How to post GitHub releases to LinkedIn
Three honest paths for getting GitHub releases onto LinkedIn: manual, a DIY automation against the LinkedIn API, and a release-native tool. With a realistic DIY sketch and where it breaks.
What this solves
Someone wants to get GitHub releases onto LinkedIn and is trying to decide between doing it manually, building automation, or using a tool.
How S2P helps
Understand the three real paths from a GitHub release to a LinkedIn post, including a realistic DIY sketch, and pick the one that fits your team.
Key takeaways
- There is no simple official GitHub Action for LinkedIn; DIY means handling LinkedIn OAuth yourself.
- Manual posting is fine at low volume but the rewriting cost grows with cadence.
- A DIY automation is buildable but the auth and approval gaps are real engineering.
- A release-native tool removes the OAuth burden and adds drafting plus approval.
Section 1
Three honest paths
Getting a release onto LinkedIn is easy to describe and surprisingly fiddly to automate. The honest answer is that there are three paths, and which one wins depends entirely on your volume and your tolerance for maintaining auth.
The first path is manual: when you cut a release, you open LinkedIn, rewrite the release notes into a human post, and publish. The second is DIY automation: a GitHub Action fires on the release event, calls the LinkedIn API, and posts. The third is a release-native tool that connects GitHub and LinkedIn, drafts the post for you, and routes it for approval. All three are legitimate; they just trade off differently between effort up front and effort per release.
The detail that surprises people is that LinkedIn is the hardest of the major channels to automate yourself. Unlike Discord, there is no simple webhook URL, and unlike some platforms there is no blessed, maintained official GitHub Action that just works. LinkedIn posting goes through their API, which requires an OAuth app, the right permission scopes, and token handling. That is not a reason to avoid automation; it is the reason to be clear-eyed about which path you are signing up for.
So the framing for the rest of this guide is practical. We will cover the manual path quickly because it is genuinely fine at low volume, sketch a realistic DIY automation so you can see exactly what you would be maintaining, and then explain where a release-native tool earns its keep. No path is universally right - the goal is to help you pick the one that matches how often you ship.
- Manual: rewrite release notes into a post and publish by hand.
- DIY: a GitHub Action calls the LinkedIn API on the release event.
- Tool: a release-native product drafts and routes for approval.
- LinkedIn has no simple webhook and no blessed official Action.
Section 2
Path 1: the manual way (and why it is fine at first)
Do not over-engineer a problem you have twice a month. Manual posting is the correct default until the rewriting cost starts to hurt.
The manual path is straightforward. When you publish a release, you read the release notes, translate the changes into user value, write a LinkedIn post in your own voice, and publish it. LinkedIn rewards the business framing - who this helps and why it matters - so the rewrite is real work, not a copy-paste. For a team that ships a meaningful, LinkedIn-worthy release every couple of weeks, this is completely reasonable and arguably better than automation, because every post gets full human attention.
The reason manual posting breaks down is cadence, not difficulty. If you ship weekly or more, the context switch starts to bite: you have to remember to do it, open the blank composer, re-read the release, and rewrite it, every single time. That friction is precisely what makes release marketing quietly stop happening on busy sprints. The post that never gets written is the most common failure mode, and it is invisible because nothing breaks - the work just silently does not ship.
So treat the manual path as the honest starting point and watch for the signal that it is time to automate: you are skipping posts you meant to write, or the rewriting is eating time you would rather spend building. When that signal arrives, you have two automation options, and the next sections cover both with their real trade-offs.
- Manual posting is the right default at low volume.
- The rewrite is real work because LinkedIn wants business framing.
- It breaks down on cadence, not difficulty.
- The signal to automate: you keep skipping posts you meant to write.
Section 3
Path 2: the DIY automation (a realistic sketch)
You can build this. Here is an honest sketch of what it takes, including the part everyone underestimates: LinkedIn OAuth.
A DIY automation runs in GitHub Actions and triggers on the release event. The workflow grabs the release notes from the event payload, optionally reshapes them, and makes an authenticated POST to LinkedIn's posts API. The YAML trigger and the HTTP call are the easy 20 percent. The hard 80 percent is authentication: LinkedIn posting requires an OAuth 2.0 app with the correct scopes, a member or organization URN to post as, and an access token that you have to obtain and refresh. Tokens are not permanent, so a fire-and-forget secret will eventually stop working.
Below is a realistic GitHub Actions sketch. It is deliberately honest about the hard part: it assumes you have already done the OAuth dance out of band and stored a valid access token and your author URN as repository secrets. Getting those two values is the actual project - creating the app, requesting the posting permissions, walking the OAuth flow to mint a token, and building something to refresh it before it expires. The workflow itself is short; the auth scaffolding behind the access token is where the real time goes.
Be clear-eyed about what this sketch does not give you. There is no approval step, so whatever the workflow builds goes straight to your company page with no human reading it first. There is no drafting intelligence, so you either post the raw release notes or write your own templating. There is no retry or status visibility if LinkedIn returns an error, no record of which release produced which post, and no easy way for a non-engineer to change the copy without editing CI. For an internal experiment that is fine. For your public brand channel, those gaps are exactly the things that make people nervous.
.github/workflows/linkedin-on-release.yml
name: Post release to LinkedIn
on:
release:
types: [published]
jobs:
post:
runs-on: ubuntu-latest
steps:
- name: Post to LinkedIn
env:
# The hard part: you obtain these via a LinkedIn OAuth app
# with the right scopes, then refresh the token before it
# expires. This workflow assumes they already exist.
TOKEN: ${{ secrets.LINKEDIN_ACCESS_TOKEN }}
AUTHOR_URN: ${{ secrets.LINKEDIN_AUTHOR_URN }}
NAME: ${{ github.event.release.name }}
run: |
curl -sS -X POST https://api.linkedin.com/v2/ugcPosts \
-H "Authorization: Bearer $TOKEN" \
-H "X-Restli-Protocol-Version: 2.0.0" \
-H "Content-Type: application/json" \
-d "{
\"author\": \"$AUTHOR_URN\",
\"lifecycleState\": \"PUBLISHED\",
\"specificContent\": {
\"com.linkedin.ugc.ShareContent\": {
\"shareCommentary\": { \"text\": \"Shipped $NAME\" },
\"shareMediaCategory\": \"NONE\"
}
},
\"visibility\": {
\"com.linkedin.ugc.MemberNetworkVisibility\": \"PUBLIC\"
}
}"Section 4
Where the DIY path breaks
The workflow is twenty lines. The maintenance is the project. Be honest with yourself about which one you are actually signing up for.
The single biggest gap is auth lifecycle. LinkedIn access tokens expire, so a working DIY setup needs something that refreshes the token on a schedule and handles the case where a refresh fails. The day that breaks, your release automation silently stops and you usually find out because someone notices the posts stopped, not because anything alerted you. Maintaining OAuth for a third-party API is a small but real ongoing engineering responsibility, not a one-time setup.
The second gap is everything around the post that makes it safe for a brand. There is no approval queue, so a bad or premature release note goes public instantly. There is no channel-native drafting, so you either ship the raw markdown of your release body - which looks wrong on LinkedIn - or you build and maintain your own templating logic. There is no retry on failure, no audit trail tying a post to its release, and no way for a marketer to tweak the copy without touching CI. Each of these is buildable; together they are a product, not a script.
This is not an argument against DIY. If you have one repo, one LinkedIn page, an engineer who enjoys this, and a tolerance for occasional silent breakage, a custom workflow is a legitimate choice. It is an argument for honesty about the cost. The reason teams reach for a tool is not that the curl call is hard - it is that the auth lifecycle and the brand-safety layer around it are the actual work, and that work never ends.
- Token expiry means you must build and maintain a refresh path.
- No approval queue: a bad release note goes public instantly.
- No channel-native drafting: raw markdown looks wrong on LinkedIn.
- No retries, audit trail, or non-engineer editing without touching CI.
Section 5
Path 3: the release-native tool path
The point of a tool is not to make the API call. It is to make the auth lifecycle and the approval layer someone else's problem.
A release-native tool inverts the trade-off. Instead of paying a small cost per release plus an ongoing maintenance cost, you do a one-time connection and the per-release cost drops toward a quick approval click. S2P connects to your GitHub repository and to LinkedIn through a managed OAuth connection, so the token lifecycle - obtaining, storing securely, and refreshing - is handled for you rather than living in your CI secrets. When you cut a release, it drafts a LinkedIn post from the release notes in your brand voice and routes it for approval before anything publishes.
That approval step is the substantive difference, not a nicety. Public brand channels need a human to confirm the post is accurate, on-message, and free of internal phrasing before it goes live, and the DIY path has nowhere for that human to stand. With a tool, the release fires the draft, a person reads and edits it in seconds, and only then does it publish - with a record tying the post back to the release that created it. You keep editorial control; you lose the blank page, the copy-paste, and the OAuth babysitting.
The honest comparison is the same one this whole guide makes. If you ship rarely, post by hand. If you want full control and have an engineer who will own the auth lifecycle forever, build the DIY workflow. If posting releases to LinkedIn is a recurring part of how you grow and you would rather not maintain a LinkedIn OAuth app, a release-native tool is the path that stays cheap as your cadence increases. The deeper trade-off between building on GitHub Actions and using a tool is laid out in the GitHub Actions versus S2P comparison.
- Managed OAuth means no token-refresh maintenance in your CI.
- Drafts a channel-native LinkedIn post from the release notes.
- Approval before publishing keeps the brand channel safe.
- Per-release cost drops to a quick review as your cadence grows.
FAQ
Questions this article answers
Is there an official GitHub Action to post to LinkedIn?
There is no simple, blessed official GitHub Action for LinkedIn the way there is a webhook for Discord. Posting to LinkedIn goes through their API, which requires an OAuth 2.0 app, the correct scopes, an author URN, and token handling. Community actions exist, but you are still responsible for the auth lifecycle.
Can I post GitHub releases to LinkedIn automatically?
Yes, by either building a DIY GitHub Action that calls the LinkedIn API or using a release-native tool. The DIY path is real engineering because LinkedIn requires OAuth and token refresh, with no approval or drafting built in. A tool like S2P handles the managed connection, drafts the post, and routes it for approval.
Why is automating LinkedIn harder than Discord?
Discord lets you POST a message to a webhook URL with no auth dance, so a DIY recipe is genuinely simple. LinkedIn has no such webhook. It requires an OAuth app, posting permissions, an author URN, and access tokens that expire and must be refreshed, which makes the DIY path significantly more work to build and maintain.
Should I just post GitHub releases to LinkedIn manually?
At low volume, yes. If you ship a LinkedIn-worthy release every couple of weeks, posting by hand gives each post full attention and avoids maintaining any automation. The signal that it is time to automate is when you keep skipping posts you meant to write or the rewriting starts eating time you would rather spend building.
What does a tool add over a DIY LinkedIn script?
It removes the OAuth maintenance, drafts a channel-native post from the release notes instead of dumping raw markdown, and adds an approval step so a human confirms the post before it goes public. It also gives you retries, status, and an audit trail tying each post to its release, which a short script does not.
Will the DIY automation break over time?
It can, mainly because LinkedIn access tokens expire. A durable DIY setup needs a token-refresh path and handling for refresh failures, otherwise the automation stops silently and you find out only when the posts stop appearing. This ongoing auth lifecycle is the main reason teams move from a script to a managed tool.
Related guides and pages
Where to go next
Hand-picked pages that go deeper on the workflow, channels, and tooling covered above.
