@anshugarg15checks…feat/proxy-deploy-doppler-oidc-production → production2 files · +101 −17review: @acsrujanreview: @abir-taheerupdated 1w agoPorts the Doppler-OIDC deploy change (already merged to master in #10465) to the production branch.
Both external-proxy and backend-proxy Cloudflare Worker deploys now:
doppler oidc login, short-lived token) instead of a static DOPPLER_TOKEN_HERMES_*,external-proxy-ci / backend-proxy-ci Doppler projects.No code/secret-sync logic differs from the master version — same two files, identical content.
productionThe *_PRD_IDENTITY repo variables and the production-subject Doppler identities must exist:
repo:ComposioHQ/platform:ref:refs/heads/production → grants each project's prd configDOPPLER_EXTERNAL_PROXY_CI_PRD_IDENTITY, DOPPLER_BACKEND_PROXY_CI_PRD_IDENTITYCLOUDFLARE_API_TOKEN present in each project's prd configMerging is inert (path filter scopes to wrangler/<worker>/**); a real worker change pushed to production is what triggers the deploy.
🤖 Generated with Claude Code
Based on git blame analysis of 2 file(s):
| Contributor | Contribution | Files |
|---|---|---|
| Anshu Garg | 65% | 2 |
| Zen | 13% | 1 |
| Anshu Garg | 7% | 1 |
| devin-ai-integration[bot] | 6% | 1 |
| Srujan | 4% | 2 |
Based on git history, Anshu Garg or Zen would be good reviewer(s) for this PR.
🤖 Based on git blame with recency weighting (recent edits count more).