DEVOPS
Auto-remediate unauthorized Vercel flag drift and page on conflict
Detects live Edge Config flags that diverge from GitLab, reverts them to the committed value automatically, and pages PagerDuty when a flag can't be safely auto-resolved.
How it runs
The automated pipeline, trigger to output.
- TriggerFrequent schedule fires
- ActionFetch live Edge Config + source flags.jsonVercel
- LogicClassify drift: auto-revert vs. unresolved
- ActionRevert auto-fixable flags to source valueVercel
- LogicBranch: unresolved drift remains?
- ActionPage PagerDuty for unresolved driftPagerDuty
- OutputPost remediation summary to SlackSlack
What it does
Treats GitLab as the only authority and self-heals production. It compares the live Vercel Edge Config against the committed `flags.json`, automatically reverts unauthorized live-only or value-drifted flags back to source, and logs every correction. Ambiguous cases (a flag present live but with no entry in source) are escalated rather than guessed.
When to use it
Use it on high-blast-radius stores where an out-of-band flag flip is an incident, not a curiosity. Auto-revert keeps prod aligned with reviewed config; the page ensures a human handles anything the rule can't resolve cleanly.
How it works
- 1A schedule fires the reconciler frequently (default every 5 minutes).
- 2Fetch live Edge Config values from Vercel and the canonical `flags.json` from GitLab.
- 3A logic step classifies each drift as auto-revertible (value mismatch against a known key) or unresolved (live-only with no source entry).
- 4For auto-revertible drift, patch the Edge Config back to the source value via Vercel.
- 5Branch: if any unresolved drift remains, trigger a PagerDuty incident with the flag details; otherwise post a quiet remediation summary to Slack.
Set it up
What you configure once, before turning it on.
- 1Connect VercelDeploys, runtime logs, analytics.
- 2Connect GitLabRepos, MRs, pipelines, registry.
- 3Connect PagerDutyIncidents, on-call, escalations.
- 4Connect SlackChannels, DMs, threads, mentions.
- 5Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
- 6Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
- 7Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.
More DevOps workflows
Slack-approved pause for idle Hugging Face Spaces
On a daily scan it finds idle paid Spaces and posts an interactive Slack approval; on approve it pauses the Space and logs the decision to a GitHub issue audit trail.
Block costly Hugging Face Space hardware upgrades in PR review
When a pull request changes a Space's hardware config, it estimates the new monthly cost and posts a GitHub PR comment that flags upgrades crossing a budget ceiling.
Hugging Face Spaces idle-runtime sweep with auto-pause
On a schedule, scans all Hugging Face Spaces for ones running idle past a threshold, pauses them to stop billing, and posts a Slack summary with the estimated monthly savings.
Open a Zoom war-room from a Datadog multi-alert storm
When a Datadog monitor crosses a critical threshold, this workflow dedupes against active incidents, and only for a genuinely new outage it creates a Zoom bridge.
Auto-spin a Zoom war-room when PagerDuty hits SEV-1
When a PagerDuty incident escalates to a critical severity, this workflow creates a dedicated Zoom meeting and posts the bridge link to the incident's Slack channel so responders…
Spin up a war-room on demand from a Slack slash command
When an engineer runs a Slack command, this workflow creates a Zoom bridge, opens a tracking Sentry-linked incident, files a Linear issue for follow-up.
Run it inside a business
This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.
Run this workflow in your colony.
14-day trial. No DevOps. No Sales call. Provisioned in under a minute.