Repository files navigation

This sample app showcases how webhooks can be used with a GitHub App's installation token to create a bot that responds to issues. Code usesoctokit.js.

• Node.js 20 or higher
• A GitHub App subscribed toPull Request events and with the following permissions:
  • Pull requests: Read & write
  • Metadata: Read-only
• (For local development) A tunnel to expose your local server to the internet (e.g.smee,ngrok orcloudflared)
• Your GitHub App Webhook must be configured to receive events at a URL that is accessible from the internet.

1. Clone this repository.
2. Create a.env file similar to.env.example and set actual values. If you are using GitHub Enterprise Server, also include aENTERPRISE_HOSTNAME variable and set the value to the name of your GitHub Enterprise Server instance.
3. Install dependencies withnpm install.
4. Start the server withnpm run server.
5. Ensure your server is reachable from the internet.
   • If you're usingsmee, runsmee -u <smee_url> -t http://localhost:3000/api/webhook.
6. Ensure your GitHub App includes at least one repository on its installations.

With your server running, you can now create a pull request on any repository thatyour app can access. GitHub will emit apull_request.opened event and will deliverthe corresponding Webhookpayload to your server.

The server in this example listens forpull_request.opened events and acts onthem by creating a comment on the pull request, with the message inmessage.md,using theoctokit.js rest methods.

To keep things simple, this example reads theGITHUB_APP_PRIVATE_KEY from theenvironment. A more secure and recommended approach is to use a secrets management systemlikeVault, or one offeredby major cloud providers:Azure Key Vault,AWS Secrets Manager,Google Secret Manager,etc.