automation.soubiran.dev

automation.soubiran.dev · barbapapazes/platform

The platform automation.soubiran.dev is an internal tool that helps me automate various tasks by relying on Cloudflare Workflows.

There is no public access to this platform or frontend interface, as the endpoint is only used to receive calls and trigger workflows.

Development

The platform is based on a Cloudflare Worker that receives HTTP requests from my local CLI tool. Depending on the endpoint called, different Cloudflare Workflows are triggered to perform specific tasks.

For example, I have a workflow that I use to remind myself to publish scheduled tweets.

import type { WorkflowEvent, WorkflowStep } from 'cloudflare:workers'
import { WorkflowEntrypoint } from 'cloudflare:workers'

export default {
  async fetch(request: Request, env: Env): Promise<Response> {
    const body = await request.json<{ scheduleAt?: number, content?: string }>()

    await env.AUTOMATION_WORKFLOW.create({
      params: {
        scheduleAt: body.scheduleAt,
        content: body.content,
      },
    })

    return new Response('Scheduled', { status: 201 })
  },
}

export class Automation extends WorkflowEntrypoint<Env, any> {
  async run(event: WorkflowEvent<any>, step: WorkflowStep) {
    await step.sleepUntil('trigger time', event.payload.scheduleAt)

    await step.do('trigger action', async () => {
      await fetch(this.env.DISCORD_WEBHOOK_URL, {
        method: 'POST',
        headers: {
          'Content-Type': 'application/json',
        },
        body: JSON.stringify({ content: event.payload.content }),
      })
    })
  }
}

Note

The code is simplified for clarity. The actual implementation includes error handling, logging, and other production-ready features.

The worker itself does not authenticate requests, even though it is exposed to the public internet. Instead, I rely on Cloudflare One with a service token to ensure that only my CLI tool can call the endpoints.

This makes the development and maintenance of the platform easier while maintaining a good level of security. Also, this avoids triggering the worker from unauthorized sources, which could lead to unexpected costs.

Deployment

The platform is deployed automatically using Cloudflare Builds. Every push to the main branch triggers a new deployment of the worker and the workflows.

Thanks to Cloudflare’s observability tools, I can monitor workflow executions and worker metrics directly from the Cloudflare dashboard.

Ecosystem