Integrations

GitHub Actions

Use the official ContractHQ GitHub Action to automatically validate data contracts on every pull request. Violations block the merge and the built-in PR bot posts a detailed comment explaining what broke and how to fix it.

How It Works

Step 01
🔀

PR Opened / Updated

Any PR that modifies a file under contracts/ triggers the workflow.

Step 02
🔍

Validate Contracts

The Action diffs changed contracts against your warehouse and runs all checks.

Step 03
🤖

Bot Comments + Status

Results are posted as a PR comment. Errors set the check to failed.

Step 1 — Add the Repository Secret

Generate a ContractHQ API key with validations:run scope and add it to your GitHub repository:

  1. Go to Repository → Settings → Secrets and variables → Actions.
  2. Click New repository secret.
  3. Name it CONTRACTHQ_TOKEN.
  4. Paste your API key and save.

Step 2 — Add the Workflow File

Create .github/workflows/contracthq.yml in your repository:

.github/workflows/contracthq.yml
name: Contract Validation

on:
  pull_request:
    paths:
      - 'contracts/**'

jobs:
  validate:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      pull-requests: write  # needed for PR bot comments
    steps:
      - uses: actions/checkout@v4

      - name: Validate Data Contracts
        uses: contracthq/action@v2
        with:
          token: ${{ secrets.CONTRACTHQ_TOKEN }}
          contracts-path: contracts/
          post-comment: true
          fail-on-error: true

Action Inputs Reference

InputRequiredDefaultDescription
tokenYes—ContractHQ API key from repository secrets.
contracts-pathNocontracts/Path to the contracts directory.
post-commentNotruePost a summary comment on the PR.
fail-on-errorNotrueFail the workflow step on contract errors.
fail-on-warningNofalseAlso fail on severity: warning checks.
changed-onlyNotrueOnly validate contracts changed in the PR.

Example PR Bot Comment

C
contracthq-botjust now
📋 Contract Validation Report
✔ contracts/user_signups.yml — 3 checks passed
✖ contracts/orders.yml — 1 error
ERROR: Field amount changed type from integer to float. This is a breaking change — bump MAJOR version and notify consumers.
ℹī¸
The PR bot comment is updated (not duplicated) on every new push. You will always see the latest validation results at the top of the comment thread.

Enforcing with Branch Protection

To hard-block merges on contract failures, add the workflow check to your branch protection rules:

  1. Go to Repository → Settings → Branches.
  2. Edit the protection rule for main (or master).
  3. Under Require status checks to pass, search for validate.
  4. Enable Require branches to be up to date and save.
💡
Combine with CODEOWNERS to require approval from the data platform team on any file under contracts/ — ensuring human review alongside automated checks.
← Snowflake