Skip to content

Add failure notification job to deployer workflow#42

Merged
ben-dydx-ops merged 2 commits into
mainfrom
notify-filaure
Dec 11, 2025
Merged

Add failure notification job to deployer workflow#42
ben-dydx-ops merged 2 commits into
mainfrom
notify-filaure

Conversation

@ben-dydx-ops

@ben-dydx-ops ben-dydx-ops commented Dec 11, 2025

Copy link
Copy Markdown

Adds a job to notify a bot in case of deployment failure.

@ben-dydx-ops
Add failure notification job to deployer workflow
ef615d3 
Adds a job to notify a bot in case of deployment failure.
@vercel

vercel Bot commented Dec 11, 2025
edited
Loading

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
v4-web Ready Ready Preview Comment Dec 11, 2025 10:20am

github-advanced-security[bot]
github-advanced-security AI found potential problems Dec 11, 2025
View reviewed changes
Comment thread .github/workflows/deployer.yml
Comment on lines +230 to +253
runs-on: ubuntu-latest
needs: [fetch-versions, determine-if-deployment-needed, deploy]
if: failure() || cancelled()
steps:
- name: Send failure notice to deploymentPromoted bot
env:
BOT_ENDPOINT: https://deployment-promoted.vercel.app/api/deploymentPromoted
PROJECT_NAME: v4-web
LATEST_PATCH: ${{ needs.fetch-versions.outputs.latest-patch-in-line-version }}
PRODUCTION_VERSION: ${{ needs.fetch-versions.outputs.production-version }}
run: |
VERSION_PAYLOAD="$LATEST_PATCH"
if [ -z "$VERSION_PAYLOAD" ]; then
VERSION_PAYLOAD="$PRODUCTION_VERSION"
fi

curl -X POST "$BOT_ENDPOINT" \
-H "Content-Type: application/json" \
-d "$(jq -n \
--arg project "$PROJECT_NAME" \
--arg status "failed" \
--arg version "$VERSION_PAYLOAD" \
--arg workflow_run "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" \
'{project: $project, status: $status, version: $version, meta: {workflow_run: $workflow_run}}')"

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {}

Copilot Autofix

AI 6 months ago

To fix this issue, explicitly limit the permissions at the root of the workflow (.github/workflows/deployer.yml) by setting a permissions: block. Since no step in this workflow appears to require write access to repository contents, secrets, or other sensitive scopes (other than the use of a GitHub App token in the deploy job, which is handled via an app token, not the Actions default token), the safest minimal setting is to declare permissions: read-all at the workflow/root level. If finer granularity is desired, specify only those permissions required (e.g., contents: read); for most workflows, contents: read is enough, and jobs that require more can declare it themselves. For maximal security and future clarity, add the block just after the workflow name: and before the on: key.

No external dependencies or package changes are required.

Suggested changeset 1
.github/workflows/deployer.yml

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/.github/workflows/deployer.yml b/.github/workflows/deployer.yml
--- a/.github/workflows/deployer.yml
+++ b/.github/workflows/deployer.yml
@@ -1,4 +1,6 @@
 name: Deploy new upstream release to Vercel
+permissions:
+  contents: read
 
 on:
   workflow_dispatch:
EOF
@@ -1,4 +1,6 @@
name: Deploy new upstream release to Vercel
permissions:
contents: read

on:
workflow_dispatch:
Copilot is powered by AI and may make mistakes. Always verify output.
pswies
pswies approved these changes Dec 11, 2025
View reviewed changes

@pswies pswies left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM; please schedule a task to add authentication to the bot

@ben-dydx-ops ben-dydx-ops merged commit 51456ee into main Dec 11, 2025
6 of 7 checks passed
@ben-dydx-ops ben-dydx-ops deleted the notify-filaure branch December 11, 2025 11:56
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 11, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
97ba641 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 12, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
7025b1d 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
rudimocnik pushed a commit that referenced this pull request Dec 12, 2025
@ben-dydx-ops @rudimocnik
Add failure notification job to deployer workflow (#42)
497a19c 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 15, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
beb22eb 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 15, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
5ddcce1 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 15, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
aeb4068 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 16, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
a5db7aa 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 16, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
0ab01e4 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 17, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
65ae81d 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 17, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
7ac3c0f 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 18, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
dbcad5a 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 18, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
6cb02f9 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 19, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
2d18b6c 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 19, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
4b496dc 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
rudimocnik pushed a commit that referenced this pull request Dec 19, 2025
@ben-dydx-ops @rudimocnik
Add failure notification job to deployer workflow (#42)
4175e62 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 19, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
a4bbaa1 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 19, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
52675de 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Dec 26, 2025
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
5b85089 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Jan 1, 2026
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
7f58d26 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Jan 5, 2026
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
a96ce03 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
rudimocnik pushed a commit that referenced this pull request Jan 7, 2026
@ben-dydx-ops @rudimocnik
Add failure notification job to deployer workflow (#42)
8fd9ac1 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Jan 8, 2026
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
0c36a64 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
rudimocnik pushed a commit that referenced this pull request Jan 9, 2026
@ben-dydx-ops @rudimocnik
Add failure notification job to deployer workflow (#42)
0d7725e 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Jan 10, 2026
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
d50d1dd 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
rudimocnik pushed a commit that referenced this pull request Jan 13, 2026
@ben-dydx-ops @rudimocnik
Add failure notification job to deployer workflow (#42)
7b54078 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
dos-automation-bot Bot pushed a commit that referenced this pull request Jan 15, 2026
@ben-dydx-ops @hedgie-svc
Add failure notification job to deployer workflow (#42)
d98e6ac 
* Add failure notification job to deployer workflow

Adds a job to notify a bot in case of deployment failure.

* Use variable for BOT_ENDPOINT in deployer.yml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@2dpetkov 2dpetkov 2dpetkov approved these changes

+1 more reviewer

@pswies pswies pswies approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ben-dydx-ops @2dpetkov @pswies @github-advanced-security