How to Audit Environment Deployments in GitHub Actions
Every environment keeps a deployment history you can read on the Environments page or query with the gh CLI.
Open the repository Environments page for an interactive history, or query the Deployments API with gh api to list deployments, their creator, ref, and status for a given environment.
Steps
- Open Settings to Environments to view the deployment history per target.
- Query the Deployments API with
gh apifor a scriptable audit. - Filter by
environmentto see only that target deployments.
Workflow
.github/workflows/ci.yml
jobs:
audit:
runs-on: ubuntu-latest
steps:
- run: |
gh api "repos/${{ github.repository }}/deployments?environment=production" \
--jq '.[] | {id, ref, creator: .creator.login, created_at}'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}Gotchas
- Each deployment also carries deployment statuses; query them for the success or failure record.
- Reading deployments only needs the default GITHUB_TOKEN with
contents: read.
Related guides
How to Configure an Environment URL in GitHub ActionsAttach a live URL to a GitHub Actions deployment with the environment url key, so the deployment shows a clic…
How to Promote a Build Through Dev, Staging, and Prod in GitHub ActionsPromote a single GitHub Actions build artifact through dev, staging, and production with chained jobs that sh…