← All docs

GitHub Action

Run MigrationPilot as a GitHub Action to catch unsafe migrations in pull requests.

Basic Setup

Add MigrationPilot to your GitHub Actions workflow to automatically analyze migration files on every pull request:

# .github/workflows/migration-check.yml
name: Migration Safety Check
on:
  pull_request:
    paths:
      - 'migrations/**'

permissions:
  contents: read
  pull-requests: write

jobs:
  check:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: mickelsamuel/migrationpilot@v1
        with:
          path: migrations/
          fail-on: critical

Action Inputs

The GitHub Action supports the following inputs:

- uses: mickelsamuel/migrationpilot@v1
  with:
    # Path to migration files (required)
    path: migrations/

    # Glob pattern for SQL files (default: **/*.sql)
    pattern: "V*.sql"

    # Target PostgreSQL version (default: 17)
    pg-version: "16"

    # Fail threshold: critical, warning, never (default: critical)
    fail-on: critical

    # Production database URL for context (Pro tier)
    database-url: ${{ secrets.DATABASE_URL }}

    # License key for Pro features
    license-key: ${{ secrets.MIGRATIONPILOT_LICENSE }}

    # Comma-separated rules to exclude
    exclude: "MP037,MP041"

    # SARIF file output path
    sarif-file: results.sarif

PR Comment Output

MigrationPilot automatically posts a comment on the pull request with a summary of findings. The comment includes risk level, violation details with severity, lock types, and safe alternatives. Comments are updated on subsequent pushes rather than duplicated.

SARIF Integration

Upload SARIF results to GitHub Code Scanning for inline annotations:

- uses: mickelsamuel/migrationpilot@v1
  with:
    path: migrations/
    sarif-file: results.sarif

- uses: github/codeql-action/upload-sarif@v3
  if: always()
  with:
    sarif_file: results.sarif

Production Context (Pro)

With a Pro license, the Action can connect to your database to check table sizes, query patterns, and connection counts for context-aware analysis:

- uses: mickelsamuel/migrationpilot@v1
  with:
    path: migrations/
    database-url: ${{ secrets.DATABASE_URL }}
    license-key: ${{ secrets.MIGRATIONPILOT_LICENSE }}