Fix production Vercel deploy linking

[mikepsinn]

Summary

• add a Vercel project API preflight to deploy-production so token/team/project failures are explicit before the CLI runs
• write .vercel/project.json in CI from the configured Vercel org/project IDs and pass --scope to Vercel pull, build, and deploy
• keep GitHub Pages visual-review publishing non-blocking and cap the propagation wait so it does not stall PR checks
• add preview deploy-smoke scoping so workflow-only deploy plumbing changes skip preview app smoke, while app/runtime/package changes still run it
• keep preview database sync conditional on schema/managed-data inputs and include deleted runtime files when deciding whether preview smoke is required

Why

The last main production deploy failed in deploy-production at Pull Vercel production settings with:

Error: Could not retrieve Project Settings. To link your Project, remove the .vercel directory and deploy again.

The old workflow only checked that Vercel values were non-empty. This verifies the exact project API lookup and gives actionable errors for bad token, team, or project config before the CLI runs.

While validating this PR, two unrelated workflow blockers showed up: GitHub Pages propagation could hold web-visual-review, and preview deploy smoke was exercising a drifted Neon preview DB even though this PR only changes deployment workflows. The final workflow keeps those paths bounded instead of hiding the problem with larger blanket timeouts.

Validation

• git diff --check -- .github/workflows/ci.yml .github/workflows/smoke-deploy.yml .github/scripts/preview-smoke-scope.mjs .github/scripts/preview-smoke-scope.test.mjs
• parsed .github/workflows/ci.yml and .github/workflows/smoke-deploy.yml with Python/PyYAML
• node --test .github/scripts/generate-pr-preview-links.test.mjs .github/scripts/preview-managed-data-filter.test.mjs .github/scripts/preview-smoke-scope.test.mjs .github/scripts/preview-masking-workflow-order.test.mjs .github/scripts/audit-sentry-preview.test.mjs
• PR checks are green on b429001c: core-validate, web-static-validate, web-e2e-validate, web-visual-review, sync-preview-managed-data, Vercel, CodeRabbit, and Claude review
• Review threads resolved: fixed the deleted-runtime-file smoke scope issue; declined blanket SHA-pinning and 35-minute preview-sync waits as out of scope / counter to the bounded-wait goal

Production deploy still only runs on main, so the production path will be fully exercised after merge.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
optimitron-web	Ready	Preview, Comment	Jun 19, 2026 2:17am

[coderabbitai]

📝 Walkthrough

Walkthrough

The PR introduces three independent improvements to CI workflows: a new preview smoke scoping system that conditionally skips smoke/Playwright tests based on changed files with integrated data sync polling, hardening of visual review page availability checks to warn rather than fail, and Vercel production deploy hardening with API preflight validation and org scope flags on all CLI commands.

Changes

Preview Smoke Scoping System

Layer / File(s)	Summary
Pattern definitions and matching implementation .github/scripts/preview-smoke-scope.mjs	Defines regex source patterns targeting packages, scripts, and config files in PREVIEW_SMOKE_PATTERN_SOURCES; compiles them into PREVIEW_SMOKE_PATTERNS; exports getPreviewSmokeMatches(files) to filter test-only files and return sorted matches; exports shouldRunPreviewSmoke(files) to check if any matches exist; and defines isTestOnlyFile(file) to identify __tests__ paths and *.spec|*.test.* filenames for JS/TS/JSX/TSX.
Test coverage for preview smoke scoping .github/scripts/preview-smoke-scope.test.mjs	Adds four test cases: workflow-only plumbing returns false/empty matches, app/database/shared package changes trigger smoke and match files sorted, root config/package manager changes trigger smoke and match files sorted, and test-only files under runtime paths are filtered out.
Preview smoke integration in smoke job .github/workflows/smoke-deploy.yml	Adds workflow actions: read and checks: read permissions, extends smoke job timeout to 15 minutes, introduces "Resolve preview smoke scope" step to analyze deployment PR changed files and set should_smoke output, conditionally skips preview deploy smoke, polls sync-preview-managed-data check completion, gates deploy-smoke execution on should_smoke, and tightens preview failure comments to require non-empty non-zero exit codes.
Preview smoke integration in playwright-preview job .github/workflows/smoke-deploy.yml	Extends playwright-preview job timeout to 25 minutes, introduces the same "Resolve preview smoke scope" step, conditionally skips Playwright smoke, polls sync-preview-managed-data check when scoping is enabled, and gates all downstream Corepack/setup/install/build/Playwright execution and Sentry preview audit/comment/artifact/failure steps on steps.preview_scope.outputs.should_smoke != 'false'.

Visual Review Page Availability Hardening

Layer / File(s)	Summary
Non-fatal wait with available output .github/workflows/ci.yml	Changes "Wait for visual review page" to initialize available=false, reduce retry count and interval, set available=true on HTTP 200 with non-empty content, and emit a warning instead of hard-failing when timeout occurs. Downstream "Create Visual review deployment" and "Update PR review packet with visual review" steps now condition on steps.wait_visual_review_pages.outputs.available == 'true'.

Vercel Production Deploy Hardening

Layer / File(s)	Summary
Vercel API preflight and project.json generation .github/workflows/ci.yml	"Verify Vercel configuration" step asserts VERCEL_TOKEN, VERCEL_ORG_ID, and VERCEL_PROJECT_ID are present, calls the Vercel Projects API via curl, branches on HTTP 401/403/404/other with specific failure messages, and runs an inline Node script to parse the response and write .vercel/project.json with orgId and projectId; warns if rootDirectory is not packages/web.
--scope flag added to Vercel CLI commands .github/workflows/ci.yml	Appends --scope "$VERCEL_ORG_ID" to vercel pull, vercel build --prod, and vercel deploy --prebuilt --prod to bind all CLI operations to the correct organization scope.

Sequence Diagram(s)

sequenceDiagram
  participant Deployment as Deployment Event
  participant PreviewScope as preview-scope Analyzer
  participant DataSync as sync-preview-managed-data Check
  participant SmokeTests as Deploy Smoke Tests
  participant PlaywrightTests as Playwright Tests

  Deployment->>PreviewScope: Inspect changed files for PR
  PreviewScope-->>Deployment: should_smoke = true/false
  
  alt should_smoke is false
    Deployment->>Deployment: Skip smoke & Playwright
  else should_smoke is true
    Deployment->>DataSync: Poll check until completion
    DataSync-->>Deployment: Check done
    Deployment->>SmokeTests: Run with gates enabled
    Deployment->>PlaywrightTests: Run with gates enabled
  end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Poem

🐇 Smoke signals drift through the preview files,
A scope-aware bunny runs tests with smiles!
Visual reviews stay calm when pages are late,
Vercel gets checked at the org-scope gate.
Three workflows now harden — the deploy lane's complete! 🚀

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Fix production Vercel deploy linking' is clearly related to the primary change in the changeset, which addresses production Vercel deployment failures by implementing API preflight validation and explicit project configuration.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feature/fix-production-vercel-deploy

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR hardens the deploy-production GitHub Actions workflow’s Vercel linking behavior by adding an explicit Vercel API preflight and by ensuring CI writes .vercel/project.json before invoking the Vercel CLI, preventing “Project Settings” linking failures from surfacing late and ambiguously.

Changes:

• Add a Vercel project API preflight (token/team/project validation) with actionable error messages.
• Generate .vercel/project.json in CI to force correct project linking.
• Pass --scope "$VERCEL_ORG_ID" explicitly to vercel pull, vercel build, and vercel deploy.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[github-actions]

Preview deploy smoke failed

Target: https://optimitron-b0jfmxqbp-mike-p-sinns-projects.vercel.app/
Run: https://github.com/mikepsinn/optimitron/actions/runs/27799572047

Route	Status	Error marker	Detail
/	200	none	missing h1 "PLEASE TAKE 30 SECONDS TO END WAR AND DISEASE" (found: Do Something | Tell Someone Else | Learn Something | Your Organization)
/tasks	200	none	missing h1 "Earth Optimization Tasks" (found: Do Something | Tell Someone Else | Learn Something | Your Organization)
/employees	200	none	missing h1 "President Management System" (found: Do Something | Tell Someone Else | Learn Something | Your Organization)

The smoke request uses the Vercel automation bypass header and checks HTTP 200, owned error markers, and expected h1 text.

[claude]

Code review

Issue: --scope receives a team ID where it expects a team slug

Found at L1116, L1123, L1144.

VERCEL_ORG_ID holds the team_xxx ID format — the preflight step confirms this by passing it as teamId=$VERCEL_ORG_ID to the Vercel REST API, and the Node script writes it as orgId in .vercel/project.json. The Vercel CLI's --scope flag resolves by slug/username, not by ID; the ID-accepting flag is --team/-T.

These --scope additions are also redundant — the .vercel/project.json written by the new preflight step already tells the CLI which team and project to use via orgId/projectId.

Suggested fix: drop --scope "$VERCEL_ORG_ID" from all three commands (pull, build, deploy) and rely on the newly-written .vercel/project.json for project/team resolution. If an explicit scope override is needed, use --team "$VERCEL_ORG_ID" (which accepts IDs).

[github-actions]

Sentry preview audit failed

The preview smoke test ran, but the Sentry audit could not query issues.

Error: Sentry API returned HTTP 401 for https://sentry.io/api/0/projects/wishonia-org/optimitron-web/issues/?environment=vercel-preview&limit=50&query=is%3Aunresolved&sort=date&statsPeriod=24h: {"detail":"Token expired"}

Check that the GitHub secret used by this job has Sentry org:read, project:read, and event:read scopes.

[github-actions]

PR review packet

Start here

• 🖼️ Visual review link appears here after CI publishes latest.html.
• 🚀 Preview deployment
• ☝️ Cmd/Ctrl-click review links to keep this PR open.
• 🔑 ?login=demo signs in as the demo user; ?logout=1 clears the session.
• 💬 For a visual problem, use the comment button in latest.html or reply here with @claude and the checklist item.

No user-facing page or component changes were inferred from changed files or the visual review manifest.

Changed files considered

• .github/scripts/preview-smoke-scope.mjs
• .github/scripts/preview-smoke-scope.test.mjs
• .github/workflows/ci.yml
• .github/workflows/smoke-deploy.yml

Updated automatically when this PR's preview or visual review reruns.

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/smoke-deploy.yml:
- Around line 160-162: The current code filters out files with status "removed"
when building the filenames array, which prevents smoke tests from running when
a PR deletes runtime-impacting files. Remove the filter that excludes removed
files so that all file statuses (including removed files) are included in the
filenames array. Apply this same change in both locations where the filenames
array is constructed using the filter and map pattern (in the "Resolve preview
smoke scope" steps).
- Around line 188-190: The preview-sync wait timeout is currently set to 10
minutes (timeoutMs = 10 * 60 * 1000) but the sync-preview-managed-data producer
job can run up to 30 minutes, causing false failures during queueing or slow
migrations. Increase the timeoutMs value in both "Wait for preview database
sync" steps (including the one at lines 188-190 and the duplicate at lines
498-500) to align with the 30-minute producer job window to allow sufficient
time for healthy runs to complete.
- Line 126: Replace all `uses:` entries in the workflow that reference version
tags (such as `@v8`, `@v6`) with their corresponding full commit SHAs to prevent
supply-chain drift. For each affected action like `actions/github-script@v8` and
others on the specified lines, replace the tag reference with the complete
commit SHA by looking up the release on the respective action's repository. This
converts references like `uses: actions/github-script@v8` to the format `uses:
actions/github-script@<full-commit-sha>`.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: de647600-0970-481e-a38f-6b99c0c73802

📥 Commits

Reviewing files that changed from the base of the PR and between c407fe5 and 6f8cba6.

📒 Files selected for processing (4)

• .github/scripts/preview-smoke-scope.mjs
• .github/scripts/preview-smoke-scope.test.mjs
• .github/workflows/ci.yml
• .github/workflows/smoke-deploy.yml