Skip to content
Latchkey

How to Audit Environment Deployments in GitHub Actions

Every environment keeps a deployment history you can read on the Environments page or query with the gh CLI.

Open the repository Environments page for an interactive history, or query the Deployments API with gh api to list deployments, their creator, ref, and status for a given environment.

Steps

  • Open Settings to Environments to view the deployment history per target.
  • Query the Deployments API with gh api for a scriptable audit.
  • Filter by environment to see only that target deployments.

Workflow

.github/workflows/ci.yml
jobs:
  audit:
    runs-on: ubuntu-latest
    steps:
      - run: |
          gh api "repos/${{ github.repository }}/deployments?environment=production" \
            --jq '.[] | {id, ref, creator: .creator.login, created_at}'
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Gotchas

  • Each deployment also carries deployment statuses; query them for the success or failure record.
  • Reading deployments only needs the default GITHUB_TOKEN with contents: read.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →