fix: replace hourly scheduled deploy with per-push deploy on production

[OAGr]

Problem

The hourly scheduled-deploy.yml was silently not deploying. When PR #1739 disabled Vercel's GitHub integration (github.enabled: false), it became the sole deploy path — but the deploy hook was likely configured for the main branch. The vercel.json ignoreCommand only allows builds for the production branch, so every hourly trigger was being cancelled by Vercel.

The scheduled-deploy workflow showed "success" because it only checks that the HTTP trigger request returns 201, not that a build actually ran.

Fix

• Remove scheduled-deploy.yml — no more hourly cron
• Add a deploy job to ci.yml that fires after CI passes on pushes to the production branch (i.e., when a release PR merges)
• Update vercel.json note to clarify the deploy hook must be for the production branch

The deploy hook in Vercel was updated manually to Branch: production and VERCEL_DEPLOY_HOOK_URL secret was updated.

Why this is better

• Deploys happen immediately when a release PR merges, not up to 60 min later
• No unnecessary hourly builds
• Explicit: you can see the deploy step in the CI run for the release commit

Test plan

• Merge a release PR into production and verify the deploy job runs in CI and triggers a Vercel build
• Confirm the Vercel dashboard shows a new build triggered by the deploy hook (not the GitHub integration)
• Verify scheduled-deploy.yml no longer appears in the Actions tab
• Confirm no hourly runs appear after this merges

Closes #1679

Summary by CodeRabbit

Release Notes

• Chores
  • Streamlined production deployment pipeline to automatically trigger after successful CI checks instead of hourly schedules.
  • Removed Vercel status notifications from pull requests to reduce notification noise during code reviews.

[github-actions]

🛑 Protected Paths Modified

This PR modifies 2 protected file(s) that control agent behavior, CI pipelines, or validation logic. These changes require human review before merging.

CI workflows (.github/workflows/)

• .github/workflows/ci.yml
• .github/workflows/scheduled-deploy.yml

---

Action required: Add the rules-change-reviewed label after a human has reviewed the protected file changes.

Why this check exists: Agents have write access to their own behavioral rules. Without human review, a rule change buried in a large PR could weaken validation, bypass gates, or modify agent instructions. See #1405.

[coderabbitai]

Warning

Rate limit exceeded

@OAGr has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 5 minutes and 46 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: b0c34743-ad07-436e-aef5-7c2f778f2c54

📥 Commits

Reviewing files that changed from the base of the PR and between 8a0d4e5 and 8709bc5.

📒 Files selected for processing (1)

• .github/workflows/ci.yml

📝 Walkthrough

Walkthrough

The PR consolidates production deployment logic from a broken scheduled workflow into the main CI pipeline. The new deploy job triggers a Vercel production deployment after CI succeeds on the production branch, while removing the obsolete hourly schedule that was firing but being silently ignored by Vercel's ignoreCommand configuration.

Changes

Cohort / File(s)	Summary
Deployment Workflow Updates .github/workflows/ci.yml	Added a new deploy job that runs after CI succeeds on production branch pushes. Includes secret validation for VERCEL_DEPLOY_HOOK_URL, curl POST execution to the deploy hook, HTTP status code checking (2xx success), and error handling with informative messages.
Scheduled Deployment Removal .github/workflows/scheduled-deploy.yml	Removed entire workflow file that implemented hourly scheduled deployments via Vercel deploy hook—workflow was broken due to branch mismatch between schedule trigger and vercel.json ignoreCommand configuration.
Deployment Configuration Note apps/web/vercel.json	Updated _ignoreCommandNote text to document that the deploy hook in ci.yml is configured for the production branch, ensuring it always passes the ignoreCommand check.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 A schedule that ran but was always denied,
Now merged with the CI, with nowhere to hide—
When tests all pass green on the production branch flow,
The deploy hook awakens and steals the show!
No more silent failures, just smooth deployments true, 🚀

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: replacing hourly scheduled deploy with per-push deploy on the production branch, which aligns with the primary modifications across ci.yml and removal of scheduled-deploy.yml.
Linked Issues check	✅ Passed	The PR successfully addresses all coding requirements from issue #1679: verifies the deploy hook target branch (updated to production), removes the broken scheduled-deploy.yml, adds a deploy job triggered on production pushes, and clarifies vercel.json notes accordingly.
Out of Scope Changes check	✅ Passed	All changes are directly scoped to fixing the broken scheduled deployment: modifying ci.yml (adding deploy job), removing scheduled-deploy.yml, and updating vercel.json documentation. No unrelated changes detected.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/vercel-deploy-on-production-push

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
longterm-wiki-agent3	Error		Mar 7, 2026 1:39am

[OAGr]

🤖 PR Patrol ran for 101s (40 max turns, model: sonnet).

Issues detected: ci-failure, missing-testplan, missing-issue-ref

Result:
ot the main project. It's unrelated to the PR's actual changes and appears to be a pre-existing infrastructure issue with the agent3 Vercel project configuration.

3. Missing issue reference — No matching GitHub issue was found for "hourly deploy / scheduled deploy / Vercel deploy hook". This appears to be a standalone infrastructure fix that doesn't need a backing issue.

Action needed from a human: Add the rules-change-reviewed label to PR #1814 after reviewing the workflow changes.

[OAGr]

🤖 PR Patrol ran for 80s (40 max turns, model: sonnet).

Issues detected: ci-failure, missing-issue-ref

Result:
summary:

CI Failure (check-protected-paths): This is a process gate, not a code bug. The PR modifies .github/workflows/ files (protected paths), and the check requires a human reviewer to add the rules-change-reviewed label. No code fix is possible — a human must review and label the PR.

Missing Issue Reference: Found issue #1679 ("scheduled-deploy.yml is likely broken after production-branch switch") which directly matches this PR's purpose. Added Closes #1679 to the PR body.

[OAGr]

can we move some of this to TS? This seems error prone

[OAGr]

🤖 PR Patrol ran for 106s (40 max turns, model: sonnet).

Issues detected: ci-failure

Result:
nges look correct — actionlint passed, CI (TypeScript build, tests) passed, and crux-validate passed. The Vercel failure is infrastructure-level and unrelated to the code changes.

Summary: Neither failure is fixable by code changes:

• check-protected-paths requires a human to review the workflow changes and add the rules-change-reviewed label to PR fix: replace hourly scheduled deploy with per-push deploy on production #1814
• The Vercel preview failure for longterm-wiki-agent3 is an agent-worktree infrastructure issue not caused by this PR's changes

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/ci.yml:
- Around line 339-340: The production deploy job currently only waits for the ci
job (needs: [ci]) and should also gate on the migrate-test job; update the needs
array from [ci] to [ci, migrate-test] (i.e., change needs: [ci] to needs: [ci,
migrate-test]) so the job will block until both ci and migrate-test succeed, and
ensure the migrate-test job name matches exactly.
- Line 340: The new workflow condition for production deploys omits the existing
automation pause check, so add back a guard that prevents runs when
vars.AUTOMATION_PAUSED is set (e.g., require vars.AUTOMATION_PAUSED != 'true' or
similar) alongside the existing github.ref == 'refs/heads/production' and
github.event_name == 'push' checks; update the if condition in the CI job (the
line using github.ref and github.event_name) to include the
vars.AUTOMATION_PAUSED check so pushes to production do not trigger when
automation is paused.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: bbe1bf43-945d-4cc2-929a-c4e153fc57cb

📥 Commits

Reviewing files that changed from the base of the PR and between 93bfb3e and 8a0d4e5.

📒 Files selected for processing (3)

• .github/workflows/ci.yml
• .github/workflows/scheduled-deploy.yml
• apps/web/vercel.json

💤 Files with no reviewable changes (1)

• .github/workflows/scheduled-deploy.yml

[OAGr]

🤖 PR Patrol ran for 214s (40 max turns, model: sonnet).

Issues detected: ci-failure, bot-review-major

Result:
s fixed on PR #1814:

Two changes to .github/workflows/ci.yml deploy job (line 339-340):

1. needs: [ci] → needs: [ci, migrate-test] — Production can no longer deploy if DB migration tests fail, closing the safety gap where a red migrate-test run wouldn't block the deploy.

2. Added vars.AUTOMATION_PAUSED != 'true' && to the if condition — Restores the automation pause circuit breaker that existed in the old scheduled-deploy.yml but was accidentally dropped in this PR.