Comment vercel error stack in GitHub #4
Conversation
… PRs This workflow triggers on pull request events and checks the status of the latest Vercel deployment. If the deployment fails, it fetches error logs and posts a comment on the PR with the relevant error details.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
Warning Rate limit exceeded@sohelshekhIn has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 0 minutes and 8 seconds before requesting another review. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. 📒 Files selected for processing (1)
Note Other AI code review bot(s) detectedCodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review. WalkthroughAdds a GitHub Actions workflow that triggers on pull request events, polls Vercel for the PR's deployment by commit SHA or branch, monitors deployment status until terminal or timeout, and posts formatted PR comments with extracted error snippets or timeout notices. Changes
Sequence Diagram(s)sequenceDiagram
participant GH as GitHub Events
participant WF as Actions Workflow
participant Vercel as Vercel API
participant PR as Pull Request
GH->>WF: PR opened / synchronize / reopened
WF->>WF: Read PR metadata (branch, sha, number)
WF->>Vercel: Poll project deployments (filter by sha/branch)
Vercel-->>WF: Deployment list (or none)
alt Deployment found
WF->>Vercel: Monitor deployment state (poll until terminal or timeout)
Vercel-->>WF: State updates (BUILDING → READY / ERROR / CANCELED)
alt State = ERROR
WF->>Vercel: Fetch deployment events/logs
Vercel-->>WF: Event/log lines
WF->>PR: Post formatted PR comment with error snippet & log link
else State = TIMEOUT
WF->>PR: Post timeout notice with guidance & link
else State = READY
WF->>WF: Log success, no PR comment
end
else No deployment found
WF->>WF: Mark deployment_found=false, exit
end
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes
Poem
Pre-merge checks and finishing touches❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull Request Overview
This PR introduces a GitHub Actions workflow that monitors Vercel deployments for pull requests and automatically comments on the PR when a deployment fails, providing error details and a link to the full logs.
Key Changes:
- Added automated Vercel deployment failure detection and reporting
- Implemented error log extraction and PR commenting functionality
- Created workflow triggered on PR open, synchronize, and reopen events
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| run: | | ||
| echo "Fetching latest deployment for branch $PR_BRANCH" | ||
| response=$(curl -s -H "Authorization: Bearer $VERCEL_TOKEN" \ | ||
| "https://api.vercel.com/v6/deployments?projectId=$VERCEL_PROJECT_ID&limit=5") |
There was a problem hiding this comment.
The hardcoded limit of 5 deployments may be insufficient for active branches with frequent commits. Consider increasing this to a higher value (e.g., 20) or making it configurable to ensure the latest deployment for the PR branch is found.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 4
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/vercel-fail-comment.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.8)
.github/workflows/vercel-fail-comment.yml
13-13: "github.head_ref" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/reference/security/secure-use#good-practices-for-mitigating-script-injection-attacks for more details
(expression)
85-85: key "env" is duplicated in element of "steps" section. previously defined at line:58,col:9
(syntax-check)
🪛 YAMLlint (1.37.1)
.github/workflows/vercel-fail-comment.yml
[error] 85-85: duplication of key "env" in mapping
(key-duplicates)
🔇 Additional comments (1)
.github/workflows/vercel-fail-comment.yml (1)
75-83: PR comment formatting looks good.The markdown formatting, error summary, and link to full logs are well-structured and user-friendly. Once the
envsection is consolidated, this step should work correctly.
This update includes the addition of the GITHUB_TOKEN environment variable to the workflow that comments on Vercel deployment failures in pull requests, ensuring proper authentication for API calls.
….com/Hack-Canada/Daedalus-Hacker-Portal into comment-vercel-error-stack-in-github
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (5)
.github/workflows/vercel-fail-comment.yml (5)
27-27: Increase hardcoded deployment limit to reduce missed deployments.The hardcoded limit of 5 deployments may be insufficient for active branches with frequent commits. If a PR has more than 5 recent deployments, the latest one for the PR branch may not be found.
Increase the limit to a higher value (e.g., 20) or make it configurable:
echo "Fetching latest deployment for branch $PR_BRANCH" response=$(curl -sf -H "Authorization: Bearer $VERCEL_TOKEN" \ - "https://api.vercel.com/v6/deployments?projectId=$VERCEL_PROJECT_ID&limit=5") + "https://api.vercel.com/v6/deployments?projectId=$VERCEL_PROJECT_ID&limit=20")
69-69: Add null check to jq filter to handle missing.payload.textfields.The jq filter assumes all log entries have
.payload.text, which may not always be true. This can cause jq to skip entries with different structures or fail silently. Add a null-check select filter:# Extract only build errors - error_lines=$(echo "$logs" | jq -r '.[] | select(.payload.text | test("Error|Exception|Failed"; "i")) | .payload.text' | tail -n 20) + error_lines=$(echo "$logs" | jq -r '.[] | select(.payload.text != null) | select(.payload.text | test("Error|Exception|Failed"; "i")) | .payload.text' | tail -n 20)
50-51: Add error handling for deployment status check API call.Similar to the deployments API call, this curl request lacks error handling. If the API call fails,
$statuswill be empty, and subsequent steps will incorrectly treat the deployment as non-error.Apply the same error-handling pattern:
status=$(curl -sf -H "Authorization: Bearer $VERCEL_TOKEN" \ "https://api.vercel.com/v13/deployments/$DEPLOYMENT_ID" | jq -r '.state') + if [ $? -ne 0 ]; then + echo "::error::Failed to fetch deployment status from Vercel API" + exit 1 + fi
26-27: Add error handling for Vercel deployments API call.The curl request lacks HTTP error handling. If the API call fails,
$responsewill contain an HTTP error page instead of JSON, causing jq to fail silently or produce incorrect output. This masks API failures and treats them as "no deployment found."Add the
-fflag to fail on HTTP errors and check the exit status:echo "Fetching latest deployment for branch $PR_BRANCH" - response=$(curl -s -H "Authorization: Bearer $VERCEL_TOKEN" \ + response=$(curl -sf -H "Authorization: Bearer $VERCEL_TOKEN" \ "https://api.vercel.com/v6/deployments?projectId=$VERCEL_PROJECT_ID&limit=5") + if [ $? -ne 0 ]; then + echo "::error::Failed to fetch deployments from Vercel API" + echo "found=false" >> $GITHUB_OUTPUT + exit 0 + fi
65-66: Add error handling for deployment events API call.The curl request fetching deployment events lacks error handling. On failure,
$logswill be malformed, and jq will fail silently or produce incorrect output. This is particularly problematic since the output is user-facing.Add error handling with a safe fallback:
echo "Deployment failed. Fetching logs..." - logs=$(curl -s -H "Authorization: Bearer $VERCEL_TOKEN" \ + logs=$(curl -sf -H "Authorization: Bearer $VERCEL_TOKEN" \ "https://api.vercel.com/v2/deployments/$DEPLOYMENT_ID/events") + if [ $? -ne 0 ]; then + echo "::warning::Failed to fetch deployment events from Vercel API" + logs='[]' + fi
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/vercel-fail-comment.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.8)
.github/workflows/vercel-fail-comment.yml
13-13: "github.head_ref" is potentially untrusted. avoid using it directly in inline scripts. instead, pass it through an environment variable. see https://docs.github.com/en/actions/reference/security/secure-use#good-practices-for-mitigating-script-injection-attacks for more details
(expression)
This update improves the error handling for fetching deployment status and logs from the Vercel API. It adds checks for network issues, invalid tokens, and empty responses, ensuring more informative error messages are provided in case of failures. Additionally, it cleans up temporary files used during the process.
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (3)
.github/workflows/vercel-fail-comment.yml (3)
30-31: Add-fflag to first curl call for consistency and error clarity.The first Vercel API call lacks the
-fflag used in other curl invocations (lines 57, 90), making HTTP errors silent. If the API returns an error response, it's treated identically to "no deployment found," obscuring the actual failure.Align this call with the error handling pattern established elsewhere in the workflow:
echo "Fetching latest deployment for branch $PR_BRANCH" - response=$(curl -s -H "Authorization: Bearer $VERCEL_TOKEN" \ + response=$(curl -sf -H "Authorization: Bearer $VERCEL_TOKEN" \ "https://api.vercel.com/v6/deployments?projectId=$VERCEL_PROJECT_ID&limit=5") + if [ $? -ne 0 ]; then + echo "❌ Error: Failed to fetch deployments from Vercel API" + echo "found=false" >> $GITHUB_OUTPUT + exit 0 + fi # Find the most recent deployment for this PR branch
31-31: Consider making the deployment fetch limit configurable.The hardcoded
limit=5may be insufficient for repositories with frequent commits to the same branch. While it works for most cases, larger teams or high-frequency deployments could miss recent deployments. Consider increasing this to a higher default (e.g., 20–50) or making it a workflow input for flexibility.
112-112: Consider adding an explicit null check in the jq filter for clarity.While the current error handling (JSON validation at line 106 + error suppression at line 112) does catch malformed responses, an explicit null check in the filter would improve robustness and code clarity:
- error_lines=$(jq -r '.[] | select(.payload.text | test("Error|Exception|Failed"; "i")) | .payload.text' /tmp/vercel_logs.json 2>/dev/null | tail -n 20) + error_lines=$(jq -r '.[] | select(.payload.text != null) | select(.payload.text | test("Error|Exception|Failed"; "i")) | .payload.text' /tmp/vercel_logs.json 2>/dev/null | tail -n 20)This guards against entries with null or missing
.payload.textfields and makes the intent explicit.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/vercel-fail-comment.yml(1 hunks)
🔇 Additional comments (3)
.github/workflows/vercel-fail-comment.yml (3)
12-20: Script injection vulnerability properly mitigated.The use of the
envsection to passgithub.head_ref(and other context values) safely addresses the injection risk flagged in the previous review. This is the correct pattern for handling untrusted inputs in GitHub Actions workflows.
47-77: Robust error handling for deployment status check.Proper use of
-sfflag, explicit exit code checking, and validation that the status is not empty or null. This follows best practices and matches the security/robustness expectations from the earlier review.
79-132: Comprehensive error handling and graceful fallbacks for error logging step.The step handles multiple failure scenarios: curl errors, invalid JSON responses, missing error lines, and temporary file cleanup. The error messages are informative, and fallback messages guide users to check the Vercel dashboard when API calls fail. The
gh apicall to post the comment is properly guarded by earlier conditional checks.
…dling and timeout reporting This update enhances the GitHub Actions workflow for monitoring Vercel deployments by introducing a more robust error handling mechanism, including detailed timeout notifications and improved logging of deployment events. The workflow now provides clearer feedback on deployment status and integrates better with GitHub comments for error reporting.
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
.github/workflows/vercel-fail-comment.yml (1)
282-284: Minor: non-critical curl call lacks error logging.The deployment URL fetch (lines 282–284) silently fails if the API call fails, which is acceptable since it's for non-essential supplementary information (preview URL in the comment). However, for consistency and observability, consider adding a brief error log so operators can detect API issues even on non-critical calls.
This is a minor improvement and can be deferred if you prefer to keep the critical-path error handling as the priority:
deploy_url=$(curl -sf -H "Authorization: Bearer $VERCEL_TOKEN" \ "https://api.vercel.com/v13/deployments/$DEPLOYMENT_ID" 2>/dev/null | \ jq -r '.url // empty') || deploy_url="" [ -z "$deploy_url" ] && echo "⚠️ Could not retrieve preview URL (non-critical)"
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/vercel-fail-comment.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.8)
.github/workflows/vercel-fail-comment.yml
220-220: could not parse as YAML: could not find expected ':'
(syntax-check)
🪛 YAMLlint (1.37.1)
.github/workflows/vercel-fail-comment.yml
[error] 221-221: syntax error: could not find expected ':'
(syntax)
🔇 Additional comments (6)
.github/workflows/vercel-fail-comment.yml (6)
220-221: Static analysis warnings are false positives.The linter warnings about YAML syntax errors at lines 220–221 are false positives. These lines are part of a bash multiline string literal inside the
run:block and are valid bash syntax. The linter incorrectly attempted to parse shell script content as YAML. No action needed.
1-108: Wait-for-deployment step is well-implemented with robust error handling.The retry logic properly handles transient failures, API errors are captured and logged, jq filters use null-safe operators to guard against missing fields, and environment variables are safely injected. The polling interval (30s × 20 attempts = 10 minutes) is reasonable and coordinated with the overall job timeout.
109-191: Monitor-deployment step correctly implements state machine and timeout handling.The step properly tracks deployment state transitions, logs meaningful progress, and exits cleanly on final states (READY, ERROR, CANCELED). The polling interval (30s × 30 attempts = 15 minutes) is well-coordinated with the 25-minute job timeout (10 + 15 minutes). Curl error handling and response validation are consistent.
193-339: Error log fetching and PR commenting logic is comprehensive with proper error recovery.The step handles multiple failure scenarios: curl failures, invalid JSON responses, and missing error messages—each with appropriate fallback messages posted to the PR. The jq filter chains defensively extract errors or build output with null coalescing. Log limiting (100 lines max) and temporary file cleanup prevent resource bloat. The error message formatting with links and next steps is clear and actionable. Environment variables for GitHub and Vercel tokens are properly scoped.
341-377: Timeout and success reporting steps are clean and well-formatted.Both steps properly post informative messages to the PR with actionable guidance. The timeout message correctly suggests checking the dashboard and re-triggering, and the success step correctly skips posting when the build succeeds.
1-377: Overall workflow implementation is production-ready.The workflow demonstrates strong engineering practices: comprehensive error handling with
-sfcurl flags and explicit exit code checks, defensive jq filters with null coalescing, environment variable isolation to prevent script injection, robust retry logic with exponential backoff feel (consistent 30s intervals), clear logging with emoji indicators for UX, and multiple fallback messages so users never see blank or confusing output.The logic is well-architected (wait → poll → react) with proper state transitions and timeout coordination. All environment secrets are properly scoped to steps that need them, and the GitHub token usage for PR commenting follows best practices.
…orkflow This update improves the error message generation in the GitHub Actions workflow by utilizing temporary files to avoid YAML quoting issues. The changes enhance the clarity and formatting of error messages related to deployment failures and timeouts, ensuring better readability in GitHub comments.
This update enhances the construction of error messages in the GitHub Actions workflow by using a more structured approach to avoid YAML quoting issues. The changes improve the clarity and formatting of messages related to deployment failures and timeouts, ensuring better readability in GitHub comments.
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (2)
.github/workflows/vercel-fail-comment.yml (2)
290-292: Add error handling to deploy_url retrieval for consistency.This curl call lacks error handling and the
-fflag, unlike other API calls in the workflow. If the call fails silently,deploy_urlwill be empty and the fallback logic at line 301 will skip the preview URL link.Apply this diff to add error handling:
# Get deployment URL - deploy_url=$(curl -sf -H "Authorization: Bearer $VERCEL_TOKEN" \ + deploy_url=$(curl -sf -H "Authorization: Bearer $VERCEL_TOKEN" \ - "https://api.vercel.com/v13/deployments/$DEPLOYMENT_ID" | \ + "https://api.vercel.com/v13/deployments/$DEPLOYMENT_ID" 2>/tmp/curl_error.log | \ jq -r '.url // empty') + if [ $? -ne 0 ]; then + echo "⚠️ Could not retrieve deployment preview URL" + deploy_url="" + fi
354-388: Add error handling to timeout comment posting for consistency.The timeout PR comment (line 387) lacks the explicit error check present in the error comment step (lines 345-350). If the gh pr comment call fails, the workflow will succeed silently instead of reporting the failure.
Apply this diff to match the error-handling pattern from the earlier step:
gh pr comment "$PR_NUMBER" --body-file /tmp/timeout_message.md --repo "${{ github.repository }}" + + if [ $? -eq 0 ]; then + echo "✅ Successfully posted timeout notice to PR" + else + echo "❌ Failed to post timeout comment to PR" + exit 1 + fi rm -f /tmp/timeout_message.md
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/vercel-fail-comment.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.8)
.github/workflows/vercel-fail-comment.yml
286-286: could not parse as YAML: could not find expected ':'
(syntax-check)
🪛 YAMLlint (1.37.1)
.github/workflows/vercel-fail-comment.yml
[error] 289-289: syntax error: could not find expected ':'
(syntax)
| error_logs="No detailed error messages found in deployment logs. | ||
| Please check the Vercel dashboard for complete build output." |
There was a problem hiding this comment.
Fix YAML syntax error in multi-line string assignment.
The shell variable assignment spans multiple lines without proper quoting, causing YAML parsing to fail. Static analysis tools report "could not find expected ':'" at these lines.
Apply this diff to properly quote the multi-line string:
else
- error_logs="No detailed error messages found in deployment logs.
-Please check the Vercel dashboard for complete build output."
+ error_logs="No detailed error messages found in deployment logs. Please check the Vercel dashboard for complete build output."Alternatively, use bash multi-line syntax with proper continuation:
else
- error_logs="No detailed error messages found in deployment logs.
-Please check the Vercel dashboard for complete build output."
+ error_logs="No detailed error messages found in deployment logs.
+ Please check the Vercel dashboard for complete build output."📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| error_logs="No detailed error messages found in deployment logs. | |
| Please check the Vercel dashboard for complete build output." | |
| else | |
| error_logs="No detailed error messages found in deployment logs. Please check the Vercel dashboard for complete build output." |
🧰 Tools
🪛 actionlint (1.7.8)
286-286: could not parse as YAML: could not find expected ':'
(syntax-check)
🤖 Prompt for AI Agents
In .github/workflows/vercel-fail-comment.yml around lines 285-286 the shell
variable assignment spans literal newlines without proper quoting which breaks
YAML parsing; fix it by replacing the raw multi-line value with a proper YAML
multi-line scalar (use the block scalar indicator | with correct indentation) or
put the entire string on a single quoted line (escape embedded newlines) so the
assignment becomes a valid YAML string value and preserves the intended message.
Summary by CodeRabbit