Guide

CI/CD

Run MoiAgent agents in automated pipelines using API tokens for non-interactive authentication.

In CI/CD environments, use API tokens instead of moi login. Create a token, set it as an environment variable, and run agents non-interactively.

Creating an API Token

Via CLI

Terminal
$moi tokens create --name "GitHub Actions" --expires 1y

Via Dashboard

Account → Tokens → Create Token

Save your auth token

The auth token is displayed only once. Copy it immediately and store securely.

Using the Auth Token

Set the MOI_TOKEN environment variable. The CLI will use it automatically instead of interactive login.

Terminal
$export MOI_TOKEN=moi_xxxxxxxxxxxxx
$moi acme/deploy-checker "Verify deployment is healthy"

GitHub Actions

Add your auth token as a repository secret, then use it in workflows:

.github/workflows/notify.yml
name: Slack Notification

on:
  push:
    branches: [main]

jobs:
  notify:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-node@v4
        with:
          node-version: '20'

      - name: Install MoiAgent CLI
        run: npm install -g moiagent-cli

      - name: Notify Slack
        env:
          MOI_TOKEN: ${{ secrets.MOI_TOKEN }}
        run: |
          moi acme/slack-notifier "Deployed ${{ github.sha }} to production"

Adding the Secret

1

Repository Settings

Go to your repository → Settings → Secrets and variables → Actions

2

Create Secret

Click "New repository secret", name it MOI_TOKEN, and paste your auth token

Other CI Systems

🦊GitLab CI
slack-notify:
  image: node:20
  stage: deploy
  before_script:
    - npm install -g moiagent-cli
  script:
    - moi acme/slack-notifier "Deployed $CI_COMMIT_SHA to production"
  variables:
    MOI_TOKEN: $MOI_TOKEN
🤵Jenkins
pipeline {
    agent any
    environment {
        MOI_TOKEN = credentials('moiagent-token')
    }
    stages {
        stage('Notify') {
            steps {
                sh 'npm install -g moiagent-cli'
                sh 'moi acme/slack-notifier "Build completed for ${env.BUILD_NUMBER}"'
            }
        }
    }
}

Common Use Cases

Slack Notify

moi acme/slack-notifier Deployed version ${{ github.sha }}

Create Issue

moi acme/issue-creator Bug found in checkout flow

Deploy Check

moi acme/deploy-checker Verify https://staging.example.com

Auth Token Best Practices

Use descriptive names

"GitHub Actions - acme/main" helps track usage

Set appropriate expiration

Shorter for high-security environments (90 days)

One auth token per pipeline

Easier to revoke without affecting others

Rotate regularly

Replace auth tokens periodically, even if not expired

Never commit auth tokens

Always use CI/CD secrets management

Use environment variables

Set MOI_TOKEN, don't pass as command argument

Exit Codes

Check exit codes to handle failures in your pipeline:

0Success
1Error
2Auth failed
3Not found
4Quota exceeded
Example: Handling errors
- name: Run agent
  env:
    MOI_TOKEN: ${{ secrets.MOI_TOKEN }}
  run: |
    if moi acme/validator "Check the code"; then
      echo "Validation passed"
    else
      echo "Validation failed"
      exit 1
    fi

Managing Auth Tokens

List and revoke auth tokens via CLI:

Terminal
$moi tokens
$moi tokens revoke tok_xxxxxxxx

Or manage in the dashboard.

← CLIAll Docs