How to Use actions/github-script for API Calls in GitHub Actions
actions/github-script gives you a pre-authenticated Octokit client so you can script API calls without wiring up tokens yourself.
Write JavaScript in the script: input. The github object is an authenticated Octokit, and context carries event data. Grant only the permissions the calls need.
Steps
- Add
actions/github-script@v7and put JS inscript:. - Call
github.rest.*(REST) orgithub.graphql(GraphQL). - Grant matching
permissions:(e.g.issues: write).
Workflow
.github/workflows/ci.yml
permissions:
issues: write
jobs:
triage:
runs-on: ubuntu-latest
steps:
- uses: actions/github-script@v7
with:
script: |
await github.rest.issues.addLabels({
owner: context.repo.owner,
repo: context.repo.repo,
issue_number: context.issue.number,
labels: ['needs-triage']
})Gotchas
- The built-in
GITHUB_TOKENcannot trigger further workflow runs; use a PAT if you need that. - Return a value to expose it as the step output
result.
Related guides
How to Run a Node.js Script in GitHub ActionsRun a Node.js script in GitHub Actions with actions/setup-node, installing dependencies with npm ci, then inv…
How to Pass Secrets to a Script Safely in GitHub ActionsPass a GitHub Actions secret into a script through the step env instead of the command line, so the value sta…