-
-
Notifications
You must be signed in to change notification settings - Fork 3
Add Heartbeat workflow for health checks and sync #33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| @@ -0,0 +1,43 @@ | ||||||||||||||||||||||||
| name: Dual-Domain Health & Agent Sync | ||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
| on: | ||||||||||||||||||||||||
| push: | ||||||||||||||||||||||||
| branches: [ "main" ] | ||||||||||||||||||||||||
| schedule: | ||||||||||||||||||||||||
| - cron: '0 * * * *' # Automated health check every hour | ||||||||||||||||||||||||
| workflow_dispatch: # Allows you to manually trigger a sync | ||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
| jobs: | ||||||||||||||||||||||||
| health-and-sync: | ||||||||||||||||||||||||
| runs-on: ubuntu-latest | ||||||||||||||||||||||||
| steps: | ||||||||||||||||||||||||
| - uses: actions/checkout@v4 | ||||||||||||||||||||||||
|
|
||||||||||||||||||||||||
| # 1. Sync Agent Instructions to the Central Governance Dashboard | ||||||||||||||||||||||||
| - name: Sync Agent Rules | ||||||||||||||||||||||||
| run: | | ||||||||||||||||||||||||
| curl -X POST https://your-railway-app.up.railway.app/update-agent-logic \ | ||||||||||||||||||||||||
| -H "Authorization: Bearer ${{ secrets.GOVERNANCE_TOKEN }}" \ | ||||||||||||||||||||||||
| -F "instructions=@Agent.Instructions.pdf" | ||||||||||||||||||||||||
|
Comment on lines
+19
to
+21
|
||||||||||||||||||||||||
| curl -X POST https://your-railway-app.up.railway.app/update-agent-logic \ | |
| -H "Authorization: Bearer ${{ secrets.GOVERNANCE_TOKEN }}" \ | |
| -F "instructions=@Agent.Instructions.pdf" | |
| INSTRUCTIONS_FILE=".github/instructions/Heartbeat.instructions.md" | |
| if [ ! -f "$INSTRUCTIONS_FILE" ]; then | |
| echo "Expected instructions file not found: $INSTRUCTIONS_FILE" | |
| exit 1 | |
| fi | |
| curl --fail -X POST https://your-railway-app.up.railway.app/update-agent-logic \ | |
| -H "Authorization: Bearer ${{ secrets.GOVERNANCE_TOKEN }}" \ | |
| -F "instructions=@${INSTRUCTIONS_FILE}" |
Copilot
AI
Apr 13, 2026
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The alert request sends a JSON string via curl -d but does not set Content-Type: application/json. Many endpoints will reject or mis-parse this. Add the appropriate Content-Type header (and consider -sS / timeouts) so failures are surfaced clearly and the payload is parsed as intended.
Copilot
AI
Apr 13, 2026
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The alert payload includes a hard-coded personal email address and the workflow hard-codes the external alerting endpoint. If this repo is public, this leaks PII and makes it easy to accidentally notify the wrong contact. Prefer storing contact info and the alert base URL in repository/environment secrets or variables, and avoid committing personal contact details into the workflow.
Copilot
AI
Apr 13, 2026
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In GitHub Actions, run: steps execute with bash -e, so if curl fails due to DNS/timeout/etc, this step will exit immediately and skip the alert POST. To ensure alerts fire on network failures, capture the curl exit code (or default the status code to 000) and branch on that instead of letting set -e abort the script.
Copilot
AI
Apr 13, 2026
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same JSON alert issue here: the request body is JSON, but the Content-Type: application/json header isn’t set, which can cause the alerting service to misinterpret the payload. Set the correct content type and add basic curl hardening (timeouts / -sS) to improve reliability.
Copilot
AI
Apr 13, 2026
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same issue as above: if curl fails, the step will terminate before reaching the alert POST due to bash -e. Handle curl failures explicitly so the workflow reliably sends an alert when the domain is unreachable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This file contains a GitHub Actions workflow, but it’s being added under
.github/instructions/with a.instructions.mdextension. GitHub Actions will not load workflows from this path, so the health check/sync job will never run. Move this YAML to.github/workflows/(e.g.heartbeat.yml) if the intent is to create an actual workflow.