Replace GitHub dispatch with Cloudflare Workers Builds #19
Description
Problem
Publishing an issue from the CMS should trigger a web rebuild+deploy. The current approach uses GitHub repository_dispatch to push an empty commit to main, which:
- Gets blocked by branch protection rules (PRs required)
- Requires a GitHub PAT with org approval
- Adds unnecessary indirection through GitHub Actions
Solution
Use Cloudflare Workers Builds API to trigger the web rebuild directly from the API worker.
POST /accounts/{account_id}/builds/triggers/{trigger_uuid}/builds
Steps
Manual (Cloudflare dashboard)
- Enable Workers Builds for
graphqlweekly-v2(Settings > Builds > Connect to Git) - Note the trigger UUID
- Create a Cloudflare API token with Workers Builds permissions
- Set secrets on the API worker:
wrangler secret put CLOUDFLARE_BUILDS_API_TOKEN wrangler secret put CLOUDFLARE_BUILDS_TRIGGER_ID
Code changes
- Replace
triggerDeployinpackages/api/src/resolvers/index.ts— call Cloudflare builds API instead of GitHub dispatch - Replace
GITHUB_TOKENwithCLOUDFLARE_BUILDS_API_TOKEN+CLOUDFLARE_BUILDS_TRIGGER_IDinEnvtype - Remove
GITHUB_TOKENsecret from the worker (wrangler secret delete GITHUB_TOKEN) - Delete
.github/workflows/publish.yml