Refactor GitHub OAuth environment variables and update CI/CD workflow…#5
Conversation
…s for consistency
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} | ||
| GROQ_API_KEY: ${{ secrets.GROQ_API_KEY }} | ||
| INNGEST_EVENT_KEY: ${{ secrets.INNGEST_EVENT_KEY }} | ||
| INNGEST_SIGNING_KEY: ${{ secrets.INNGEST_SIGNING_KEY }} |
There was a problem hiding this comment.
CI workflow uses secrets without fallbacks, breaking builds
High Severity
The ci job env vars reference ${{ secrets.* }} without fallback values, so they resolve to empty strings when secrets aren't configured (e.g., fork PRs or new repo setups). The deploy-vps.yml in the same repo correctly uses the secrets.X != '' && secrets.X || 'fallback' pattern, and the documentation added in this same PR (section 8.1) explicitly recommends hardcoded placeholder values with the comment "Build-time placeholders (same idea as Dockerfile)." The actual workflow contradicts both patterns and will fail the build.
Additional Locations (1)
1 participant
…s for consistency
Note
Medium Risk
Mostly configuration and documentation changes, but renaming GitHub OAuth/webhook env vars can break auth/webhook verification if secrets aren’t updated consistently across environments.
Overview
Standardizes GitHub-related environment variables across the app by renaming
GITHUB_CLIENT_ID/SECRETandGITHUB_WEBHOOK_SECRETtoGH_CLIENT_ID/SECRETandGH_WEBHOOK_SECRET, updating auth config and webhook signature verification accordingly.Adds a new GitHub Actions workflow (
.github/workflows/ci.yml) that runs lint/build and then deploys to Vercel on pushes tomain, updates existing VPS deploy and Docker build-time env placeholders to match, and includes a detailed Vercel deployment guide indocs/vercel_deployment_epic.md.Written by Cursor Bugbot for commit 7ec7995. This will update automatically on new commits. Configure here.