DEVOPS
Origin-Cost Spike from Cache Drop to PagerDuty Escalation
Detects when a Cloudflare cache hit-ratio decline drives an origin egress/cost spike and escalates a fully-contextualized incident to PagerDuty with the suspect config change…
How it runs
The automated pipeline, trigger to output.
- TriggerEvery 30 minutes
- ActionRead hit ratio + origin volume/bandwidth (Cloudflare)Cloudflare
- LogicRatio drop AND origin-cost surge over threshold?
- ActionIdentify probable-cause edge-config commitGitLab
- ActionOpen enriched PagerDuty incidentPagerDuty
- OutputMirror summary to cost-watch channelSlack
What it does
This workflow watches the downstream consequence of a cache regression — origin requests and egress cost — not just the ratio itself. Every 30 minutes it reads cache hit ratio and origin request volume from Cloudflare, and when a ratio drop coincides with an origin-load surge above your dollar threshold, it opens a PagerDuty incident enriched with the cost delta and the GitLab commit most likely responsible.
When to use it
Use it when the business impact you care about is the origin bill and SLA, and you want paging reserved for regressions that actually cost money — filtering out harmless ratio dips that don't move origin load.
How it works
- 1Schedule fires every 30 minutes.
- 2Cloudflare returns cache hit ratio plus origin request volume and bandwidth.
- 3A logic step confirms both a ratio drop and an origin-cost surge crossing the threshold.
- 4GitLab identifies the most recent edge-config commit as the probable cause.
- 5PagerDuty opens an incident with the cost delta, ratio change, and suspect commit.
- 6Slack mirrors the incident summary to the cost-watch channel.
Set it up
What you configure once, before turning it on.
- 1Connect CloudflareWorkers, Pages, R2, KV — the edge stack.
- 2Connect GitLabRepos, MRs, pipelines, registry.
- 3Connect PagerDutyIncidents, on-call, escalations.
- 4Connect SlackChannels, DMs, threads, mentions.
- 5Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
- 6Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
- 7Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.
More DevOps workflows
Slack-approved pause for idle Hugging Face Spaces
On a daily scan it finds idle paid Spaces and posts an interactive Slack approval; on approve it pauses the Space and logs the decision to a GitHub issue audit trail.
Block costly Hugging Face Space hardware upgrades in PR review
When a pull request changes a Space's hardware config, it estimates the new monthly cost and posts a GitHub PR comment that flags upgrades crossing a budget ceiling.
Hugging Face Spaces idle-runtime sweep with auto-pause
On a schedule, scans all Hugging Face Spaces for ones running idle past a threshold, pauses them to stop billing, and posts a Slack summary with the estimated monthly savings.
Open a Zoom war-room from a Datadog multi-alert storm
When a Datadog monitor crosses a critical threshold, this workflow dedupes against active incidents, and only for a genuinely new outage it creates a Zoom bridge.
Auto-spin a Zoom war-room when PagerDuty hits SEV-1
When a PagerDuty incident escalates to a critical severity, this workflow creates a dedicated Zoom meeting and posts the bridge link to the incident's Slack channel so responders…
Spin up a war-room on demand from a Slack slash command
When an engineer runs a Slack command, this workflow creates a Zoom bridge, opens a tracking Sentry-linked incident, files a Linear issue for follow-up.
Run it inside a business
This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.
Run this workflow in your colony.
14-day trial. No DevOps. No Sales call. Provisioned in under a minute.