From a46b7b4e5d276bf2dd8b57df207d6cea3477a3e0 Mon Sep 17 00:00:00 2001 From: Nick Bianchi Date: Tue, 17 Mar 2026 10:00:21 +0000 Subject: [PATCH] fix: skip --env=production in deploy and allow Cloudflare secrets MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Deploy Worker failed because: 1. Reusable workflow defaults environment to 'production' but wrangler.toml has no [env.production] section — override to empty 2. CLOUDFLARE_API_TOKEN and CLOUDFLARE_ACCOUNT_ID not in the workflow secret policy allowlist, failing Governance Gates Co-Authored-By: Claude Opus 4.6 --- .github/allowed-workflow-secrets.txt | 2 ++ .github/workflows/deploy-worker.yml | 1 + 2 files changed, 3 insertions(+) diff --git a/.github/allowed-workflow-secrets.txt b/.github/allowed-workflow-secrets.txt index 92a48ac..7abec4a 100644 --- a/.github/allowed-workflow-secrets.txt +++ b/.github/allowed-workflow-secrets.txt @@ -1,6 +1,8 @@ CHITTYCONNECT_API_KEY CHITTYCONNECT_BROKER_TOKEN CHITTY_AGENT_TOKEN +CLOUDFLARE_ACCOUNT_ID +CLOUDFLARE_API_TOKEN CHITTY_GATEWAY_TOKEN CHITTY_GOVERNANCE_DISPATCH_TOKEN CHITTY_REVIEW_DELEGATE_TOKEN diff --git a/.github/workflows/deploy-worker.yml b/.github/workflows/deploy-worker.yml index 61a9786..388021d 100644 --- a/.github/workflows/deploy-worker.yml +++ b/.github/workflows/deploy-worker.yml @@ -17,6 +17,7 @@ jobs: uses: CHITTYOS/chittyops/.github/workflows/reusable-worker-deploy.yml@main with: service_name: chittycommand + environment: '' secrets: CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }} CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}