expression. If one is found it is replaced in-place; if none exists the new badge is prepended before the first Markdown heading (or at the very top of the file).
For reproducible CI results, pin both the action and the CLI to specific versions:
- uses: devops-maturity/devops-maturity-action@v1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
cli-version: '0.1.0' # pin CLI version