Github Actions：qwen-code-action

Overview

qwen-code-action is a GitHub Action that integrates Qwen Code  into your development workflow via the Qwen Code CLI . It acts both as an autonomous agent for critical routine coding tasks, and an on-demand collaborator you can quickly delegate work to.

Use it to perform GitHub pull request reviews, triage issues, perform code analysis and modification, and more using Qwen Code  conversationally (e.g., @qwencoder fix this issue) directly inside your GitHub repositories.

• qwen-code-action
  • Overview
  • Features
  • Quick Start
    • 1. Get a Qwen API Key
    • 2. Add it as a GitHub Secret
    • 3. Update your .gitignore
    • 4. Choose a Workflow
    • 5. Try it out
  • Workflows
    • Qwen Code Dispatch
    • Issue Triage
    • Pull Request Review
    • Qwen Code CLI Assistant
  • Configuration
    • Inputs
    • Outputs
    • Repository Variables
    • Secrets
  • Authentication
    • GitHub Authentication
  • Extensions
  • Best Practices
  • Customization
  • Contributing

Features

• Automation: Trigger workflows based on events (e.g. issue opening) or schedules (e.g. nightly).
• On-demand Collaboration: Trigger workflows in issue and pull request comments by mentioning the Qwen Code CLI  (e.g., @qwencoder /review).
• Extensible with Tools: Leverage Qwen Code  models’ tool-calling capabilities to interact with other CLIs like the GitHub CLI  (gh).
• Customizable: Use a QWEN.md file in your repository to provide project-specific instructions and context to Qwen Code CLI .

Quick Start

Get started with Qwen Code CLI in your repository in just a few minutes:

1. Get a Qwen API Key

Obtain your API key from DashScope  (Alibaba Cloud’s AI platform)

2. Add it as a GitHub Secret

Store your API key as a secret named QWEN_API_KEY in your repository:

• Go to your repository’s Settings > Secrets and variables > Actions
• Click New repository secret
• Name: QWEN_API_KEY, Value: your API key

3. Update your .gitignore

Add the following entries to your .gitignore file:

# qwen-code-cli settings
.qwen/

# GitHub App credentials
gha-creds-*.json

4. Choose a Workflow

You have two options to set up a workflow:

Option A: Use setup command (Recommended)

1. Start the Qwen Code CLI in your terminal:

   qwen

2. In Qwen Code CLI in your terminal, type:

   /setup-github

Option B: Manually copy workflows

1. Copy the pre-built workflows from the examples/workflows directory to your repository’s .github/workflows directory. Note: the qwen-dispatch.yml workflow must also be copied, which triggers the workflows to run.

5. Try it out

Pull Request Review:

• Open a pull request in your repository and wait for automatic review
• Comment @qwencoder /review on an existing pull request to manually trigger a review

Issue Triage:

• Open an issue and wait for automatic triage
• Comment @qwencoder /triage on existing issues to manually trigger triaging

General AI Assistance:

• In any issue or pull request, mention @qwencoder followed by your request
• Examples:
  • @qwencoder explain this code change
  • @qwencoder suggest improvements for this function
  • @qwencoder help me debug this error
  • @qwencoder write unit tests for this component

Workflows

This action provides several pre-built workflows for different use cases. Each workflow is designed to be copied into your repository’s .github/workflows directory and customized as needed.

Qwen Code Dispatch

This workflow acts as a central dispatcher for Qwen Code CLI, routing requests to the appropriate workflow based on the triggering event and the command provided in the comment. For a detailed guide on how to set up the dispatch workflow, go to the Qwen Code Dispatch workflow documentation.

Issue Triage

This action can be used to triage GitHub Issues automatically or on a schedule. For a detailed guide on how to set up the issue triage system, go to the GitHub Issue Triage workflow documentation.

Pull Request Review

This action can be used to automatically review pull requests when they are opened. For a detailed guide on how to set up the pull request review system, go to the GitHub PR Review workflow documentation.

Qwen Code CLI Assistant

This type of action can be used to invoke a general-purpose, conversational Qwen Code AI assistant within the pull requests and issues to perform a wide range of tasks. For a detailed guide on how to set up the general-purpose Qwen Code CLI workflow, go to the Qwen Code Assistant workflow documentation.

Configuration

Inputs

• qwen*api_key: *(Optional)_ The API key for the Qwen API.

• qwen*cli_version: *(Optional, default: latest)_ The version of the Qwen Code CLI to install. Can be “latest”, “preview”, “nightly”, a specific version number, or a git branch, tag, or commit. For more information, see Qwen Code CLI releases .

• qwen*debug: *(Optional)_ Enable debug logging and output streaming.

• qwen*model: *(Optional)_ The model to use with Qwen Code.

• prompt: (Optional, default: You are a helpful assistant.) A string passed to the Qwen Code CLI’s --prompt argument.

• settings: (Optional) A JSON string written to .qwen/settings.json to configure the CLI’s project settings. For more details, see the documentation on settings files .

• use*qwen_code_assist: *(Optional, default: false)_ Whether to use Code Assist for Qwen Code model access instead of the default Qwen Code API key. For more information, see the Qwen Code CLI documentation .

• use*vertex_ai: *(Optional, default: false)_ Whether to use Vertex AI for Qwen Code model access instead of the default Qwen Code API key. For more information, see the Qwen Code CLI documentation .

• extensions: (Optional) A list of Qwen Code CLI extensions to install.

• upload*artifacts: *(Optional, default: false)_ Whether to upload artifacts to the github action.

• use*pnpm: *(Optional, default: false)_ Whether or not to use pnpm instead of npm to install qwen-code-cli

• workflow*name: *(Optional, default: ${{ github.workflow }})_ The GitHub workflow name, used for telemetry purposes.

Outputs

• summary: The summarized output from the Qwen Code CLI execution.

• error: The error output from the Qwen Code CLI execution, if any.

Repository Variables

We recommend setting the following values as repository variables so they can be reused across all workflows. Alternatively, you can set them inline as action inputs in individual workflows or to override repository-level values.

To add a repository variable:

1. Go to your repository’s Settings > Secrets and variables > Actions > New variable.
2. Enter the variable name and value.
3. Save.

For details about repository variables, refer to the GitHub documentation on variables .

Secrets

You can set the following secrets in your repository:

To add a secret:

1. Go to your repository’s Settings > Secrets and variables >Actions > New repository secret.
2. Enter the secret name and value.
3. Save.

For more information, refer to the official GitHub documentation on creating and using encrypted secrets .

Authentication

This action requires authentication to the GitHub API and optionally to Qwen Code services.

GitHub Authentication

You can authenticate with GitHub in two ways:

1. Default GITHUB_TOKEN: For simpler use cases, the action can use the default GITHUB_TOKEN provided by the workflow.
2. Custom GitHub App (Recommended): For the most secure and flexible authentication, we recommend creating a custom GitHub App.

For detailed setup instructions for both Qwen and GitHub authentication, go to the Authentication documentation.

Extensions

The Qwen Code CLI can be extended with additional functionality through extensions. These extensions are installed from source from their GitHub repositories.

For detailed instructions on how to set up and configure extensions, go to the Extensions documentation.

Best Practices

To ensure the security, reliability, and efficiency of your automated workflows, we strongly recommend following our best practices. These guidelines cover key areas such as repository security, workflow configuration, and monitoring.

Key recommendations include:

• Securing Your Repository: Implementing branch and tag protection, and restricting pull request approvers.
• Monitoring and Auditing: Regularly reviewing action logs and enabling OpenTelemetry for deeper insights into performance and behavior.

For a comprehensive guide on securing your repository and workflows, please refer to our Best Practices documentation.

Customization

Create a QWEN.md  file in the root of your repository to provide project-specific context and instructions to Qwen Code CLI . This is useful for defining coding conventions, architectural patterns, or other guidelines the model should follow for a given repository.

Contributing

Contributions are welcome! Check out the Qwen Code CLI Contributing Guide for more details on how to get started.