This repo contains a GitHub Actions workflow that uses the ai-action/ollama-action to run an agent which can suggest commands to run against this repository. For demo purposes the agent will return dummy upgrade commands defined in agent-config.json or in its generated response.
Usage:
- Trigger the workflow via
Actions -> Ollama Agent Runner -> Run workflow(workflow_dispatch), or send arepository_dispatchevent. - The action will call the Ollama model, save the JSON response to
agent_response.json, and runscripts/execute_commands.pyto execute suggested commands.
Files added:
.github/workflows/ollama-agent.yml- workflow that runs the agent.agent-config.json- configuration withworking_dirandcommandslist.scripts/execute_commands.py- reads the agent response and executes commands, writingagent_run_results.json.
You may edit agent-config.json to point to a different folder or change the dummy commands.
Triggering via repository_dispatch
-
A
repository_dispatchevent can start the workflow. Example methods: -
Using the
ghCLI (recommended if authenticated):
gh api --method POST /repos/scottscott/agent-ollama/dispatches \
-f event_type=run-ollama-agent \
-f client_payload='{ "reason": "manual-test" }'- Using
curlwith a token inGITHUB_TOKENorPERSONAL_TOKENenv var:
export PERSONAL_TOKEN="<your_token_with_repo_scope>"
export OWNER=scottscott
export REPO=agent-ollama
curl -X POST "https://api.github.com/repos/$OWNER/$REPO/dispatches" \
-H "Authorization: token $PERSONAL_TOKEN" \
-H "Accept: application/vnd.github+json" \
-d '{"event_type":"run-ollama-agent","client_payload":{"reason":"test"}}'- I added a helper script
scripts/trigger_dispatch.shthat will useghif available orcurlwithGITHUB_TOKEN/PERSONAL_TOKEN.
Storing and using your token (quick steps)
-
After creating the fine-grained token in GitHub, store it as a repository secret:
- Go to https://github.com/scottscott/agent-ollama -> Settings -> Secrets and variables -> Actions -> New repository secret.
- Name it
PERSONAL_TOKENand paste the token value, then save.
-
To run the trigger locally using that token (one-off):
# export the token into your shell for the current session
export PERSONAL_TOKEN="$PERSONAL_TOKEN"
# run the helper (script will pick up PERSONAL_TOKEN)
bash scripts/trigger_dispatch.sh- To let a workflow step use the secret, reference it in the workflow step's
env:
env:
PERSONAL_TOKEN: ${{ secrets.PERSONAL_TOKEN }}
run: bash scripts/trigger_dispatch.shSecurity note: Keep tokens in repository secrets (or GitHub's secret manager), not in plaintext files or command history. Use a fine-grained token limited to this repository where possible.
Run Ollama locally (self-hosted runner)
If you want the model to run on your local machine (so it doesn't spin up on GitHub-hosted runners), use a self-hosted runner with Ollama installed.
- Install Ollama on your machine following https://ollama.com/docs.
- Register a self-hosted runner for this repository: GitHub -> Settings -> Actions -> Runners -> Add runner. During registration add the label
ollama(or edit the runner labels later). - On your machine, ensure the runner service is running and that Ollama can be invoked by the runner user.
- Trigger the workflow
Ollama Agent (Self-hosted)from the Actions tab or viarepository_dispatch. It will run on your self-hosted runner (labelollama) and use the local Ollama installation.
Notes:
- The repository includes
.github/workflows/ollama-agent-selfhosted.ymlwhich is configured to run onruns-on: [self-hosted, linux, ollama]. - Use a smaller model for quick tests (change
model: tinyllamain the workflow) while verifying behavior.
Quick notes on safety, PR flow, and CI
-
Allowlist & validation:
agent-config.jsonmay include anallowlistarray of regex patterns. The runner scriptscripts/execute_commands.pysupports two modes:validate— checks agent-suggested commands against the allowlist and writesagent_run_results.jsonwith the validation details.execute— runs only the commands that match the allowlist and marks skipped commands.
-
Approval-gated self-hosted run: the self-hosted workflow now separates
prepare(run agent + validate) andexecute(post-approval) jobs. To require manual approval create a repositoryenvironmentnamedagent-approval(Settings → Environments) and add required reviewers or protection rules. When a run reaches theexecutejob, GitHub will pause and request approval from the configured reviewers. -
PR-based proposal workflow: instead of executing changes, the workflow
.github/workflows/ollama-agent-pr.ymlcan run the agent and open a proposal PR withAGENT_PROPOSAL.mdso humans can review and merge changes. -
CI for the repo: a CI workflow runs unit tests under
.github/workflows/ci.yml. To run tests locally:
python3 -m unittest discover -v testsThe contents of this Repository were built with AI Coding assistants.