Recently autodev.yml is renamed to devbird.yml because the product is
rebranded. But for backward compatibility, autodev.yml will just work as
before.
Prerequisites
Before you begin, ensure you have:
- Completed the GitHub App installation
- Admin or write access to your repository
- Required secrets configured in your GitHub repository
Setting up the workflow
Follow these steps to add the DevBird workflow to your repository:
1. Create the workflow file
Create a new file at .github/workflows/devbird.yml in your repository.
2. Add the workflow configuration
Copy the following YAML configuration into the file:
name: "DevBird"
run-name: "DevBird: ${{ inputs.task_title }}"
on:
workflow_dispatch:
inputs:
prompt:
description: "Instructions for DevBird. Can be a direct prompt or custom template."
type: string
required: true
base_branch:
description: "The branch to use as the base/source when creating new branches (defaults to repository default branch)"
type: string
required: false
default: "main"
agent:
description: "The agent to use for the action. Can be 'claude_code', 'gemini_cli', 'codex_cli' or 'opencode'"
type: choice
default: "claude_code"
options:
- claude_code
- gemini_cli
- codex_cli
- opencode
- crush_cli
- github_copilot_cli
agent_model:
description: "The (optional) model to use for the agent"
type: string
required: false
default: ""
devbird_workflow_execution_token:
description: "The token to use for the DevBird task"
type: string
required: false
default: ""
devbird_mode:
description: "The DevBird execution mode. Can be 'develop' (default) or 'plan' (for task graph planning)"
type: choice
default: "develop"
options:
- develop
- plan
task_title:
description: "The title of the DevBird task"
type: string
required: false
default: ""
jobs:
devbird:
runs-on: ubuntu-latest
env:
DEVBIRD: 1
permissions:
contents: write
pull-requests: write
issues: write
id-token: write
actions: read # Required for Claude to read CI results on PRs
steps:
- name: Checkout code
uses: actions/checkout@v5
# Setup step.
# See next section for the documentation
# - name: Setup Node.js
# uses: actions/setup-node
- name: Run DevBird
uses: delinoio/devbird-action@main
with:
agent: ${{ inputs.agent }}
agent_model: ${{ inputs.agent_model }}
devbird_mode: ${{ inputs.devbird_mode }}
devbird_workflow_execution_token: ${{ inputs.devbird_workflow_execution_token }}
prompt: ${{ inputs.prompt }}
base_branch: ${{ inputs.base_branch }}
delino_access_token: ${{ secrets.DELINO_ACCESS_TOKEN }}
claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }}
openai_api_key: ${{ secrets.OPENAI_API_KEY }}
3. Customize the setup steps
The workflow includes a setup step that you should customize for your repository:
- name: Setup Node.js
uses: actions/setup-node
For example, the Delino monorepo includes steps for
- installing protoc for RPC definitions
- installing golang for backend servers
- installing nodejs for next.js apps
- fetching environment variables for development environment
4. Filter environment variables for security
Security Best PracticePassing all environment variables to AI agents is not recommended. You should filter environment variables to only include those that are safe to expose.
# Filter environment variables in DevBird mode
if [ -n "${DEVBIRD:-}" ]; then
echo "DevBird mode detected - filtering environment variables to NEXT_PUBLIC_* and TEST_* only"
if [ -f ".env" ]; then
grep -E '^(NEXT_PUBLIC_|TEST_)' .env > .env.filtered || true
mv .env.filtered .env
fi
fi
.env file to only include variables with these prefixes:
NEXT_PUBLIC_: Variables that are meant to be publicly exposed (e.g., for Next.js client-side code)TEST_: Variables used for E2E testing, which have minimal security risk if leaked
The DEVBIRD environment variable (set to 1 in the workflow configuration) triggers this filtering behavior, ensuring your sensitive credentials remain protected.
You can customize the filtering pattern to match your project’s naming conventions. The key is to only expose environment variables that are safe for the AI agent to access.
6. Commit to your main branch
Commit the workflow file to your repository’s main branch:
git add .github/workflows/devbird.yml
git commit -m "Add DevBird workflow"
git push
Understanding workflow execution
Important: Workflow runs on the main branchFor security reasons, the DevBird GitHub Action always executes on your repository’s default branch (typically main). This means:
- The workflow runs from the main branch codebase
- GitHub Actions logs will show the workflow running on
main
- This is by design to prevent security vulnerabilities
The base_branch parameter controls which branch DevBird uses as the base when creating new feature branches, but the workflow execution itself always happens on the default branch.
- Malicious workflow modifications in feature branches
- Unauthorized access to repository secrets
- Tampering with the DevBird workflow configuration
Next steps
Once the workflow is set up, you can start using DevBird to automate development tasks. Learn how to trigger your first DevBird task in the Creating your first PR guide.