How to Automate GitHub Data Export (No API Required)
Mar 2
Featured Answer:
GitHub is used for source control and CI/CD. Browser automation provides CI/CD admin, review workflows, and repo governance when API access is limited or UI-based.
Table of Contents
Introduction
GitHub is used for source control, pull requests, Actions (CI/CD), and repository governance. While GitHub offers REST and GraphQL APIs, browser automation provides a powerful solution for CI/CD admin tasks, code review workflows, and repo governance when direct API access is limited or when teams rely on the GitHub web UI.
Why Use Browser Automation for GitHub?
- Limited API Access: GitHub API scope and rate limits can restrict bulk or UI-only operations
- CI/CD Admin: Configure Actions workflows, secrets, environments, and deployment settings from the web when API or config-as-code is restricted
- Reviews: Triage PRs, run review checklists, merge or close from the UI when automation rules or API are not enough
- Repo Governance: Manage branch protection, rulesets, repo settings, and team permissions from the portal
- UI-Only Features: Many settings, insights, and security views are easiest via the web interface
- Cross-Org and Cross-Repo: Operate across organizations and repositories in one browser session
- Audit and Compliance: Export activity, audit logs, and settings for governance reviews
Setting Up GitHub Automation
Here's how to automate CI/CD admin, reviews, and repo governance in GitHub using browser automation:
import { chromium } from 'playwright';
const response = await fetch("https://api.anchorbrowser.io/api/sessions", {
method: "POST",
headers: {
"anchor-api-key": "YOUR_API_KEY",
"Content-Type": "application/json",
},
body: JSON.stringify({
'headless': false,
'proxy': { 'type': 'residential', 'country': 'US' }
}),
});
const { id } = await response.json();
const connectionString = `wss://connect.anchorbrowser.io?apiKey=YOUR_API_KEY&sessionId=${id}`;
const browser = await chromium.connectOverCDP(connectionString);
const context = browser.contexts()[0];
const ai = context.serviceWorkers()[0];
const page = context.pages()[0];
await page.goto("https://github.com");
await ai.evaluate(JSON.stringify({
prompt: 'Log in to GitHub using the provided credentials. Complete SSO or 2FA if required and wait for the home or dashboard to load.'
}));
Use Case 1: CI/CD Admin
Configure Actions, secrets, and environments from the GitHub web UI:
const runCicdAdmin = async (page, ai, criteria) => {
await ai.evaluate(JSON.stringify({
prompt: `Navigate to repository ${criteria.repo || 'current'}. Open Actions > Settings or Settings > Secrets and variables.`
}));
await ai.evaluate(JSON.stringify({
prompt: criteria.action === 'secrets'
? `Manage secrets/variables: add or list (do not read secret values). Scope: ${criteria.scope || 'repo'}.`
: `Configure workflow or environment: ${criteria.config || 'view current'}. Do not expose secrets in output.`
}));
await page.waitForLoadState('networkidle');
const result = await ai.evaluate(JSON.stringify({
prompt: 'Return a short summary: what was configured or listed. As JSON: { action, scope, completedAt }. No secret values.'
}));
return { ...JSON.parse(result), completedAt: new Date().toISOString() };
};
Use Case 2: Reviews
Triage and process pull requests from the web UI:
const runReviewTasks = async (page, ai, criteria) => {
await ai.evaluate(JSON.stringify({
prompt: `Navigate to repository ${criteria.repo || 'current'}. Open Pull requests. Apply filter: ${criteria.filter || 'open'}.`
}));
await page.waitForLoadState('networkidle');
await ai.evaluate(JSON.stringify({
prompt: criteria.action === 'merge'
? `For PRs matching ${criteria.branch || 'main'}: open each, ensure checks pass, then merge (squash/merge as specified). Do not merge without required reviews if enforced.`
: `List PR summary: number, title, author, status. Return as JSON array. Or add review comment/approve as specified.`
}));
await page.waitForLoadState('networkidle');
const summary = await ai.evaluate(JSON.stringify({
prompt: 'Return JSON: { processed: number, action: string }.'
}));
return { ...JSON.parse(summary), completedAt: new Date().toISOString() };
};
Use Case 3: Repo Governance
Manage branch protection, rulesets, and repository settings:
const runRepoGovernance = async (page, ai, criteria) => {
await ai.evaluate(JSON.stringify({
prompt: `Navigate to repository ${criteria.repo || 'current'} > Settings. Open Branches (protection) or Rules (rulesets).`
}));
await ai.evaluate(JSON.stringify({
prompt: criteria.action === 'audit'
? 'Extract current branch protection and rules: branch patterns, required reviews, status checks. Return as structured JSON.'
: `Apply change: ${criteria.change || 'read only'}. E.g. add/update rule for branch ${criteria.branchPattern || 'main'}. Save.`
}));
await page.waitForLoadState('networkidle');
const result = await ai.evaluate(JSON.stringify({
prompt: 'Return summary: rules updated or current config. As JSON. No secrets.'
}));
return { result: typeof result === 'string' ? JSON.parse(result) : result, completedAt: new Date().toISOString() };
};
Exporting Activity and Audit Data
Pull audit log and activity data for compliance:
const exportGitHubActivity = async (page, ai, scope) => {
await ai.evaluate(JSON.stringify({
prompt: scope === 'org'
? 'Navigate to Organization > Settings > Audit log. Set date range. Export or copy audit events.'
: 'Navigate to repository Insights or Actions runs. Export or extract run history. Wait for download if available.'
}));
const download = await page.waitForEvent('download', { timeout: 20000 }).catch(() => null);
return download ? await download.path() : null;
};
Best Practices for GitHub Automation
- Security: Use fine-grained or least-privilege tokens; never log secrets or tokens; respect GitHub ToS
- CI/CD Admin: Prefer workflow files and API where possible; use browser for one-off or UI-only config
- Reviews: Respect branch protection and required reviews; do not bypass approval rules
- Repo Governance: Audit before bulk rule changes; use automation for read/export first
- Rate Limits: Add delays between actions to stay within GitHub rate limits
- Error Handling: Retry on session timeout; handle 2FA and SAML gracefully
- Compliance: Align automation with your org's GitHub and security policies
Handling Authentication
GitHub supports password, 2FA, and often SAML SSO:
const handleGitHubAuth = async (page, ai, credentials) => {
await page.goto("https://github.com/login");
await ai.evaluate(JSON.stringify({
prompt: `Sign in with username ${credentials.username} and password. If SAML SSO is required, complete org SSO.`
}));
await ai.evaluate(JSON.stringify({
prompt: 'If 2FA is required, enter code from app or device. Wait for GitHub home or repo list to load.'
}));
await page.waitForLoadState('networkidle');
};
Resources
- Anchor Browser Documentation - API reference and guides
- Anchor Browser Playground - Try browser automation in your browser
Conclusion
Browser automation provides a flexible alternative to API access for GitHub DevOps workflows. By using intelligent browser agents, you can automate CI/CD admin, review triage and merge, and repo governance tasks directly from the GitHub web UI. Whether you need to configure Actions and secrets, process pull requests, or manage branch protection and rulesets, browser automation enables efficient DevOps when API access is limited or when teams work in the portal.
Start automating your GitHub CI/CD admin, reviews, and repo governance today.
